Delivery-Date: Tue, 26 Jan 2016 18:50:50 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 931B91E070D;
	Tue, 26 Jan 2016 18:50:44 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0989C38CBC;
	Tue, 26 Jan 2016 23:50:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id BC44B36820
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 23:50:35 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id FVLDVSD_lU6S for <tor-talk@lists.torproject.org>;
 Tue, 26 Jan 2016 23:50:35 +0000 (UTC)
Received: from mail-ig0-x22b.google.com (mail-ig0-x22b.google.com
 [IPv6:2607:f8b0:4001:c05::22b])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 9858B3623D
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 23:50:35 +0000 (UTC)
Received: by mail-ig0-x22b.google.com with SMTP id h5so1024449igh.0
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 15:50:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:from:date:message-id:subject:to:cc:content-type;
 bh=vrF7zBAWPVKW+xrEoHguqJ56qMZtKztc9rUyV17tjL8=;
 b=fWBY6oDdFUmAOpOK4wcxQp37AcrDjfWcXAkKl41froegyBaR4tvOUBBGh6DYhweYwI
 puqEVWEmYnFKaIawbOgvckNJQJflznXvZMLP3DN2d4Q338tMBWvXEekaPVPnz/1qrtVM
 Ze5R/tT5T2IOak9dc5yMD5NZWjpNBxYwYanHQRO00gDrtfdayjGWWbX5MhppXL6E5CCn
 pfepZIzO+GNwCnXbOAJFJdLwmuUaFgI1DhngldpHCv3HA0R9BzW50lP4HNP9xHW8J2Go
 r6B0UvnHu4lw2xF+TdYEgyzGCusyoNVtXcPT48L7AETisE2mcLbYk5djZDPy4y3vcoau
 DWqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc
 :content-type;
 bh=vrF7zBAWPVKW+xrEoHguqJ56qMZtKztc9rUyV17tjL8=;
 b=ip0IqqqgfI3w0IwUkkeLuLeEz8aM6UbDl5CS+shR0ja6an1hhg5OxB3zPfYXrBR6iz
 04QhaNp+2z+ryAZiQPpO/akCM0QmV1ouwwKhGu9HRo7QUHTzF05oo5WLxQ31zpT28Sni
 Ce0TbU9b+2Q6FLPtc2el4ZN3cZEYRPpc2aY7Zc80kEOcfElsBckw4J7K+K+9+G6xpDgQ
 vQAiDVNMrso3JHjZbXy7sO/jiIEsx300van4HVzA7jSigKMwx9jo2I+N+rQv8NqE479r
 zqRJ7DxaSiYILeaOVeUHdviSw4HhT+/DSkrw58llF63KgFnDoseY9bMCcaYwpRV/ZaH8
 y6hg==
X-Gm-Message-State: AG10YOTnNf6WBV75XHWSU2bmu7a64c1RJzIBd6fDKbniLC/g0kCywQkM5lPtf5pK7eFz2F3xadvMO5PDxHhZkQ==
X-Received: by 10.50.33.80 with SMTP id p16mr24808369igi.23.1453852233241;
 Tue, 26 Jan 2016 15:50:33 -0800 (PST)
MIME-Version: 1.0
Received: by 10.36.137.197 with HTTP; Tue, 26 Jan 2016 15:49:53 -0800 (PST)
From: grarpamp <grarpamp@gmail.com>
Date: Tue, 26 Jan 2016 18:49:53 -0500
Message-ID: <CAD2Ti282j05aYnsFD5o6eMFCaA1Up4e1L89rJvLAOOTHi8xEzA@mail.gmail.com>
To: cypherpunks@cpunks.org
Cc: tor-talk@lists.torproject.org
Subject: [tor-talk] Network Analysis of Overlay Networks, Capabilities,
 Fill Traffic [was: VPN less safe?]
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Tue, Jan 26, 2016 at 3:09 PM, juan <juan.g71@gmail.com> wrote:
> On Mon, 25 Jan 2016 10:25:20 -0500
> Paul Syverson <paul.syverson@nrl.navy.mil> wrote:
>
>
>> "20,000 In League Under the Sea: Anonymous Communication, Trust,
>> MLATs, and Undersea Cables" available at
>> http://www.degruyter.com/view/j/popets.2015.1.issue-1/popets-2015-0002/popets-2015-0002.xml?format=INT
>
>
>         As far as I can see, most if not all of the paper deals with a
>         way to organize information about 'network topology' but
>         there's no concrete data regarding which
>         systems/relays/cables/people/IXPs/ASs/whatever are
>         'compromised'.
>
>         ...though the section on cables and cooperation between so
>         called nation states seems to suggest that virtually all the
>         world's infrastructure is 'compromised'?

The USA and Soviets have decades experience tapping cables
around the globe in a cold war sense.
The USA/FVEY has top secret blackops and administrative via corp
partnership and various legal and extralegal access to extensive cable,
hardware, and organizational assets around the globe.
It is simply foolish to not assume that the world is highly
compromised by these actors.
Snowden and all the other surveillance and bigdata news and political
rhetoric have been telling you that for over a decade now.
You might be safe if you are in a locale untouchable by these actors,
conduct all your activities in that locale, and have no similar local
adversaries.

>         Also, is there a more concrete analysis of what can be
>         achieved by monitoring traffic on those cables?

Did you just push a bunch of packets over time into your ISP and
have google send replies back? Well, they can see both ends, so
they saw that traffic pattern in and out, and back in and out, so
they know who's talking to who and when.

> Specifically,
>         how easy it is for your government to find users and especially
>         servers in the tor network or similar networks (i2p, freenet
>         etc)

In addition to simple taps, they can also deploy passive or
active nodes in any of these networks at will. And use all
the tools to perturb things in favor of their efforts.

Tor and other networks are good at hiding endpoints (users, servers)
from each other, keeping traffic content encrypted over the wire, letting
you anonymously publish and consume stuff among other users that
isn't really of interest to (against) such adversaries (and thus won't get
you killed or jailed or disappeared (but will still get you databased
for life)),
and getting around some censorship. That's probably about it.

However when it comes to such global (and regionally lucky) passive
adversaries, and adversaries operating the networks themselves, I
seriously doubt anyone can say with a straight face that these
networks protect against network analysis... who is talking to
who and when.

It would be harder for that analysis to succeed against networks
that filled between all the nodes with fill traffic when unused and
not needed for user traffic. (And in the sense of Tor, between clients
and some number of guards). But that's hard to design so that it
is functional. And no one in the overlay network / messaging field
really seems to be trying it. Mindset, OMG bandwidth, probably
buzzkills most research before it gets started.

Here's some recent mostly tor specific threads if anyone's interested,
plus whatever else has come up whenever I've mentioned this.

https://lists.torproject.org/pipermail/tor-dev/2016-January/010257.html
https://lists.torproject.org/pipermail/tor-dev/2016-January/010290.html


>         There's also mention of 'user beliefs' and 'trust'. That
>         strikes me as weird. You seem to be saying that routes
>         can be choosen according to users' beliefs, not according to
>         real world facts? It doesn't matter if system X is hostile,
>         what matters is what the user believes about system X?

Users often have better knowledge of the laws, operations and
general feel in their countries and locales and areas of expertise
than a handful of distant project maintainers largely based
in one geopolitical exposure might have. You can download
science, but you need more than that to win a street fight.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

