Piercing network anonymity in real time
Ivan Krstic
krstic at fas.harvard.edu
Sat May 13 19:34:39 PDT 2006
leichter_jerrold at emc.com wrote:
> The Locate appliance sits passively on the network and
> analyzes packets in real time to garner ID info from sources
> like Active Directory, IM and e-mail traffic, then associates
> this data with network information.
This is really nothing new -- I've been seeing systems like these,
though home brewed, in use for years. The availability of good tools as
a foundation (things like Snort, the layer7 iptables patch, and so on)
makes building decent layer 8 inference not far from trivial. Calling
this "piercing network anonymity in real time" is highly misleading; in
reality, it's more like "making it bloody obvious that there's no such
thing as network anonymity".
The best one can hope for today is a bit of anonymous browsing and IM
with Tor, and that only insofar as you can trust a system whose single
point of failure -- the directory service -- was, at least until
recently, Roger's personal machine sitting in an MIT dorm room.
--
Ivan Krstic <krstic at fas.harvard.edu> | GPG: 0x147C722D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
More information about the cypherpunks-legacy
mailing list