[liberationtech] Jacob Appelbaum's Ultrasurf Report

StealthMonger StealthMonger at nym.mixmin.net
Sun Apr 22 20:02:38 PDT 2012

Hash: SHA1

Jacob Appelbaum <jacob at appelbaum.net> writes:

> There is no competitor to the Tor Project in the field of online
> anonymity.

On the contrary:

Tor has a serious weakness in that it uses a low-latency connection
between user and server, allowing anonymity to be broken with simple
packet timing correlation.  Even the Tor documentation states

   ... for low-latency systems like Tor, end-to-end traffic
   correlation attacks [8, 21, 31] allow an attacker who can observe
   both ends of a communication to correlate packet timing and volume,
   quickly linking the initiator to her destination.

    --- http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf

Long, random latency is part of the price of Internet anonymity.  And
there are competitors to Tor (open source), which use long, random
latency.  The basic idea is to use store-and-forward communication
such as email and Usenet to allow the long random latency on which
anonymity depends.  This can be done by mailing an access request
through a chain of anonymizing remailers to a web-to-mail gateway,
with a return address contrived to cause the fetched information to be
broadcast world-wide on Usenet.  The requester watches for it there
and plucks it when it arrives.

Usenet and the remailer network are well-known.  There are several
web-to-mail gateways.  The easiest these days is url at mixnym.net, and
an easy way to use it is with (open source) anonget, see below.

- -- 

 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html

Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/>


liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:


If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list