Torbutton Documentation - Adversary Capabilities. - fork: Normalization of XHR requests
Anon Mus
my.green.lantern at googlemail.com
Tue Jul 13 16:30:27 UTC 2010
Paul Syverson wrote:
> Tor doesn't do any batching or delaying. This is just another way you
> could be identified by timing attacks. Tor provides no resistance to
> timing attacks, and so far there are no countermeasures that have
> been identified as working against a passive, much less active, adversary
> without imposing unacceptably high overhead or limitations.
Since Tor's inception (must be getting ion for 10 years now) it has been
getting faster year after year, this is due to network speed and
bandwidth increases, which have been about a 200 fold (e.g. speeds of
100+Kbps max 2003 to 20+Mbps today).
OK, there have been some increases in web page byte size but it not
more than 10 fold.
That means a real speed increase of at least 10 fold. So perhaps Tor
developers should start putting in some "timing attack" protection. It
seems to me that the time is right. What is holding them back? Are they
afraid of global big brother complaining they cannot identify users at
will? Anonymous should mean anonymous, no?
>!<
> Most have
> these limitations and still don't work.
>
> See the blog post
> http://blog.torproject.org/blog/one-cell-enough
>
>
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list