>... random padding without (at least) pipelining and
> placards *is* worthless to protect against traffic analysis

No, that is not true, and
http://www.ieee-security.org/TC/SP2012/papers/4681a332.pdf
explains why. Padding makes it difficult but not impossible to distinguish
between two HTTPS destinations. 4,300,000 destinations is right out.

> since any reliable method to do it would be necessarily robust
> against deviation in size....

That's like saying any reliable method to solve satisfiability in
polynomial time would be necessarily robust against variations in the
number of terms per expression. It's not even wrong.

When is the Foundation going to obtain the expertise to protect readers
living under regimes which completely forbid HTTPS access to Wikipedia,
like China? I suppose I better put that bug about steganography for the
surveillance triggers from TOM-Skype in bugzilla. I wish that could have
happened before everyone goes to Hong Kong.
_______________________________________________
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
<mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>

Reply via email to