On 5/28/15, grarpamp <grarpamp@gmail.com> wrote:
On Wed, May 27, 2015 at 11:08 PM, Phillip Hallam-Baker <phill@hallambaker.com> wrote:
Tor certainly works for some of its intended uses. If you are in a repressive state and want to get access to CNN or the like, Tor is your friend. It isn't going to prevent a police state noticing that you might be up to some sort of unapproved activity but they won't be able to tell the difference between a dissident and someone surfing for porn etc. So it is useful and reduces risk in countries like Iran or Russia. But using it in North Korea would mean risking a death sentence.
Where I don't see Tor being remotely safe is trying to operate an online Drug bazar as a hidden service. I mean seriously guys, cryptography isn't magic and traffic analysis is a very effective tool.
Do you mean like analysing the trafficking of drugs in their physical form. Traditional law enforcement seems to do this type of traffic analysis reasonably well on occasion. :)
For whatever part of your threat models above includes global passive adversary watching the input and output points of your network of choice and lining up traffic observations... there is little defense to be taken other than filling your unused capacity with fill traffic. No network to date appears to be developing or using that defense.
I thought that was the main differentiator for I2P (as compared with TOR)??