From krstic@fas.harvard.edu Fri Jul 6 02:36:33 2018 From: Ivan Krstic To: cypherpunks-legacy@lists.cpunks.org Subject: Re: Piercing network anonymity in real time Date: Fri, 06 Jul 2018 02:36:33 +0000 Message-ID: <172288963419.3849117.12719931082962385287.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3175031415183051063==" --===============3175031415183051063== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable leichter_jerrold(a)emc.com wrote: > The Locate appliance sits passively on the network and > analyzes packets in real time to garner ID info from sources > like Active Directory, IM and e-mail traffic, then associates > this data with network information. This is really nothing new -- I've been seeing systems like these, though home brewed, in use for years. The availability of good tools as a foundation (things like Snort, the layer7 iptables patch, and so on) makes building decent layer 8 inference not far from trivial. Calling this "piercing network anonymity in real time" is highly misleading; in reality, it's more like "making it bloody obvious that there's no such thing as network anonymity". The best one can hope for today is a bit of anonymous browsing and IM with Tor, and that only insofar as you can trust a system whose single point of failure -- the directory service -- was, at least until recently, Roger's personal machine sitting in an MIT dorm room. -- Ivan Krstic | GPG: 0x147C722D --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which h= ad a name of signature.asc] --===============3175031415183051063==--