Piercing network anonymity in real time

Ivan Krstic krstic at fas.harvard.edu
Sat May 13 19:34:39 PDT 2006


leichter_jerrold at emc.com wrote:
>       The Locate appliance sits passively on the network and
>       analyzes packets in real time to garner ID info from sources
>       like Active Directory, IM and e-mail traffic, then associates
>       this data with network information.

This is really nothing new -- I've been seeing systems like these,
though home brewed, in use for years. The availability of good tools as
a foundation (things like Snort, the layer7 iptables patch, and so on)
makes building decent layer 8 inference not far from trivial. Calling
this "piercing network anonymity in real time" is highly misleading; in
reality, it's more like "making it bloody obvious that there's no such
thing as network anonymity".

The best one can hope for today is a bit of anonymous browsing and IM
with Tor, and that only insofar as you can trust a system whose single
point of failure -- the directory service -- was, at least until
recently, Roger's personal machine sitting in an MIT dorm room.

--
Ivan Krstic <krstic at fas.harvard.edu> | GPG: 0x147C722D

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]





More information about the cypherpunks-legacy mailing list