On Tue, Mar 01, 2016 at 03:15:44AM -0500, grarpamp wrote:
On 3/1/16, Georgi Guninski <guninski@guninski.com> wrote:
Is jitter/fill traffic full solution?
Again, to what threat model?
The threat model is the entire world -- in real life do you care much what accident will "own" your life? If this is too broad for you, the threat model are state sponsored actors including NSA.
You mean like rooting a bunch of Linux nodes, 6+:1 ratio ...
...
Or compromising the repo or developers or 3rd party libraries...
Or asking your friends AT&T et al to help...
What's the threat?
Combination of many threats -- owning, timing, crypto, etc
This is consistent with the fate of Lulzsec. According to the official story (which I don't believe), the first of them got caught because "he forgot to use tor when on irc..."
Do they and their court docs officially say that? Or just some blogger reading 4chan?
Don't know about courts, here is a reference from thereg: http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/
Police locked onto Hector Xavier Monsegur, an unemployed 28-year-old from New York – allegedly LulzSec hacktivist supremo Sabu – after he apparently made the mistake of logging into an IRC chat server without using the Tor anonymisation service (^1)