Delivery-Date: Tue, 01 Jul 2014 14:41:46 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 2A87D1E0C9F
	for <archiver@seul.org>; Tue,  1 Jul 2014 14:41:44 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 618312B342;
	Tue,  1 Jul 2014 18:41:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D31192ABD1
 for <tor-talk@lists.torproject.org>; Tue,  1 Jul 2014 18:36:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id l1aN8UngJUDt for <tor-talk@lists.torproject.org>;
 Tue,  1 Jul 2014 18:36:13 +0000 (UTC)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil [132.250.118.211])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id B2A9F2AA75
 for <tor-talk@lists.torproject.org>; Tue,  1 Jul 2014 18:36:13 +0000 (UTC)
Received: from buridan.fw5540.net (fw5540.nrl.navy.mil [132.250.196.100])
 by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id s61Ia8qe008508
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
 for <tor-talk@lists.torproject.org>; Tue, 1 Jul 2014 14:36:09 -0400
Date: Tue, 1 Jul 2014 14:36:08 -0400
From: Paul Syverson <paul.syverson@nrl.navy.mil>
To: tor-talk@lists.torproject.org
Message-ID: <20140701183608.GC8758@buridan.fw5540.net>
References: <53b16e92.4bb.dd547700.2a1fac89@t-3.net>
 <20140630181150.579a117b@gate.rlogin.net>
 <DUB121-W340733C713F86F8887940DC8040@phx.gbl>
 <53B234B4.5010705@cyblings.on.ca>
 <DUB121-W87B38C15F614AFC2BF53BC8070@phx.gbl>
 <272befac-46cd-4eb4-b1d8-73aa517f590d@email.android.com>
 <DUB121-W257E25780AF7E06F86145CC8070@phx.gbl>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <DUB121-W257E25780AF7E06F86145CC8070@phx.gbl>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and
 Anonymity
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Tue, Jul 01, 2014 at 06:32:27PM +0100, Mark McCarron wrote:
> Alex,
> 
> You must be living in a fantasy land.  The problem still remains,
> Tor is vulnerable to a global view and that global view exists
> according to Snowden.  Further, it would appear that Tor was
> designed to fit into that global view and provide US intelligence
> with the locations of both users and hidden services, whilst
> pretending to provide anonymity.
> 
> I don't see anyone denying it.  Do you?
> 

As with most of this discussion, many of your statements have been
vague and provocative.  Not sure which of the three, or possibly for
things asserted above are the "it" that you don't see anyone
denying. I'll take yet another stab.

Yes Tor is vulnerable (for some but not all appropriate understandings
of "vulnerable") to global observers (for some but not all appropriate
understandings of "global"). This has been a documented and analyzed
aspect to onion routing since before we designed
Tor. Cf. e.g. "Towards an Analysis of Onion Routing Security" from
2000. As to the extent and nature of global observers that Tor is and
is not vulnerable to cf. e.g. "Users Get Routed: Traffic Correlation
on Tor by Realistic Adversaries" 2013. Nobody's denying it because
everyone has been stating over and over to you the quantified specific
ways in which it is true and ways in which it is not. There's plenty
more work to be done in this space, and I hope others will make
helpful contributions to it.

You have elsewhere in this thread noted that resistance to traffic
confirmation is not rocket science. I would agree that it's not merely
rocket science; it's much harder. (OK that's probably not fair to
rocket science, but there is no indication that it's any easier
despite your repeated unsubstantiated allegations to the contrary.)
People have already alluded to DISSENT, which is a great approach and
accomplishment that makes things stronger in some ways but weaker in
others.  Another attempt to improve resistance to traffic confirmation
including active attackers is described in "Preventing Active Timing
Attacks in Low-Latency Anonymous Communication" 2010.

People have denied over and over your allegations that Tor was somehow
designed to be intentionally vulnerable in some way. They have already
cited various aspects to the openness of the design, the extensive
scientific scrutiny to which it has been subject, etc. as evidence of
this. It's hard to imagine what would satisfy you at this point but
perhaps this will help: I designed Tor with Roger and Nick. At all
times we designed it to be as secure as we could given usability,
performance, and other practicality goals (which are themselves
security goals we considered, as has also been widely documented). At
no point did we intentionally do anything to make the design less
secure than we could think how to do while still making it as usable
and practical as possible. Nor did anyone ask any of us to do so, as
far as I know. My opinion (subject to reasoned _scientific_ debate)
about why the Tor design is more secure for practical attacks than
those designed to be putatively more secure against a widescale
attacker (such as those mentioned above) is sketched in "Why I'm not
an entropist" 2009. That paper could use some updating and expansion,
but the basic points hold up I believe.

> Its been 6 days already.

People have day jobs trying to design, build, and analyze systems to
protect people. I often take way longer than that to respond to
substantive well-reasoned questions, as do many people with jobs
and/or lives. Such people also typically expect response times
proportional to the importance, urgency, and reasonableness of the
questions. To such people I say please do not infer too much to the
fact that I have responded to all this in a mere 6 days.

aloha,
Paul

> 
> Regards,
> 
> Mark McCarron
> 
> > From: fuerschpiu@gmail.com
> > Date: Tue, 1 Jul 2014 18:39:13 +0200
> > To: tor-talk@lists.torproject.org
> > Subject: Re: [tor-talk] Illegal Activity As A Metric of Tor Security and	Anonymity
> > 
> > Please Mccarron, 
> > 
> > The discussion is dead. You killed it yourself by not adding anything meaningful as far as I have seen. You just repeat yourself again and again as if it's a mantra. You got statistics to back up your claims? Good - show them! 
> > You got the script you used to track the onions? Awesome! Show it so we can see for ourselves and use it too! 
> > 
> > As others pointed out already: give us something to work with, else you can just pack up and troll another list as far as I am concerned. 
> > 
> > -- 
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>  		 	   		  
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

