[tor-talk] Question for those who say "Tor is pwned"

juan juan.g71 at gmail.com
Wed Jun 22 15:43:37 UTC 2016


On Tue, 21 Jun 2016 00:19:39 -0400
Paul Syverson <paul.syverson at nrl.navy.mil> wrote:

 I
>  "A Peel of Onion".  Here's an excerpt:
> 
> 
>   Mixes are also usually intended
>   to resist an adversary that can observe all traffic everywhere and,
>   in some threat models, to actively change traffic. 

>   Onion routing
>   networks are generally completely broken against an adversary who
>   observes both ends of a communication path. 

>   Thus, onion routing
>   networks are designed to resist a local adversary, one that can only
>   see a subset of the network and the traffic on it.
> 


	So, the bottom line yet again is :

	1) tor and tor-like networks can only (and ideally) protect
	users from 'local' adversaries 

	2) HOWEVER, all the marketing and outright lies surrounding tor
	clearly pretend that tor provides "anonimity" without even
	paying too much attention (if any) to the 'threat model'.

	You might want to take a look at the *home page* of this
	address https://torproject.org



> 
> Right. I actually think calling the traffic and routing security Tor
> primarily provides "anonymity" is a bit misleading and gets people to
> confuse the primary security properties mix networks provide with the
> primary security properties that onion routing networks
> provide. Cf. more about this in my "Why I'm not an Entropist". But I
> accept that this usage is now ingrained and not subject to correcting
> even if the theory supports it.


	And it's highly convenient for you, too!


> 
> [snip]
> > 
> > 
> > 	I didn't say that. What I say is that you know the design is
> > 	limited and flawed and yet you promote it. Saying that there
> > 	isn't  anything better is not a valid excuse.
> 
> D'accord. I'll agree with you that this design is limited and flawed
> in that it is merely the best thing of its type available or that
> anyone, anywhere has thought of.


	Wow. This level of arrogance is - almost - unbelievable.


> And I apologize and make no excuse
> for my inability to come up with something better than the secure
> system designs of the best minds in this area on the planet---minds
> which I readily state totally kick my ass.
> 
> > 
> > 	Furthermore, tor may be 'optimal' given certain assumptions
> > or objectives, but that doesn't mean it is the only solution for
> > 	all kind of users.
> 
> Nobody said it was. 
> Anything for real use always involves many
> compromises.  The best we can do is be as explicit as we can about our
> choices, the reasons for making them, and the consequences we can
> discern. People can then make an informed decision to use our systems
> or not. 


	They won't make any informed decision with all the propaganda
	the tor project manufactures.

	There's something even more weird. Even when you personally
	publish 'academic papers' which show the true colors of your
	system(failure), the audience still believes that tor is great! 

	I have to admit you are masters at manipulating people. Then
	again, the audiance has been thoroughly dumbed down by The
	State Project.


> 
> [snip]
> > 
> > 	
> > 	Have padding, mixing and using fill-traffic all ruled out,
> > why? 
> 
> Too briefly: these add huge overhead to the network, break underlying
> protocols and/or hurt performance (which has been shown time-and-again
> to drive real users of real systems to insecure alternatives, hence
> hurting security overall), and none have been shown to provide strong
> security against an active adversary for low-latency (i.e., practical)
> systems. 


	I won't get into a more detailed discussion because I admitedly
	haven't thought about the problem in more depth, but as far as
	I can tell tor still uses a conceptually simple, and limited 
	design. The idea that such a design is 'optimal' doesn't strike
	me as reasonable.


	Furthermore, you might argue that 20 years ago protection
	against a 'local' adversary was all that was needed. Which
	today is obviously not the case.

	Somehow you are not making that claim...

	


> 
> I think there are some things we maybe could do with mixing and
> synchronization to raise the bar at least a little against a _passive_
> adversary. I have told many researchers my thoughts about this, but so
> far nobody has taken it up that I know of. 


	Go figure. Despite getting hundreds of millions in stolen
	money, I mean, 'research grants', and being the most smartest
	beings in the whole universe, they get nowhere...


> I would like to look into
> it myself, but I already have a many-years backlog of more important
> (more likely to make a real difference IMO) research questions to
> answer.
> 
> Disengaging.
> 
> aloha,
> Paul
> 



More information about the tor-talk mailing list