Delivery-Date: Tue, 26 Jan 2016 15:10:49 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 68DF31E04CA;
	Tue, 26 Jan 2016 15:10:44 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0251038DDB;
	Tue, 26 Jan 2016 20:10:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 22E3D38DDA
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 20:10:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id O4op0zpCh5cd for <tor-talk@lists.torproject.org>;
 Tue, 26 Jan 2016 20:10:33 +0000 (UTC)
Received: from mail-qg0-x22c.google.com (mail-qg0-x22c.google.com
 [IPv6:2607:f8b0:400d:c04::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id EDCE038D13
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 20:10:32 +0000 (UTC)
Received: by mail-qg0-x22c.google.com with SMTP id b35so148349436qge.0
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 12:10:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:to:subject:in-reply-to:references:mime-version
 :content-type:content-transfer-encoding;
 bh=apcndJAHmBvJQmw8C93TnqcWLRqchBRKWX2UkfAzDZc=;
 b=uj0pszEEI/gNwmS9V8smXUdgsgqD1hsuDc0EI/JQUr9Q9w1QljjQM2UqcdXp/QL50v
 aux0Jqz0feiLZvzVaCco5k4nz0i3eLNM3udMH7vgNG/gSzGVO+LiwJvvUtdffIpoCQ0z
 OweBXXLixzZWo70M1Z80TtK4hVLwVlj2kQGItDq2+0xAKhu5nChug5b18Yi760WQKaeX
 EdF47AA6fGW7nYNiyy6NQaGxvPhtHWAhohanqesJaGS4QHddWRnu5OBGXQpOhzDfANTp
 afX3y7p+nyThxaAsCWAdzGOObqRtkakLlV4FhkM07BFHr82z+MTxRzw15xMZQruIoqda
 eT8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:to:subject:in-reply-to
 :references:mime-version:content-type:content-transfer-encoding;
 bh=apcndJAHmBvJQmw8C93TnqcWLRqchBRKWX2UkfAzDZc=;
 b=lK+Y+6kmjt3UuFiY5GgTWbdF9slEpEb7wN/2RQ7Xd4MSrp6cSnXeuJd/jUX8tdiBHb
 QxdxBstUeWeC4b80rOzeX5uHSBF986xpSZk2tpn4ZDqSJyzE96Q43AalsjsXYzpVgqM6
 fTmAzw3afO5jZ+1WWgOPj/skviN0urivnppVNbcIMcMJV0714He4KLofwE2dT5h4n22T
 wSGlK0gpO0nuvkHLhwXdT3TGdIRDYlMWm5S/W0G+q0wf3C4fSKRx8sBw7uKT+ujG8tfG
 hMKXFBsyutoi5hbVErDACwoNEfMXC4ftY86/HQePsvWUeXu9mXKI0txDR083/b1zsWqs
 99UQ==
X-Gm-Message-State: AG10YOSAxD3F/+6gEn9/TfUpxw5W3jBpJA9w6ckVWnQtOadg86YPIUJAJvdvPtuCQ5MAqA==
X-Received: by 10.141.7.9 with SMTP id j9mr32241969qhd.71.1453839030275;
 Tue, 26 Jan 2016 12:10:30 -0800 (PST)
Received: from localhost (host141.190-229-69.telecom.net.ar. [190.229.69.141])
 by smtp.gmail.com with ESMTPSA id
 n35sm1170305qgn.10.2016.01.26.12.10.28
 for <tor-talk@lists.torproject.org>
 (version=TLSv1/SSLv3 cipher=OTHER);
 Tue, 26 Jan 2016 12:10:29 -0800 (PST)
Message-ID: <56a7d2b5.a6238c0a.b1324.5f40@mx.google.com>
Date: Tue, 26 Jan 2016 17:09:19 -0300
From: juan <juan.g71@gmail.com>
To: tor-talk@lists.torproject.org
In-Reply-To: <20160125152520.GW71377@vpn212046.nrl.navy.mil>
References: <n82b3t$g4v$1@ger.gmane.org> <56A53291.8060708@gmail.com>
 <56A53342.1010502@riseup.net>
 <B215E953-7E06-4502-9BD8-1D19B8987B79@riseup.net>
 <n83i6p$3c6$4@ger.gmane.org>
 <7730df330072bf3f626e71525aa5e149@openmailbox.org>
 <20160125152520.GW71377@vpn212046.nrl.navy.mil>
X-Mailer: Claws Mail 3.7.10 (GTK+ 2.24.10; i486-slitaz-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] Using VPN less safe?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Mon, 25 Jan 2016 10:25:20 -0500
Paul Syverson <paul.syverson@nrl.navy.mil> wrote:


> "20,000 In League Under the Sea: Anonymous Communication, Trust,
> MLATs, and Undersea Cables" available at
> http://www.degruyter.com/view/j/popets.2015.1.issue-1/popets-2015-0002/popets-2015-0002.xml?format=INT


	As far as I can see, most if not all of the paper deals with a
	way to organize information about 'network topology' but
	there's no concrete data regarding which
	systems/relays/cables/people/IXPs/ASs/whatever are
	'compromised'.

	...though the section on cables and cooperation between so
	called nation states seems to suggest that virtually all the
	world's infrastructure is 'compromised'?
	
	Also, is there a more concrete analysis of what can be
	achieved by monitoring traffic on those cables? Specifically,
	how easy it is for your government to find users and especially
	servers in the tor network or similar networks (i2p, freenet
	etc)


	There's also mention of 'user beliefs' and 'trust'. That
	strikes me as weird. You seem to be saying that routes
	can be choosen according to users' beliefs, not according to
	real world facts? It doesn't matter if system X is hostile,
	what matters is what the user believes about system X? Am I
	missing something? 

	And what's the engineering definition of trust? And the units
	used to measure it? 
 

> 
> This is ongoing evolving research. This is not ready for deployment
> for everybody's Tor clients to do their own trust-aware route
> selection.  And, one of the observations of this work is that you
> should probably always use the default settings unless you have
> specific other adversaries in mind and understand how diverging from
> the pack will affect you.  What this work will do is help people who
> want to use different route selection choices to understand those
> choices, and it will eventually impact the default and alternative
> route selections built into the Tor software.  
> 
> It also focuses just on route selection.  Tor does other things to
> diversify trust.  For example, Tor's binaries have for the last few
> stable releases reflected reproducible (or determistic) builds, which
> means that people can independently verify that the officially
> distributed binaries are compiled from the officially distributed
> source programs. If they did not match, anyone could test and expose
> that.  See
> https://blog.torproject.org/category/tags/deterministic-builds
> 
> aloha,
> Paul

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

