Delivery-Date: Fri, 04 Jul 2014 16:13:43 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 18C171E0B01
	for <archiver@seul.org>; Fri,  4 Jul 2014 16:13:42 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 074A52F73F;
	Fri,  4 Jul 2014 20:13:35 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A496627EDA
 for <tor-talk@lists.torproject.org>; Fri,  4 Jul 2014 20:05:32 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id w6unkn_vSdb1 for <tor-talk@lists.torproject.org>;
 Fri,  4 Jul 2014 20:05:32 +0000 (UTC)
Received: from mail-ve0-x229.google.com (mail-ve0-x229.google.com
 [IPv6:2607:f8b0:400c:c01::229])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 8023A27A78
 for <tor-talk@lists.torproject.org>; Fri,  4 Jul 2014 20:05:32 +0000 (UTC)
Received: by mail-ve0-f169.google.com with SMTP id pa12so2064749veb.0
 for <tor-talk@lists.torproject.org>; Fri, 04 Jul 2014 13:05:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=LEr1XItdD1YxOrezFxQXSfkV5Mkly4RbVKbPlJ7dB14=;
 b=mMfT/5NGOfJoVBtQi0NhO44k25RmCGNW+F8QFfijnAi9+jC8uSOTIFqCzywMtnBVb9
 i256xijro1lIonmOyYas0ZtVDiVDEiQlo751OiXp6YrvlF+4w1OvM/jDyGj0gaCYhkFM
 qED/aN9js49/7u7NZIXueghOdVAYJVoid2iWGZ7urrIhC4DFHCMrpmRrxn/SwyAvnLQv
 xnN+2kG2Gr70Mfn1JyI6FKtGLisMe/e276AL2FWfUSlyiNBcIg36VBh8O0VqmlcQdnhO
 UoJwMNKu3bKH6IFgRwbKSDjcqRgsF0g9Ywym3LYuErfgaIOPH5rQ7p3hRxNrPmU/42q9
 EB8A==
MIME-Version: 1.0
X-Received: by 10.52.121.52 with SMTP id lh20mr9404160vdb.11.1404504329943;
 Fri, 04 Jul 2014 13:05:29 -0700 (PDT)
Received: by 10.221.65.198 with HTTP; Fri, 4 Jul 2014 13:05:29 -0700 (PDT)
In-Reply-To: <53B69AE6.80102@squimp.com>
References: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@mail.gmail.com>
 <53B69AE6.80102@squimp.com>
Date: Fri, 4 Jul 2014 16:05:29 -0400
Message-ID: <CAD2Ti29CTh=ow9Kpum377iR6bafvR_howCew=oC95n3AuQsJaQ@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: tor-talk@lists.torproject.org
Cc: cypherpunks@cpunks.org
Subject: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Fri, Jul 4, 2014 at 8:15 AM, Nathan Andrew Fain <nathan@squimp.com> wrote:
> "Trawling for Tor Hidden Services: Detection, Measurement,
> Deanonymization"
> Alex Biryukov, Ivan Pustogarov, Ralf-Philipp Weinmann
> http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
>
> the two seem very similar. in the case of the paper linked amazon
> services were utilized. or perhaps someone can explain where the two
> research groups differ?

Yes, clearly an extension, optimization, or new work along the lines
of the above paper.


Perhaps more interesting is this dilemma...

> https://lists.torproject.org/pipermail/tor-talk/2014-July/033693.html
> "They wanted a NDA, so most Tor Project's core contributors don't know
> what's in the air."

So we have at least one core person who knows. Now assuming this
presentation [1] is in fact 'Really Bad News' for, at minimum,
Hidden Services... will the details of it be leaked in order to
'save' HS operators/users before CERTs/GOVs/LEAs/Vigilantes/Spies
and the thought police have time to get at them (or what unexposed
elements still remain of them)?

This is premised upon CERT's typical cozy relationships with LEA's,
naturally leading to sharing with them what are potentially ...

'tested ... in the wild ... dozens of successful real-world
de-anonymization case studies, ranging from attribution of'

... really diskliked things. Particularly cases of human harm
where it is only natural to seek intervention.

Then there are the cases worthy of every possible protection outlined
here...
https://www.torproject.org/about/torusers.html.en

Therein lies the dilemma. What do you do?


[Note that even if the above relationships, or desire to intervene,
do not exist... said spies and their actors are likely to monitor
the full research details, and know who in the public knows as well.
This could lead to shorter time constraints on all sides.]

[1] Which I forgot to link in the OP, thanks Matthew.
https://www.blackhat.com/us-14/briefings.html#you-dont-have-to-be-the-nsa-to-break-tor-deanonymizing-users-on-a-budget
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

