--On Sunday, December 15, 2013 8:57 PM -0800 coderman <coderman@gmail.com> wrote:
On Sun, Dec 15, 2013 at 7:40 PM, Juan Garofalo <juan.g71@gmail.com> wrote:
... What is currently true? Even tor developers admit that traffic analysis is feasible.
of course. it's also expensive, relative to other options. i'm saying NSA spends money carefully.
Are you saying that government, whose nature is to not be subjected to 'market discipline', government that is able to tax(steal) borrow(cheat) and spend trillions, spends money carefully? Your remark seems to go against basic economic theory - and practice.
Are you telling me you know all the nsa does? You know they are not big enough to attack tor as 'global adversary' or whatever the jargon was?
never said either thing. i'm also long on the record advocating for the next generation of low latency anonymous networking that _does_ provide strong defense against traffic analysis. turns out the details are, um.. complicated ;)
Meaning? It's basically impossible to defend against an enemy that controls the physical infrastructure. The problem here is political, not technological. Although this is an aside.
Your reasoning is flawed. Yes, there may use cheaper means if that's all they needed. But that does not imply, at all, that other more sophisticated means are not available to them.
i'm glad that is not, in fact, my reasoning.
of course there are more sophisticated means available to them; that will always be the case. they've got BILLIONS and BILLIONS every year, for their projects.
Exactly. And one of objectives is to spend all the money they get, and more, so that their budget keeps growing. Now we've established that economic constraints don't mean much to them.
the point is not making something "NSA proof",
It isn't? Anyway, here's your original assertion "the NSA does not currently break Tor on demand at the protocol level." How do you know that? You don't? On the other hand, to assume that they do it, or can do it if they want to, is a sensible assumption. you added "said another way, breaking Tor at protocol level is currently too expensive a solution to the same ends provided by much cheaper means." which to me reads as an attempt at an economic proof of sorts, but the economics don't add up. Why wouldn't the US governemnt NOT play the role of 'global passive adversary'? <---- that's a rhetorical question... Also, the assumption that they can get exactly the same results by pwning target computers doesn't seem correct to me. Yes, there may be cases when that is true. But is that always true?
which is an ill defined and open ended venture. the point is increasing the cost of their efforts and narrowing their scope.
the more money they spend getting less and less in return, the better!
Not really. The more money they 'need' the more taxes you pay. So, they get all the resources they want, and you pay. Neat deal huh?