Delivery-Date: Sun, 24 May 2015 08:35:31 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 756291E08BC
	for <archiver@seul.org>; Sun, 24 May 2015 08:35:28 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 269E9354DB;
	Sun, 24 May 2015 12:35:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A536835478
 for <tor-talk@lists.torproject.org>; Sun, 24 May 2015 12:35:20 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 62Y93v2i16VF for <tor-talk@lists.torproject.org>;
 Sun, 24 May 2015 12:35:20 +0000 (UTC)
Received: from dd15500.kasserver.com (dd15500.kasserver.com [85.13.136.184])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 6C2E435475
 for <tor-talk@lists.torproject.org>; Sun, 24 May 2015 12:35:20 +0000 (UTC)
Received: from 127.0.0.1 (tor-exit.crashme.org [213.252.140.118])
 by dd15500.kasserver.com (Postfix) with ESMTPSA id A5FE35CE018A
 for <tor-talk@lists.torproject.org>; Sun, 24 May 2015 14:35:14 +0200 (CEST)
Message-ID: <5561C580.8010401@sophiehassfurther.com>
Date: Sun, 24 May 2015 12:35:12 +0000
From: Sophie Hassfurther <sophie@sophiehassfurther.com>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <555F9ACE.4020707@rawbw.com>
 <CAA+0wAH0RPP4Ga0Qj77wMS70PaF7gmtBJLqjCxOZ+DFyqyQOmw@mail.gmail.com>
 <555FDA87.9010401@rawbw.com>
 <CAA+0wAG1s5+1JSAX7GYqethod-4wi5GUbO2XHujUkRMTcD8D=g@mail.gmail.com>
 <CAA+0wAGE86DazByc36EDkdDPh==pGtQ8PNOkNPG0B4rFB-shcg@mail.gmail.com>
In-Reply-To: <CAA+0wAGE86DazByc36EDkdDPh==pGtQ8PNOkNPG0B4rFB-shcg@mail.gmail.com>
Subject: Re: [tor-talk] New Astoria Tor client is said to be better than
 plain Tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Rishab,

Rishab Nithyanand:
> I would like to stress that most of the news articles I've come across ha=
ve
> some incorrect claims. It is sad that none of them got in touch with us
> before publishing their stories. =

I had the same impression. I do not know the author, but I read your
paper and checked it back with the article [1]. It made me think that
the latter is quite inaccurate. Even when journalists are well meaning,
they sometimes tend to over-simplify in an effort to put things in terms
that people will understand.

The most striking part of the article for me was this:

"A full 58 percent of Tor circuits are vulnerable to network-level
attackers, such as the NSA or Britain=92s Government Communications
Headquarters (GCHQ), when they access popular websites, according to new
research from American and Israeli academics. Chinese users are the most
vulnerable of all to these kinds of attacks, with researchers finding
85.7 percent of all Tor circuits from the country to be vulnerable.

Even though Tor is designed to provide complete anonymity to its users,
the NSA=92s position means they can potentially see and measure both
traffic entering the Tor network and the traffic that comes out. When an
intelligence agency can see both, simple statistics help an autonomous
system at their control match the data up in a timing attack and
discover the identity of the sender.

Anonymity over."

The author makes it sound as if all Tor traffic was vulnerable to
attacks by the infamous agencies in two out of three times. And looking
into my magic crystal ball, I know which media will quote that exact
fallacy as a fact and exploit it.

I read your paper, but I am not sure I comprehended it. From how I
understand it, this section of the Dailydot article should read
something like:

A full 58 percent of the *times* Tor creates a circuit, it creates it in
such a way that, *if* a potential adversary, such as the NSA or
Britain=92s Government Communications Headquarters (GCHQ), operates the
relays chosen in an autonomous system, they could deanonymize users who
access popular websites, according to new research from American and
Israeli academics. Chinese users are the most vulnerable of all to these
kinds of attacks, with researchers finding 85.7 percent of all Tor
circuits from the country to be vulnerable.

Then he goes on about what intelligence agencies can do, not taking into
account, that they would have to operate a huge part of Tor to achieve
the 58 or 85.7 percent he quotes earlier. This is critical, as it
becomes more and more difficult to own a large part of this network, due
to its decentralized nature and due to the fact that Tor grows.

Am I mistaken?

This is a very complex matter, but *if* I understood the paper
correctly, I think it is quite a hip research, and interesting
conclusions are drawn.

Cheers
Sophie

[1] https://www.dailydot.com/politics/tor-astoria-timing-attack-client/

--
Mag. Sophie Hassfurther
www.sophiehassfurther.com
PGP fingerprint:
F13B 77D4 3641 1420 0F41 B62D 162F 2CE2 98FD 61AB
-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

