good troll, intelligence psyops, or the genuine article? you decide
Paul Syverson
syverson at itd.nrl.navy.mil
Thu Sep 17 20:34:31 UTC 2009
On Thu, Sep 17, 2009 at 10:24:35PM +0200, Eugen Leitl wrote:
>
> It's better to think that your adversary is more capable than assuming
> the opposite. This isn't necessarily about Tor, since Tor explicitly
> wasn't designed to deal with that kind of threat model. However, it's
> a good idea to think about how to make the job of our theoretical
> Grobbages as interesting as possible. I'm sure they'll rise up
> to the challenge ;)
>
As I've said for a decade and a half, onion routing guards against
traffic analysis, not traffic confirmation. If your adversary has
already identified suspect endpoints to a communication, then they are
trivially confirmed. There's other subtleties, e.g., website
fingerprinting, latency attacks, etc. but if someone is talking about
a vulnerability to traffic confirmation level attack, then this is
something explicitly acknowledged about Tor since the beginning of the
design (and before).
I must confess that I only glanced through and didn't follow much of
what was said (or not said ;>). But whether it's crap or not, I do
think this thread has mostly strayed pretty offtopic and request that
it be voluntarily dropped before it must be involuntarily dropped.
aloha,
Paul
More information about the tor-talk
mailing list