[tor-dev] Effect of padding on end to end correlation false positive rate

Juan juan.g71 at gmail.com
Thu Oct 22 12:46:52 PDT 2015 

On Wed, 21 Oct 2015 01:37:54 -0600
Mirimir <mirimir at riseup.net> wrote:

> On 10/21/2015 12:09 AM, Juan wrote:

> Tor is open-source, and collaborative. Arguably, anyone with requisite
> skills and resources can subvert it. But it is true that the Five Eyes
> have the best resources for traffic analysis.


	That's the thing. So maybe 'subvert' wasn't the best choice of
	word here, but the idea is that if you take into account
	anglo-american surveillance, then tor doesn't perform as
	advertised. 

	Using passive analysis they can undermine the tor
	network without actually 'subverting' a single coma in the code.

	(plus, they prolly can make analysis more efficient by
	tampering with traffic, again without touching the code)

 
> > 	And frankly, do you think the US military would shoot
> > 	themselves in the foot by creating something that 'aids'
> > 	'terrorists' and that they can't subvert? There's no reason
> > for them to do that so it's safe to conclude that they didn't do it.
> 
> It's hard to say. Only idiots use tools with backdoors.


	That really depends on the nature of the backdoor. It's
	certainly risky to backdoor something, but it's less risky if
	the people who create the backdoor (say the nsa) are the same
	and only people who have the resources to access it. And the
	'backdoor' may be simply a less-than-ideal system...like tor.




> > 	Freenet is truly p2p (unlike tor), the storage is
> > 	decentralized (unlike tor) and the developers don't get
> > 	millions of dollars from the pentagon (as far as I know). 
> 
> Well, adversaries can use malicious P2P nodes. It's true that Freenet
> is about the same size as Tor (http://www.asksteved.com/stats/ vs
> https://metrics.torproject.org/networksize.html). But with Tor, what's
> relevant is the number of possible circuits. With ~1700 entry guards,
> ~1000 exit relays and ~2300 non-entry/non-exit relays, about four
> billion distinct circuits are possible.

	But faster relays are used more frequently no?

	Anyway, my point was that as far as publishing documents go
	freenet looks like a a better and more serious design than tor. 



> 
> > 	Now, I wouldn't actually recomend freenet because I haven't
> > 	done much homework regarding it, but at least it deserves a 
> > 	mention I think. 
> 
> Yes, it does. But neither it nor I2P provide anonymous access to the
> general Internet.
>

More information about the cypherpunks mailing list