tor replacement - was Re: Box for simple Tor node.

[Punk - Stasi 2.0]

	here's another article with some interesting info.

	Freedom Systems 2.1 Security Issues and Analysis
	https://www.freehaven.net/anonbib/cache/freedom21-security.pdf

	'freedom' was the name of the network run by 'zero knowdlege systems' - As noted ian goldberg was part of zks and now works for tor. Adam back was also involved. It seems to me that when the company failed some(most?) ppl went from working in the 'private' sector to working for the govt. 

	
	"someone who is watching the network links can see that you are logging into the Freedom Network by watching the packets. They can’t tell what you’re doing, but can see that you are logged in, and by counting packets and seeing how long you’re online, may be able to make certain assumptions. (Counting and timing packets is possible today since traffic shaping and link padding do not offer strong security as implemented."


	"In the current version of the protocol there is no link padding, cover traffic or traffic shaping. It might be argued that one at minimum needs some of these countermeasures to defend against traffic analysis, but our initial analysis suggests that these countermeasures are probably necessary, but certainly not sufficient. This is because even if one does implement a combination of these countermeasures there remain a number of attacks, not significantly harder than attacking a system without these countermeasures.  The main example is the packet round-trip timing related attacks, where the attacker passively observes or actively (and plausibly deniably) induces latency variations to uniquely identify the source of a route. These remaining attacks are expensive in bandwidth utilization to defend against, and the counter measures greatly hinder performance. Consider that to defend against timing attacks, even as a first step one would need to start by padding round-trip times to get cover, reducing all round-trip times to worst case round-trip."