distributed traffic patterns (for personal traffic)

Mon Nov 8 09:55:16 PST 2010

On Mon, 8 Nov 2010, Alastair O'Neill wrote:

>> If you really wanted to limit your anonymity set, you could run those
>> nodes and set a few of them up as bridge nodes and a few of them up as
>> exits, and cycle through that. An upcoming feature of Tor is matching
>> circuits to destination ports, so you could use your (trusted) exits for
>> cleartext traffic (the few sites when you're forced onto HTTP) and use
>> the wider Tor network for the rest.
>>
>> Maybe I'm not seeing what you're trying to get at, but it seems like
>> this would do everything you need.
>>
>> [demime 1.01d removed an attachment of type application/pgp-signature which
> had a name of signature.asc]
> Some people don't wish to use Tor for a variety of reasons, whether a lack of
> trust, or simply because they don't want anyone to see Tor traffic on their
> connection.
> I see what you're saying, mind you. Perhaps even better would be to combine
> the two, and run Tor from some Asian/off-shore server you own which you tunnel
> into.
> Either or, Tor is better simply because it eliminates the upstream camping,
> which would probably be the main problem; eventually, your proxy servers would
> be enumerated, and then, you'd be vulnerable.
> There's the cost, too. 100 dollars a month, which would need to be reasonably
> anonymously transferred, otherwise someone already has a list of your shells.
> This kind of method would work against someone who has limited resources, but
> then, so does vanilla Tor, or simple proxy chaining.

The threat model is not a current one.  If you are actively breaking the 
law _right now_, then all of this (including Tor, IMO) is out the window - 
you move to the realm of throwaway mobile phones and prepaid visa cards 
and open wifi networks.

No, the threat model I am concerned with is future correlation attacks and 
data mining.  I am concerned with a set of digital footprints that can be 
stored indefinitely and can be used to frame all possible motives.

So yes, Tor would work, but Tor is slow, and even with a large number of 
additional nodes and much more bandwidth, Tor will still have _very_ high 
latency.  If you read back in the Tor mailing list, you can see the devs 
state that while the bandwidth will get better over time, the latency 
issues are here to stay.  This is in contrast to a hop from CONUS over to 
Amsterdam and back to check nfl.com ... that's pretty snappy, I am happy 
to report.

So that's the threat model, and that's why I have declined to use Tor (I'm 
well versed in Tor usage and admin).

Payment is prepaid visa or postal money order, etc.  Most asian ISPs I 
have dealt with don't accept credit cards for service anyway.

As to cost, if $80 or $100 per month is too much, I guess you use Tor. 
I'm of the mind that this is extremely cheap for 3-5 nodes spread across 
the world, especially considering that this barely got you a single colo'd 
server 8 years ago.

Comments ?  Where does this break down, given the modest requirements 
described ?