[tor-talk] Tor and HTTPS graphic

grarpamp grarpamp at gmail.com
Wed Mar 7 04:30:49 UTC 2012


Nice graphic :)


Some small details not worth including...

site.com under HTTPS really means site-IP to various observers
between user and webserver. site-IP may or may not mean site.com
in the presence of virtual hosting schemes.

At the exit and beyond, knowing a site user is using Tor could
be presumed by use of the known exit IP.

Relay 2 doesn't know any named user is using Tor.
Relay 3 doesn't know any named user is using Tor, when under HTTPS.

The GPA's typically reside in the unshown tier-n internet cloud.
The nodes reside in the mini red ISP bubbles, linked into the cloud.


> GPA - myth vs. reality

As to doubts about the current possible state of affairs...

Wait a sec! So an academic can borrow their departmental compute
cluster and prove GPA is workable. Yet massive TLA's with say $50
billion budgets can't move to spend a few million to patch together
a global array of hosts, in their already existing racks, on their
already existing taps, over which they know juicy info flows and
'social' network graphs exist? And for which people who like 'doing
good for their country/business/people' would die to geek out on
the $50-$100k salary, fun and access they might pay to do it. Come
on, get real. Other investments surely pay off with more frequency
and plaintext. But even as a testbed, and with limited or targeted
global visibility, production research seems doable and maybe even
profitable. Regardless of whether it could be easily/directly used
in civilian matters.

Global logistics is already done. For example, every bank, shipping
service, airline, manufacturer, etc... has a network node in every
one of its locations. A GPA is nothing special in that regard.

Maintaining the secrecy of it all might be the hardest problem to
scaling up beyond either a specific target, or the occaisional
matchup as circuits transit a number of domestic taps/nodes.

Whether or not GPA is deployed, everyone knows whitepapars, taps,
interest, shell companies and bankroll and vans, and flat out
cooperation exist.

Setting aside the taps, what if half the 3000 nodes are 'The Man'?
At $35/mo a year of them is $630k. What's the budget of your adversary
and its friends again?

'non-exit relay by default' might be a good way to drive their odds
down and costs up on that a bit. I don't know.

Taps or nodes, if such an adversary might have an interest in you,
I wouldn't wait for the canary before donning your mask.


> At PETS in 2009[0], Paul did a talk on 'why I'm not an entropist'
> and suggested that people need to start working on defeating a
> mythical global passive adversary.

> Yes, I meant stop. When skynet achieves consciousness, the analysis
> of traffic on the Internet will be the least of our problems.

There may not be anything to do about it, now or then. But without
at least some part of the greater community always thinking about
solutions, there never will be.

One solution may involve somehow furthering the cause of distributed
private mesh networks. GPA is possible because of collusion with
large single entity backbones and or knowing where to tap profitably
and or secretly. Moving the global model from hierarchical space,
to distributed mesh space would make that harder. When facebook
parks its cluster on Joe's well connected 'better than commercial
ISP' wifi, the cause has succeeded :) (Note that a mesh need not
be wifi, neighbors to neighbors with cable scraps works as well.)

Not happening anytime soon though, not before the whole 'thou shalt
not run vs. freedom of speech vs. wiretap vs. data retention' thing
settles.


> It is true that Tor is weak against a global passive adversary,
> but there's no reason, from my point of view, to include that in
> material geared towards non-PET researchers.

As Tor is being used by those who are either friends or enemies
with their GPA of choice, having it on the chart seems ok food for
thought.


> I'm a mere four years behind in putting my work up on the web,
> I'll try to do something about that in my copious free time this
> week and send a link.
> [0] http://petsymposium.org/2009/program.php

Someone will read it. Being behind happens, no worries :)


More information about the tor-talk mailing list