tor stinks, take #376029
https://www.freehaven.net/anonbib/cache/active-pet2010.pdf "Suppose the adversary runs just two routers. If we take into account the way Tor chooses circuits, the size of the network ], and the number of users observed on Tor in one day , we expect the adversary to compromise 15 users at least once in that day. If the adversary provides the top two routers by bandwidth, the expected number of compromised users increases to 9464.1 Thus, the system provides poor anonymity against a wide variety of realistic opponents, such as governments, ISPs," that comes directly from supreme scum-master syverson himself. What's really astounding is that at the same time syverson and the rest of tor shitbags advertise tor as a means for people to "protect themselves against traffic analysis". "
On Wed, Nov 13, 2019 at 07:06:26PM -0300, Punk-Stasi 2.0 wrote:
https://www.freehaven.net/anonbib/cache/active-pet2010.pdf
"Suppose the adversary runs just two routers. If we take into account the way Tor chooses circuits, the size of the network ], and the number of users observed on Tor in one day , we expect the adversary to compromise 15 users at least once in that day. If the adversary provides the top two routers by bandwidth, the expected number of compromised users increases to 9464.1 Thus, the system provides poor anonymity against a wide variety of realistic opponents, such as governments, ISPs,"
Thanks heaps for the tl;dr paragraph. Very succinct. Important/ foundation question for any alternative to Tor: What alternative network topologies are actually able to protect (to any relevant degree) against traffic analysis by governments and ISPs? Here are some possible network topologies/ connection models, which may (or may not) provide any such improvement: - split connections / connection bonding / massive micro routes etc - enter the network, and access network and data/cache resources, through some number of simultaneous routes, rather than only one - peer with one or more meat space "friend" nodes - quid pro quo in concept - access of resources may or may not hop initially through your friend, but when your outgoing resources access speed is capped to your chaff filled F2F link max throughput, then adversarial node may not know whether it is you, or your friend through you, accessing the network resource - if adversary is also able to actively monitor all your friend's node's links, then identifying who is requesting and or sending what, becomes trivial - access through dark links (private back haul, Eth Over The Fence, Neighbour 2 Neighbour "street" wireless, guerilla HAM mesh, opportunistic mobile phone wireless mesh, etc) - each node in such a guerilla mesh may also have normie net (regular Internet/ ISP/ govnet) access - the local dark link backhaul may provide some relevant "mix"ing against active adversaries moar ??
that comes directly from supreme scum-master syverson himself. What's really astounding is that at the same time syverson and the rest of tor shitbags advertise tor as a means for people to "protect themselves against traffic analysis".
On Thu, 14 Nov 2019 12:06:19 +1100 Zenaan Harkness <zen@freedbms.net> wrote:
On Wed, Nov 13, 2019 at 07:06:26PM -0300, Punk-Stasi 2.0 wrote:
Here are some possible network topologies/ connection models, which may (or may not) provide any such improvement:
- split connections / connection bonding / massive micro routes etc
- enter the network, and access network and data/cache resources, through some number of simultaneous routes, rather than only one
the article I linked and a few others describe some systems that use redundant routes, lookups and the like to avoid attacks by compromised nodes. Not sure yet if any of them actually work or just academic garbage.
On Thu, Nov 14, 2019 at 12:06:19PM +1100, Zenaan Harkness wrote:
On Wed, Nov 13, 2019 at 07:06:26PM -0300, Punk-Stasi 2.0 wrote:
https://www.freehaven.net/anonbib/cache/active-pet2010.pdf
"Suppose the adversary runs just two routers. If we take into account the way Tor chooses circuits, the size of the network ], and the number of users observed on Tor in one day , we expect the adversary to compromise 15 users at least once in that day. If the adversary provides the top two routers by bandwidth, the expected number of compromised users increases to 9464.1 Thus, the system provides poor anonymity against a wide variety of realistic opponents, such as governments, ISPs,"
Thanks heaps for the tl;dr paragraph. Very succinct.
Important/ foundation question for any alternative to Tor:
What alternative network topologies are actually able to protect (to any relevant degree) against traffic analysis by governments and ISPs?
Here are some possible network topologies/ connection models, which may (or may not) provide any such improvement:
- split connections / connection bonding / massive micro routes etc
- enter the network, and access network and data/cache resources, through some number of simultaneous routes, rather than only one
- peer with one or more meat space "friend" nodes
- quid pro quo in concept
- access of resources may or may not hop initially through your friend, but when your outgoing resources access speed is capped to your chaff filled F2F link max throughput, then adversarial node may not know whether it is you, or your friend through you, accessing the network resource
- if adversary is also able to actively monitor all your friend's node's links, then identifying who is requesting and or sending what, becomes trivial
To clarify this one, I mean by passive and active: - Passive monitoring is what every ISP can do - monitor the amount of data, packet meta data etc, but not the content of encrypted packets. - Active monitoring means somehow cracking, or getting access to, the actual content of encrypted packets (as well as all the passive data). I.e., an actively monitored node is a compromised node. Compromise of a node may happen in software, and/or in hardware.
- access through dark links (private back haul, Eth Over The Fence, Neighbour 2 Neighbour "street" wireless, guerilla HAM mesh, opportunistic mobile phone wireless mesh, etc)
- each node in such a guerilla mesh may also have normie net (regular Internet/ ISP/ govnet) access
- the local dark link backhaul may provide some relevant "mix"ing against active adversaries
moar ??
that comes directly from supreme scum-master syverson himself. What's really astounding is that at the same time syverson and the rest of tor shitbags advertise tor as a means for people to "protect themselves against traffic analysis".
participants (2)
-
Punk-Stasi 2.0 -
Zenaan Harkness