Three Tor security goals for the network layer
Hi folks, I'm meeting with a group of systems professors this week to discuss security at the network layer -- for example, how can backbone routers help make the internet a safer place. I expect many of the professors will talk about routing security, or scalability, or other "systems"-y things -- maybe even including how we need accountability and tracking in order to stop DDoS attacks. I've written up the pitch for three angles that I think are important and might otherwise be absent from the agenda: (1) securing communications metadata (2) preventing browser (application level) tracking (3) resisting blocking (censorship) I've posted the document at https://freehaven.net/~arma/isat2020.pdf and I'm attaching the files here too for posterity. It's two pages -- one page for explaining the problems, one page for "how can we do better?" Feel free to reuse the text for your purposes, like grant proposals, or explaining Tor to people, or whatever else it's useful for. --Roger
Roger Dingledine:
Hi folks,
I'm meeting with a group of systems professors this week to discuss security at the network layer -- for example, how can backbone routers help make the internet a safer place. I expect many of the professors will talk about routing security, or scalability, or other "systems"-y things -- maybe even including how we need accountability and tracking in order to stop DDoS attacks.
I've written up the pitch for three angles that I think are important and might otherwise be absent from the agenda:
(1) securing communications metadata (2) preventing browser (application level) tracking (3) resisting blocking (censorship)
I've posted the document at https://freehaven.net/~arma/isat2020.pdf and I'm attaching the files here too for posterity.
It's two pages -- one page for explaining the problems, one page for "how can we do better?"
Looks good. When you write: "Tor Browser, a fork of Firefox that isolates activity between Tor circuits and disables a broad set of browser tracking vectors" I cringed a bit when reading "disables" because that sounds like we solve our problems by just disabling features which is not really the case and gives kind of a negative connotation as this automatically implies breakage. While it's true that we indeed do outright disable some of those vectors it's only the last resort and for a lot of them out there we can avoid that. That is we neuter the tracking potential while keeping the functionality in place as good as we can. Might be worth getting that point across if possible. Georg
Hi Roger,
On 5 Feb 2020, at 17:52, Roger Dingledine <arma@torproject.org> wrote:
I'm meeting with a group of systems professors this week to discuss security at the network layer -- for example, how can backbone routers help make the internet a safer place. I expect many of the professors will talk about routing security, or scalability, or other "systems"-y things -- maybe even including how we need accountability and tracking in order to stop DDoS attacks.
I've written up the pitch for three angles that I think are important and might otherwise be absent from the agenda:
(1) securing communications metadata (2) preventing browser (application level) tracking (3) resisting blocking (censorship)
I've posted the document at https://freehaven.net/~arma/isat2020.pdf and I'm attaching the files here too for posterity.
It's two pages -- one page for explaining the problems, one page for "how can we do better?"
Feel free to reuse the text for your purposes, like grant proposals, or explaining Tor to people, or whatever else it's useful for.
Thanks for sending out this write-up, it looks like a good summary.
the reality is that network censorship is becoming commonplace in ‘Western’ countries like England, Australia, and Sweden.
In the early 2010s, the rise of internet censorship in Australia made me get involved in tor development. Back then, I couldn't see a political solution happening any time soon. Unfortunately, the political situation is worse now. But there are some encouraging signs. T
El 2/5/20 a las 8:52 AM, Roger Dingledine escribió:
Hi folks,
I'm meeting with a group of systems professors this week to discuss security at the network layer -- for example, how can backbone routers help make the internet a safer place. I expect many of the professors will talk about routing security, or scalability, or other "systems"-y things -- maybe even including how we need accountability and tracking in order to stop DDoS attacks.
I've written up the pitch for three angles that I think are important and might otherwise be absent from the agenda:
(1) securing communications metadata (2) preventing browser (application level) tracking (3) resisting blocking (censorship)
I've posted the document at https://freehaven.net/~arma/isat2020.pdf and I'm attaching the files here too for posterity.
It's two pages -- one page for explaining the problems, one page for "how can we do better?"
Feel free to reuse the text for your purposes, like grant proposals, or explaining Tor to people, or whatever else it's useful for.
Thanks for sending such a clear good summary!
--Roger
_______________________________________________ tor-project mailing list tor-project@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
participants (4)
-
gaba -
Georg Koppen -
Roger Dingledine -
teor