leichter_jerrold@emc.com wrote:

The Locate appliance sits passively on the network and analyzes packets in real time to garner ID info from sources like Active Directory, IM and e-mail traffic, then associates this data with network information.

This is really nothing new -- I've been seeing systems like these, though home brewed, in use for years. The availability of good tools as a foundation (things like Snort, the layer7 iptables patch, and so on) makes building decent layer 8 inference not far from trivial. Calling this "piercing network anonymity in real time" is highly misleading; in reality, it's more like "making it bloody obvious that there's no such thing as network anonymity". The best one can hope for today is a bit of anonymous browsing and IM with Tor, and that only insofar as you can trust a system whose single point of failure -- the directory service -- was, at least until recently, Roger's personal machine sitting in an MIT dorm room. -- Ivan Krstic <krstic@fas.harvard.edu> | GPG: 0x147C722D --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]