tor stinks, take #376029

Zenaan Harkness zen at freedbms.net
Sun Dec 1 21:35:57 PST 2019 

On Thu, Nov 14, 2019 at 12:06:19PM +1100, Zenaan Harkness wrote:
> On Wed, Nov 13, 2019 at 07:06:26PM -0300, Punk-Stasi 2.0 wrote:
> > https://www.freehaven.net/anonbib/cache/active-pet2010.pdf
> > 
> > "Suppose the adversary runs just two routers. If we take into
> > account the way Tor chooses circuits, the size of the network ],
> > and the number of users observed on Tor in one day , we expect the
> > adversary to compromise 15 users at least once in that day. If the
> > adversary provides the top two routers by bandwidth, the expected
> > number of compromised users increases to 9464.1 Thus, the system
> > provides poor anonymity against a wide variety of realistic
> > opponents, such as governments, ISPs,"
> 
> 
> Thanks heaps for the tl;dr paragraph.  Very succinct.
> 
> Important/ foundation question for any alternative to Tor:
> 
> What alternative network topologies are actually able to protect
> (to any relevant degree) against traffic analysis by governments
> and ISPs?
> 
> Here are some possible network topologies/ connection models, which
> may (or may not) provide any such improvement:
> 
> 
>   - split connections / connection bonding / massive micro routes etc
> 
>     - enter the network, and access network and data/cache resources,
>       through some number of simultaneous routes, rather than only
>       one
> 
> 
>   - peer with one or more meat space "friend" nodes
> 
>     - quid pro quo in concept
> 
>     - access of resources may or may not hop initially through your
>       friend, but when your outgoing resources access speed is capped
>       to your chaff filled F2F link max throughput, then adversarial
>       node may not know whether it is you, or your friend through
>       you, accessing the network resource
> 
>       - if adversary is also able to actively monitor all your
>         friend's node's links, then identifying who is requesting and
>         or sending what, becomes trivial


To clarify this one, I mean by passive and active:

  - Passive monitoring is what every ISP can do - monitor the amount
    of data, packet meta data etc, but not the content of encrypted
    packets.

  - Active monitoring means somehow cracking, or getting access to,
    the actual content of encrypted packets (as well as all the
    passive data).

    I.e., an actively monitored node is a compromised node.
    Compromise of a node may happen in software, and/or in hardware.



>   - access through dark links (private back haul, Eth Over The Fence,
>     Neighbour 2 Neighbour "street" wireless, guerilla HAM mesh,
>     opportunistic mobile phone wireless mesh, etc)
> 
>     - each node in such a guerilla mesh may also have normie net
>       (regular Internet/ ISP/ govnet) access
> 
>     - the local dark link backhaul may provide some relevant "mix"ing
>       against active adversaries
> 
> 
> 
> moar ??
> 
> 
> 
> > that comes directly from supreme scum-master syverson himself. What's really astounding is that at the same time syverson and the rest of tor shitbags advertise tor as a means for people to "protect themselves against traffic analysis".

More information about the cypherpunks mailing list