Re: [liberationtech] Jacob Appelbaum's Ultrasurf Report
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jacob Appelbaum
There is no competitor to the Tor Project in the field of online anonymity.
On the contrary:
Tor has a serious weakness in that it uses a low-latency connection
between user and server, allowing anonymity to be broken with simple
packet timing correlation. Even the Tor documentation states
... for low-latency systems like Tor, end-to-end traffic
correlation attacks [8, 21, 31] allow an attacker who can observe
both ends of a communication to correlate packet timing and volume,
quickly linking the initiator to her destination.
--- http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf
Long, random latency is part of the price of Internet anonymity. And
there are competitors to Tor (open source), which use long, random
latency. The basic idea is to use store-and-forward communication
such as email and Usenet to allow the long random latency on which
anonymity depends. This can be done by mailing an access request
through a chain of anonymizing remailers to a web-to-mail gateway,
with a return address contrived to cause the fetched information to be
broadcast world-wide on Usenet. The requester watches for it there
and plucks it when it arrives.
Usenet and the remailer network are well-known. There are several
web-to-mail gateways. The easiest these days is url@mixnym.net, and
an easy way to use it is with (open source) anonget, see below.
- --
-- StealthMonger
participants (1)
-
StealthMonger