[TWN team] Updates to the wiki pages

Lunar lunar at torproject.org
Mon Sep 2 20:05:02 UTC 2013 

***************************************************************************
CHANGED: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2013/9
***************************************************************************
--- @	Mon, 02 Sep 2013 18:05:01 +0000
+++ @	Mon, 02 Sep 2013 20:05:02 +0000
@@ -23,6 +23,10 @@
 
 Serious network overload
 ------------------------
+
+    <borealis> if it really is a coordinated attack from a bot twice the
+               size of the regular tor network i'm much surprised tor is
+               still usable at all — #tor, 2013-09-02 18:38 UTC
 
 The tremendous influx of new clients that started mid-August [XXX] is
 stretching the current Tor network and software to its limits.
@@ -66,6 +70,90 @@
 tor-handshake.txt
 [XXX] https://trac.torproject.org/projects/tor/ticket/9574#comment:12
 
+Latest findings regarding traffic correlation attacks
+-----------------------------------------------------
+
+Erik de Castro Lopo pointed tor-talk readers [XXX] to a new paper named
+“Users Get Routed: Traffic Correlation on Tor by Realistic
+Adversaries.” [XXX] To be presented at the upcoming CCS 2013 conference [XXX]
+this November in Berlin, Aaron Johnson, Chris Wacek, Rob Jansen, Micah
+Sherr, and Paul Syverson described in a very well written paper their
+experiments on traffic correlation attacks.
+
+Like any low latency anonymity network, Tor is vulnerable to “an
+adversary that can observe a user’s traffic entering and exiting the
+anonymity network.” The paper extensively review previous
+litterature about this issue. But two angles used by the authors are of
+particular interests:
+
+First, they are trying to model a “more realistic adversary who monitors
+a fixed set of ASes or IXPs.” Second, they have tried to use metrics
+that can answer the following questions: “If I use the system in the
+following way, how secure am I?” or “How much can I do the following
+while maintaining security at least to level foo?”
+
+Tor has users in the real world, with real world adversaries. Both
+have resources that are limited to some extents, and it is good to
+give Tor users a better chance to estimate their risks and necessary
+tradeoffs.
+
+This lead the paper to focus on two class of attacks: “malicious relay
+operators or networks that monitor traffic as it enters and exits Tor.”
+
+One finding is that “an adversary who runs one guard relay and one
+exit relay with 83.3 MiB/s and 16.7 MiB/s of bandwidth respectively” has
+“80% chance of deanonymization within 6 months” for a first stream.
+
+They also studied how an adversary controlling one or more ASes, or an
+Internet eXchange Point. 80% of the modeled IRC users can have their
+first stream deanonymized by an adversary controlling two ASes after 43
+days.
+
+The author concludes with the following: “Our results do suggest that
+current users of Tor should carefully consider if it meets their
+security needs. In particular, users facing persistant adversaries who
+might run relays or monitor network traffic should be aware of the
+threat of traffic correlation. While improved defenses are still being
+developed, such users may be able to take defensive measures on their
+own. For example, they can choose to limit which relays their client
+will select using man- ual configuration options (EntryNodes, ExitNodes,
+ExcludeNodes, etc.). While this does break the uniformity of path
+selection among clients, that may be a worthwhile risk tradeoff for
+these users.”
+
+How these results impact the current Tor network has been quickly
+summarized by Roger Dingledine [XXX]: “Yes, a big enough adversary can
+screw Tor users. But we knew that. I think it's great that the paper
+presents the dual risks of relay adversaries and link adversaries, since
+most of the time when people are freaking out about one of them they're
+forgetting the other one. And we really should raise the guard rotation
+period. If you do their compromise graphs again with guards rotated
+every nine months, they look way different."
+
+The tricky thing about raising guard rotation period [XXX] is simple:
+how do we keep clients properly balanced to match the guard
+capacities? [XXX]
+
+It is also probably another signal for any Tails supporter
+that wish to help implementing guard persistence [XXX]. In any cases,
+the paper is a worth reading and any serious Tor enthusiast
+with keep in mind the very last words from the paper: “Despite our
+pessimistic results, Tor has provided real and valuable privacy to
+thousands of users. We are optimistic that it can continue and improve
+this service.”
+
+(All citations are coming from the aforementioned paper, unless
+specified otherwise.)
+
+[XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/029755.html
+[XXX] http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
+[XXX] http://www.sigsac.org/ccs/CCS2013/
+[XXX] https://lists.torproject.org/pipermail/tor-talk/2013-September/029756.html
+[XXX] https://trac.torproject.org/projects/tor/ticket/8240
+[XXX] https://trac.torproject.org/projects/tor/ticket/9321
+[XXX] https://trac.torproject.org/projects/tor/ticket/9321
+[XXX] https://labs.riseup.net/code/issues/5462
+
 Contents of PirateBrowser 0.6b
 ------------------------------
 
@@ -108,6 +196,19 @@
  [XXX]
  [XXX]
  [XXX]
+
+Sherief Alaa https://lists.torproject.org/pipermail/tor-reports/2013-September/0
+00314.html
+George Kadianakis https://lists.torproject.org/pipermail/tor-reports/2013-Septem
+ber/000315.html
+Lunar https://lists.torproject.org/pipermail/tor-reports/2013-September/000316.h
+tml
+Arturo Filastò https://lists.torproject.org/pipermail/tor-reports/2013-September
+/000317.html
+Colin C. https://lists.torproject.org/pipermail/tor-reports/2013-September/00031
+8.html
+Arlo Breault https://lists.torproject.org/pipermail/tor-reports/2013-September/0
+00319.html
 
 Help Desk Roundup
 -----------------
@@ -179,12 +280,9 @@
        40.html
      * Perl Crescent updated TBB using Mozilla's update mechanism
        [3]https://trac.torproject.org/projects/tor/ticket/4234#comment:19
-     * What's in Pirate Browser?
-       [4]​https://lists.torproject.org/pipermail/tor-talk/2013-August/029
-       703.html
      * Trac got updated, new features like the timeline showing changesets
        in repos (configurable) and the tag cloud.
-       [5]​https://lists.torproject.org/pipermail/tor-dev/2013-August/0053
+       [4]​https://lists.torproject.org/pipermail/tor-dev/2013-August/0053
        28.html
 
 References
@@ -192,5 +290,4 @@
    1. https://lists.torproject.org/pipermail/tor-dev/2013-August/005334.html
    2. https://lists.torproject.org/pipermail/tor-dev/2013-August/005340.html
    3. https://trac.torproject.org/projects/tor/ticket/4234#comment:19
-   4. https://lists.torproject.org/pipermail/tor-talk/2013-August/029703.html
-   5. https://lists.torproject.org/pipermail/tor-dev/2013-August/005328.html
+   4. https://lists.torproject.org/pipermail/tor-dev/2013-August/005328.html

***************************************************************************


-- 
urlwatch 1.11, Copyright 2008-2010 Thomas Perl
Website: http://thpinfo.com/2008/urlwatch/
watched 1 URLs in 0 seconds

More information about the news-team mailing list