[tor-commits] [ooni-probe/master] Add ThreatModel page to ooni documentation (#7761)

art at torproject.org art at torproject.org
Wed Apr 30 17:30:23 UTC 2014

commit 10ca73fc0ec0bf77339707775f28abfe851c7989
Author: anadahz <kojgelo at inbox.com>
Date:   Mon Apr 28 14:30:18 2014 +0300

    Add ThreatModel page to ooni documentation (#7761)
    Port the ThreatModel
    documentation to docs.
 docs/source/index.rst |   28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/docs/source/index.rst b/docs/source/index.rst
index 5be19c1..3ad464f 100644
--- a/docs/source/index.rst
+++ b/docs/source/index.rst
@@ -35,6 +35,34 @@ component for running the test.
 blocked from the probes network point of view. As such they usually require to
 have specified an input list for running the test.
+Threat Model
+Our adversary is capable of doing country wide network surveillance and 
+manipulation of network traffic.
+The goals of our adversary are:
+  * Restrict access to certain content, while not degrading overall quality of 
+    the network
+  * Monitor the network in a way that they are able to identify misuse of it in
+    real time
+More specifc to the running of network filtering detection tests:
+1. Detect actors performing censorship detection tests
+2. Fool people running such tests into believing that the network is 
+   unrestricted
+*Note* that while 2) => 1) it is not true that 1) => 2) as the identification of 
+such actors does not necessarily have to happen in real time.
+While our intention is to minimize the risk of users running OONI probe to be 
+identified, this comes with a tradeoff in accuracy. It is therefore necessary in 
+certain tests to trade-off fingerprintability in favour of tests accuracy.
+This is why we divide tests based on what risk the user running it can face, 
+allowing the user to freely choose what threat model they wish to adere to.

More information about the tor-commits mailing list