[spam][joke] implementing a timing attack
[ridiculous psychological patterns] in order to deanonymise an anonymity network using timing patterns, we will need two things: 1. newly hacked machine learning algorithms 2. use of an effective anonymity network to deanonymise I suppose we should start with #2. 2a. add constant chaff to tor, knowing this was helpful two decades ago and having no idea what is helpful now 2b. register an email address from a clean purposed system, dissociated from our legal identity
to make it even more interesting, maybe we'll plan to get a fake ID in the process !
long story short I want to use a pseudonymous identity, to protect myself from others, and to handle different personalities I have in consistent ways. next step: I guess really i'd just like to use some better email provider than gmail. karl gets off gmail, and designs a timing attack?
no, we want karl to use a private key! ohhhh no I get all confuzzled around these. i'll store the energy in my work to remove radios from phones I guess.
take 2 omigod we need a project we need a project! how about deanonymising a tor user using timing correlation? sounds super easy right? here let's make it support anonymity, (unfortunateky then it will never happen): making these attacks easy to perform will help people defend against them! let's make tools so anybody can deanonymise anybody! then people would apply them to themselves to design good chaff.
here are the resources that were delivered via secret relay to the mission deployment center:
Example:
metrics.torproject.org - checks if the IP address was used as a host to send traffic to Tor.
check.torproject.org ( https://check.torproject.org/cgi-bin/TorBulkExitList.py) github.com/SpiderLabs > - will find a list of all Tor exit nodes in the last 16 hours that could contact the IP;
ipqualityscore.com/user/proxy-detection-api/lookup - Find out if a person is using a proxy, VPN or TOR.
metrics.torporject.org really says this? hum ok and then we have possible exit nodes. sounds like a large set. proxy-detection-api doesn't sound quite like my thing. OK, these aren't amazing resources. I think there are a couple papers out there with more ideas. We may end up reviewing the tor source code and protocols and running some experiments. A _really_ helpful behavior when deanonymising tor users is running a tor node yourself. Generally if you run an exit node you can mitm them directly to do this.
take 3 who are we? why are we doing this? oh we're building part of an AI! how fun! oh I get to perform a simple arithmetic relation! I like trying to do that. some day i'll succeed. we're a big powerful umbrella government, oppressively monitoring our citizens, especially the ones that try to hide. wear your big powerful oppression hats! yes, we're so formal! I am recording everything in the universe and know everything already. But, for fun, I would like to use some packet timings to identify who sent some data. I have all the packets the entered the network of being hidden. And I have the packets of interest that left it. Not only that, I have timestamps of these packets! And the event repeats! _just like building a silicon brain_ we get to correlate data looking for patterns of simultaneity to extract meaning to help us [survive better than everyone else?]
ok let's label some data here and maybe we'll assume the network has constant or no packet overhead regarding latency and size uhhh n_anon anonymous packets n_target packets to correlate each one has a time and a size in the real world, overhead may have a funny relation .......
ok i'm imagining it in my head a's are a column of dots on the left with one color b's are a column of dots on the right with another color there are only a few b's, and lots of a's "some b's are a's" you can look and see that b's that are near a's, are more likely to be them. we can abstract that nearness metric away to provide for overhead statistics later. then all we need is properties among the b's. any additional associated data with each packet.
On Wed, Apr 20, 2022, 4:55 PM Undiscussed Horrific Abuse, One Victim of Many <gmkarl@gmail.com> wrote:
ok i'm imagining it in my head
a's are a column of dots on the left with one color
b's are a column of dots on the right with another color
there are only a few b's, and lots of a's
"some b's are a's"
I seem to think this backward. should be "some a's are b's" .
you can look and see that b's that are near a's, are more likely to be them.
we can abstract that nearness metric away to provide for overhead statistics later.
then all we need is properties among the b's. any additional associated data with each packet.
-- it's fun to build part of an AI but i'd rather do it as analogy to something community people would like rather than something feared as oppressive control technology ... !
participants (3)
-
Karl Semich
-
punk
-
Undiscussed Horrific Abuse, One Victim of Many