----- Forwarded message from Watson Ladd <watsonbladd@gmail.com> ----- Date: Mon, 7 Oct 2013 19:13:26 -0700 From: Watson Ladd <watsonbladd@gmail.com> To: tor-talk@lists.torproject.org Subject: [tor-talk] What the NSA cares about getting and defenses Message-ID: <CACsn0cn1mGUWf7WYyNHn1Mnw8sWWqm3r+xX9wMhnd+iPmyA4_g@mail.gmail.com> Reply-To: tor-talk@lists.torproject.org Prompted by the Ars Technica reporting on QUANTUM, I took a look at the slide and read the text, as well as compared to the MULLINIZE document describing NAT breaking. My conclusion is that the NSA obtains significant amounts of information from user activity in between closing browsers, and that current Tor Browser Bundle remains vulnerable to this attack. QUANTUM appears to rely on inserting fake references to third party assets and manipulating cookies in the requests made by the browser in response. I propose that we block third party cookies unless over HTTPS to mitigate this problem, and try to encourage users to use more frequent new identities. MULLINIZE achieves the reliable tracking of individual users behind a NAT through similar tricks. It is clear that the NSA views this information as valuable, even without real-world addresses to tie to it. Linkability across pages is difficult: breaking sessions is a major cost of the obvious no cookies approach to preventing this sort of attack. Sincerely, Watson -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5