-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/28/2015 12:46 PM, jim bell wrote:
*From:* Steve Kinney <admin@pilobilus.net>
In terms of real world threats, I think it's safe to say that TOR "Hidden Services" aren't very well hidden from motivated adversaries who can deploy global observation and/or global infiltration attacks: The persistence, fixed physical location and interactive availability a hidden services makes it a fat, dumb, happy sitting target for any major State's military and police intelligence service that takes an interest in identifying the host and its operators IRL.
I have seen references to the idea of giving 'everyone' the option of having their router implement Tor. And I mention this because I'd like to see more about this idea. A modern router presumably has plenty of CPU power/memory capacity to do Tor. And, particularly since we are entering the era of gigabit fiber internet services (for reasonable prices; say $70 per month), there will be an ever-larger number of people who will be in the position to host a relay node. What's needed is to convince router manufacturers that they "must" transition to Tor-by-default routers. Wouldn't we like to see a million high-throughput nodes appear? Jim Bell
To convince router manufacturers that they must transition to TOR-by-default routers is a tall order: That's a big commercial market with a small number of dominant players, inherently aligned with conservative a.k.a. Fascist interests. Global many-to-many communications is correctly perceived as a threat to the political and economic dominance of State and Corporate institutions, formerly assured by central control of mass scale communications for censorship and propaganda purposes. In this context, mass surveillance is an adaptive response that seeks to counter-balance the "liberating" impact of the Internet by enabling early identification and effective manipulation of emergent mass movements and ad hoc leadership cadres. TOR is a weapon; the U.S. State Department funds it to support the destabilizing impact of counter-censorship and counter-surveillance technology on other, more overtly repressive regimes. However, high profile busts of Hidden Service users indicate that TOR is not quite effective enough to defeat U.S. network surveillance assets, at least not where fixed high-value targets are concerned. This is consistent with U.S. policy objectives with regard to the strength of all cryptographic applications. We are told that the TOR Project favors convenience and speed over security, because this is necessary to build a large enough user base to make the system effective. That does not entirely make sense, as favoring security over speed and convenience would make the system effective regardless of the size of its user base. It makes more sense to imagine that the TOR Project would lose its Federal funding and become a target for effective harassment and manipulation by Federal security services, if TOR's security was upgraded to be resistant to U.S. surveillance capabilities. "Everybody knows" that effective resistance to traffic analysis of an encrypted low-latency anonymizing network requires a constant flow of traffic, padded as necessary with dummy packets to maintain a constant through-put when an endpoint is idle. This deprives observers of the ability to match the endpoints of any given session by analyzing the timing and number of packets at entry and exit nodes. But nobody implements effective cover traffic: The reasons given for this deficiency include concerns about bandwidth limitations and processor overhead. 20 years ago these barriers were real, today not so much. I2P users have the option of hosting enough torrents to keep cover traffic unrelated to their other uses of that network going; this is not as effective as padding traffic to maintain a uniform flow, but way better than no cover traffic. TOR actively discourages file sharing, "because" this would cause bandwidth and processor overhead problems. I believe it would be much easier to persuade the TOR Project to implement cover traffic, or to create a next generation TOR network that does, than to persuade router makers to support today's other than best practices TOR network by default. But I'm not sure that this can be done by any project based in a U.S. controlled jurisdiction, as it would be contrary to the National Interest. :o/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV4TlCAAoJEDZ0Gg87KR0LNSUQAOWwmMPKGFmwH6SbS+P5Ko/i IuzkAa7w72NEnClHi5Nra+loIU4Ursr/+olNbRiqWtwQRoJunLokHqQ5o21XhEBZ bfTt+tYZki+S/vnwC7VwmLzUJj33B36h2Yfvk6ju1YpVXsTLmJmvK8hUVgGhBQQt cfFeW5v0OQrGXnXqchH9MAtrq0IwcNN/R4//6bDii0tm+huf8a8ocIPcjVz5rBFK 4V2wP+SZDprcgyZcW0/dkCzQ4vZucsGpF2lYXhlfLs02xz6DZgoeF5CYwVluHmhu osvgcGh5kRLV6u/18Hr68m/uptDflhsZMKVBwnArDGmwa8enxXmF3/7Me1yByMGb oRYnAcKNsXRNhGdOQFsK80aTeKdnqcjXclHrhCkXFKjw3qCXtTLWoUg90pekJf6l hWS5Bb5M74/8aHvsg5LUoOqTzHQ4MufWVWAHNQc1RejwTglBE4mxLR6YfGGeD9aD B3mI6k7Tuo849ViTMWQOM5CEc9+/qDEnB9TbjhLuXI9matb+oOBXcXXhXv478+g6 SWMnGyRzAg8duIFxAfjULbgc2nQOho07lw9olapSj6VqJMjn73DPik13MlFBVWtQ PNUzT3TaeZFLR8YM3qLTga45ZVXR48txALzfR9Zb+SKB+xxgBnYUf9j6jHNTr3Rc ShSE0/tUBuWCjfDQVSmu =VQPV -----END PGP SIGNATURE-----