Delivery-Date: Wed, 27 Jan 2016 13:58:15 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 0A53A1E0AFF;
	Wed, 27 Jan 2016 13:58:14 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 6192C38DDE;
	Wed, 27 Jan 2016 18:58:06 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id EEFCE38D19
 for <tor-talk@lists.torproject.org>; Wed, 27 Jan 2016 18:58:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Fq5dai8wageK for <tor-talk@lists.torproject.org>;
 Wed, 27 Jan 2016 18:58:02 +0000 (UTC)
Received: from mail-qg0-x232.google.com (mail-qg0-x232.google.com
 [IPv6:2607:f8b0:400d:c04::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id C4F2238A68
 for <tor-talk@lists.torproject.org>; Wed, 27 Jan 2016 18:58:02 +0000 (UTC)
Received: by mail-qg0-x232.google.com with SMTP id o11so14764166qge.2
 for <tor-talk@lists.torproject.org>; Wed, 27 Jan 2016 10:58:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:to:subject:in-reply-to:references:mime-version
 :content-type:content-transfer-encoding;
 bh=Co2uPt1Nvy3NYSOmR5Qw91mkhZ9ioEZLTINdPGXHTPo=;
 b=q7LNp8DLuZmdHP3FSPeOTX05l8RnP8BNA2+Sblmg+jjlWS1qIiBWivOgi9mRHkFewD
 X50TADePE9VVsopPuKQSI1gI1znIH/9Yfxpdwt7Gh7HFc42aa+zQAk558zabrwfeZpt1
 hCIxwwWfZLOMMebzKqhNvQWWg3NZGel8/LU+fwueXeOZ/lZf2K7Y1qJWAywh1nvr0nr6
 UPpzMvLeHhPg8xKLpgVGT8tufOwMljNPItEJ80FYdoWFcQ6DMpUz/PC14LOzbAd99Bg3
 JHV7MWVxvYU+b2orbg4tFDf9txa7C18wBQA1V1DDe2Tp6F2vy3oq2wxMG3EBgnKY2bAk
 itdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:to:subject:in-reply-to
 :references:mime-version:content-type:content-transfer-encoding;
 bh=Co2uPt1Nvy3NYSOmR5Qw91mkhZ9ioEZLTINdPGXHTPo=;
 b=KWKfodqjyWgJysBCllK2l/P3HDJ9SY9tE8EA36aKRzlmrn3mzQltu76KWW74UoDaqs
 2vrUjAqb0dQUOv+YJvV/lTjkNIlPELkMw1FGMpEOpihm0DmfeMOelR+a/YHBtTEVNoBH
 LfUB0TWEZ2HLp7/f6jKDRtRtelSiUUbDVU+riTM9Z7xB4FLSREYadVVcUqyGqcUmKDIC
 7vQT6nWGbr9sCYek28axYjRbIv3hDocarxwzQKGlgbi5Ohbdp9kcw/dzRfHJf0kP++6+
 areDHQ0gjX/YyIufv+paCpUC1sH9DX5mrCMt7hv85OpsfAm4rGFlN40FKehRN3AbOh3o
 zeJQ==
X-Gm-Message-State: AG10YOSOkRWYwIG/6t69c7JipCpfwZGTO8igyz8K9RW5OeOY/5J02G5jsXE+lwYSn5zeSA==
X-Received: by 10.140.101.201 with SMTP id u67mr37640036qge.33.1453921080212; 
 Wed, 27 Jan 2016 10:58:00 -0800 (PST)
Received: from localhost ([186.153.237.242])
 by smtp.gmail.com with ESMTPSA id x136sm2223201qka.0.2016.01.27.10.57.58
 for <tor-talk@lists.torproject.org>
 (version=TLSv1/SSLv3 cipher=OTHER);
 Wed, 27 Jan 2016 10:57:59 -0800 (PST)
Message-ID: <56a91337.8e4a370a.e7462.ffffa9d2@mx.google.com>
Date: Wed, 27 Jan 2016 15:56:43 -0300
From: juan <juan.g71@gmail.com>
To: tor-talk@lists.torproject.org
In-Reply-To: <CAD2Ti282j05aYnsFD5o6eMFCaA1Up4e1L89rJvLAOOTHi8xEzA@mail.gmail.com>
References: <CAD2Ti282j05aYnsFD5o6eMFCaA1Up4e1L89rJvLAOOTHi8xEzA@mail.gmail.com>
X-Mailer: Claws Mail 3.7.10 (GTK+ 2.24.10; i486-slitaz-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] Network Analysis of Overlay Networks, Capabilities,
 Fill Traffic [was: VPN less safe?]
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Tue, 26 Jan 2016 18:49:53 -0500
grarpamp <grarpamp@gmail.com> wrote:


>> virtually all the world's infrastructure is 'compromised'?  

> The USA and Soviets have decades experience tapping cables
> around the globe in a cold war sense.

	I think the paper is mostly referring to what governments
	laughably call 'lawful' interception? 


> >         Also, is there a more concrete analysis of what can be
> >         achieved by monitoring traffic on those cables?
> 
> Did you just push a bunch of packets over time into your ISP and
> have google send replies back? Well, they can see both ends, so
> they saw that traffic pattern in and out, and back in and out, so
> they know who's talking to who and when.


	I know... Notice that I'm further asking "how easy it is...to
	find users...servers" 

	But yes, my question was ambiguous. By "what can be achieved"
	 I'm asking  : how effective the traffic analysis
	 techniques are? 


	
> In addition to simple taps, they can also deploy passive or
> active nodes 

	True of course, so 'easy' becomes even easier...


> 
> Tor and other networks are good at hiding endpoints (users, servers)
> from each other,

	Something any ordinary proxy can do most of the time. Even
	ISPs/the 'interweb' by their own nature hide 'ordinary' users
	from each other.


> 
> However when it comes to such global (and regionally lucky) passive
> adversaries, and adversaries operating the networks themselves, I
> seriously doubt anyone can say with a straight face that these
> networks protect against network analysis... who is talking to
> who and when.


	In other words, tor is a failure. Unless of course we correctly
	see it as a tool for the US military.


 
> It would be harder for that analysis to succeed against networks
> that filled between all the nodes with fill traffic 


	Yeah. Even a 10 seconds visit to wikipedia sheds light on
	that...

	https://en.wikipedia.org/wiki/Traffic_analysis#Countermeasures

	" When no actual messages are being sent, the channel can be
	masked by sending dummy traffic" 




> Mindset, OMG bandwidth, probably
> buzzkills most research before it gets started.

	That seems somewhat odd given the tens of thousands of millions
	of stolen money 'allocated' to 'research' every year.

> 
> Here's some recent mostly tor specific threads if anyone's interested,
> plus whatever else has come up whenever I've mentioned this.
> 
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010257.html
> https://lists.torproject.org/pipermail/tor-dev/2016-January/010290.html

	Thanks.




> Users often have better knowledge of the laws, operations and
> general feel in their countries 


	That may be so. In that case we are not talking about
	'beliefs' but about actual knowledge.


> and locales and areas of expertise
> than a handful of distant project maintainers largely based
> in one geopolitical exposure might have. You can download
> science, but you need more than that to win a street fight.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

