[tor-talk] New Astoria Tor client is said to be better than plain Tor

Sophie Hassfurther sophie at sophiehassfurther.com
Sun May 24 12:35:12 UTC 2015


Hi Rishab,

Rishab Nithyanand:
> I would like to stress that most of the news articles I've come across have
> some incorrect claims. It is sad that none of them got in touch with us
> before publishing their stories. 
I had the same impression. I do not know the author, but I read your
paper and checked it back with the article [1]. It made me think that
the latter is quite inaccurate. Even when journalists are well meaning,
they sometimes tend to over-simplify in an effort to put things in terms
that people will understand.

The most striking part of the article for me was this:

"A full 58 percent of Tor circuits are vulnerable to network-level
attackers, such as the NSA or Britain’s Government Communications
Headquarters (GCHQ), when they access popular websites, according to new
research from American and Israeli academics. Chinese users are the most
vulnerable of all to these kinds of attacks, with researchers finding
85.7 percent of all Tor circuits from the country to be vulnerable.

Even though Tor is designed to provide complete anonymity to its users,
the NSA’s position means they can potentially see and measure both
traffic entering the Tor network and the traffic that comes out. When an
intelligence agency can see both, simple statistics help an autonomous
system at their control match the data up in a timing attack and
discover the identity of the sender.

Anonymity over."

The author makes it sound as if all Tor traffic was vulnerable to
attacks by the infamous agencies in two out of three times. And looking
into my magic crystal ball, I know which media will quote that exact
fallacy as a fact and exploit it.

I read your paper, but I am not sure I comprehended it. From how I
understand it, this section of the Dailydot article should read
something like:

A full 58 percent of the *times* Tor creates a circuit, it creates it in
such a way that, *if* a potential adversary, such as the NSA or
Britain’s Government Communications Headquarters (GCHQ), operates the
relays chosen in an autonomous system, they could deanonymize users who
access popular websites, according to new research from American and
Israeli academics. Chinese users are the most vulnerable of all to these
kinds of attacks, with researchers finding 85.7 percent of all Tor
circuits from the country to be vulnerable.

Then he goes on about what intelligence agencies can do, not taking into
account, that they would have to operate a huge part of Tor to achieve
the 58 or 85.7 percent he quotes earlier. This is critical, as it
becomes more and more difficult to own a large part of this network, due
to its decentralized nature and due to the fact that Tor grows.

Am I mistaken?

This is a very complex matter, but *if* I understood the paper
correctly, I think it is quite a hip research, and interesting
conclusions are drawn.

Cheers
Sophie

[1] https://www.dailydot.com/politics/tor-astoria-timing-attack-client/

--
Mag. Sophie Hassfurther
www.sophiehassfurther.com
PGP fingerprint:
F13B 77D4 3641 1420 0F41 B62D 162F 2CE2 98FD 61AB


More information about the tor-talk mailing list