Roger Dingledine:
Hi folks,
I'm meeting with a group of systems professors this week to discuss security at the network layer -- for example, how can backbone routers help make the internet a safer place. I expect many of the professors will talk about routing security, or scalability, or other "systems"-y things -- maybe even including how we need accountability and tracking in order to stop DDoS attacks.
I've written up the pitch for three angles that I think are important and might otherwise be absent from the agenda:
(1) securing communications metadata (2) preventing browser (application level) tracking (3) resisting blocking (censorship)
I've posted the document at https://freehaven.net/~arma/isat2020.pdf and I'm attaching the files here too for posterity.
It's two pages -- one page for explaining the problems, one page for "how can we do better?"
Looks good. When you write:
"Tor Browser, a fork of Firefox that isolates activity between Tor circuits and disables a broad set of browser tracking vectors"
I cringed a bit when reading "disables" because that sounds like we solve our problems by just disabling features which is not really the case and gives kind of a negative connotation as this automatically implies breakage. While it's true that we indeed do outright disable some of those vectors it's only the last resort and for a lot of them out there we can avoid that. That is we neuter the tracking potential while keeping the functionality in place as good as we can.
Might be worth getting that point across if possible.
Georg