On 3/1/16, Georgi Guninski <guninski@guninski.com> wrote:
Is jitter/fill traffic full solution?
Again, to what threat model? I've only mention GPA, fix for which may involve, at possible minimum, all nodes encrypting full fill traffic reclocked with jitter, under some form of negotiated and enforced possibly dynamic traffic contracts with peers. I may also be on crack.
What if they disrupt or slow X times your traffic to Tor?
That's an active attack, not a GPA trolling through packets. Then your peers may de-peer you until things look normal. Or it may take a while for you to get signal through. And if they're already close enough to disrupt you specifically, you've probably got other problems.
This will be observable at the other end.
Not when every node is doing reclocking and de-peering peers that seem to be misbehaving or dishonoring contracts.
Probably easier is to just own me via some application sploit (as suggested in this thread).
Again, that's active, and application level, not GPA.
RE: cost of ownage/minor offenses. Don't exclude the possibility single investment to result in compromise of all of Tor and then deanonimizing will be just a simple query.
You mean like rooting a bunch of Linux nodes, 6+:1 ratio ... 6831 Linux 696 Windows 291 FreeBSD 74 OpenBSD 33 Darwin 8 NetBSD 4 ElectroBSD 4 Bitrig 3 SunOS 2 DragonFly 1 GNU/kFreeBSD 1 CYGWIN_NT-10.0-WOW Or compromising the repo or developers or 3rd party libraries... Or asking your friends AT&T et al to help... What's the threat?
"NSA can deanonimize some Tor users ...
Again, talk about whatever, but people need to specify the threat model if they're going to really discuss solutions. Nor is Tor the only active network currently subject to attack.
This is consistent with the fate of Lulzsec. According to the official story (which I don't believe), the first of them got caught because "he forgot to use tor when on irc..."
Do they and their court docs officially say that? Or just some blogger reading 4chan?