CDR: Re: Disposable remailers
despot
despot at crosswinds.net
Sun Oct 8 18:41:05 PDT 2000
It is interesting to note the two sides of the same coin...mix protocols in theory vs the realities of implementation on these devices.
On Sat, 7 Oct 2000, Sean Roach wrote:
> If the net is sufficiently large, then the remailers can be
considered to
> be registers, each holding one message for a random length of
time, and
> allow reordering just by that alone. Of course, for this to
work, traffic
> analysis has to be defeated in another way. Probably in ZKS's
planned,
but
> last I checked, not implemented, constant activity among nodes.
This scheme is extremely open to attack, especially when you take
into account that many of the nodes will be hostile. Even if the
underlying mix protocol were robust enough to protect the sender
over hostile nodes, traffic analysis, as you mentioned, is a major
weakness (for example, messages could be traced throught the
network).
The idea and papers brought forth in David's post might be of use
here. Instead of passing one message at a time through nodes, a
list of messages could filter through the nodes. But, those damned
memory constraints...
> Of course, the more traffic, the easier it will be for the
intranets where
> these things are set up to locate them, and take them down.
If the devices' communication piggy-backed on common protocols
like http, it would be easier to mask, especially in high traffic
areas. But, the communication would need to permuted in some way
that a generic pattern match would not detect it. Otherwise, IDS
vendors and the like will add rules to detect such traffic.
> The nodes ping each other on a regular basis, if a node fails to
respond
to
> a ping, that node is written off. Perhaps the next general
cover traffic
> includes information that such-n-such node appears to be
compromised. If
a
> node receives NO pings, then it might also write itself off, and
blank
memory.
Who do you trust becomes an issue if nodes pass information
around.
> Or did you mean in addition to disposible remailers, instead of
ways to
> hide, distribute them?
I meant in addition to, but that is an interesting distribution
scheme.
As the world becomes more and more connected and devices get
smaller and more powerful, the opportunity to plant and exploit
rogue, networked modules becomes far greater. A person could have
a great deal of fun with this stuff. The government already does.
-andrew
More information about the Testlist
mailing list