Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-21 Thread Matthew Finkel
On Mon, Jan 20, 2014 at 05:21:26PM +0100, Philipp Winter wrote: > On Mon, Jan 20, 2014 at 08:30:12AM -0500, Ian Goldberg wrote: > > On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > > > obfs3 is supposed to be fairly difficult to detect because entropy > > > estimation is seemingly

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-21 Thread Matthew Finkel
On Wed, Jan 22, 2014 at 02:17:34AM +, Matthew Finkel wrote: > On Mon, Jan 20, 2014 at 05:21:26PM +0100, Philipp Winter wrote: > > On Mon, Jan 20, 2014 at 08:30:12AM -0500, Ian Goldberg wrote: > > > On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > > > > obfs3 is supposed to be f

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-20 Thread Roger Dingledine
On Mon, Jan 20, 2014 at 05:30:27PM +0100, Philipp Winter wrote: > On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > > obfs3 is supposed to be fairly difficult to detect because entropy > > estimation is seemingly more difficult than typically assumed, > > and thus far from what has

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-20 Thread Philipp Winter
On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > obfs3 is supposed to be fairly difficult to detect because entropy > estimation is seemingly more difficult than typically assumed, > and thus far from what has been seen in practice this seems to be true. There's a recent paper whi

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-20 Thread Philipp Winter
On Mon, Jan 20, 2014 at 08:30:12AM -0500, Ian Goldberg wrote: > On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > > obfs3 is supposed to be fairly difficult to detect because entropy > > estimation is seemingly more difficult than typically assumed, > > and thus far from what has be

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-20 Thread Ian Goldberg
On Sat, Jan 18, 2014 at 01:40:43AM +, Matthew Finkel wrote: > obfs3 is supposed to be fairly difficult to detect because entropy > estimation is seemingly more difficult than typically assumed, > and thus far from what has been seen in practice this seems to be true. Wouldn't the way to detect

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-17 Thread Matthew Finkel
On Thu, Jan 16, 2014 at 06:12:47PM +, David Stainton wrote: > In that case would it then look like zero in $(organizational unit of > harvard) using tor and > one in $(organizational unit of harvard) using scramble suit? > > I like the idea of the tor pluggable transport combiner... wherein we

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread David Stainton
Yeah I guess if the PT doesn't draw attention and the bridge IP is not known then one's Tor traffic may be somewhat obscured. What about bananaphone? Do you mean the bananaphone PT? It is trivially detectable... more so than say... a transport like obfs3 who's output looks like pseudo random noise

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Griffin Boyce
Ximin Luo wrote: In my understanding, the anonymity set doesn't apply to use of PTs since this is only at the entry side. The exit side does not know[1] what PT the originator is using, so is unable to use that information to de-anonymise. [1] at least, in theory should not know, perhaps some

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Kevin P Dyer
On Wed, Jan 15, 2014 at 7:16 PM, Jim Rucker wrote: > [snip] > > From my understanding (please correct me if I'm wrong) Tor has a weakness in > that if someone can monitor data going into the relays and going out of the > exit nodes then they can defeat the anonymity of tor by correlating the size

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Ximin Luo
> I imagine the anonymity set would be much smaller for these combined > transports... fewer people using them. In my understanding, the anonymity set doesn't apply to use of PTs since this is only at the entry side. The exit side does not know[1] what PT the originator is using, so is unable to

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread David Stainton
In that case would it then look like zero in $(organizational unit of harvard) using tor and one in $(organizational unit of harvard) using scramble suit? I like the idea of the tor pluggable transport combiner... wherein we could wrap a pseudo-random appearing obfuscation protocol (such as obfs3,

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Malard Joel
Sounds like a challenging problem, good luck. In the case of the Harvard exam, the administration may have used some meta data that may not be under your control, listing out all student taking an exam that day, asking teachers for a shortlist of their class jerks and clowns, checking for rep

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Matthew Finkel
On Wed, Jan 15, 2014 at 09:16:20PM -0600, Jim Rucker wrote: > Are there any projects in Tor being worked in to combat data correlation? > For instance, relays the send/recv constant data rates continuously - > capping data rates and padding partial or non-packets with random data to > maintain the

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-16 Thread Andreas Krey
On Wed, 15 Jan 2014 21:16:20 +, Jim Rucker wrote: > There was a story in the news recently of a Harvard student who used Tor to > send a bomb threat to Harvard in order to cancel classes so he wouldn't > have to take a test. He was apprehended within a day, which puts into > question the anonym

Re: [tor-dev] Projects to combat/defeat data correlation

2014-01-15 Thread Moritz Bartl
On 01/16/2014 04:16 AM, Jim Rucker wrote: > There was a story in the news recently of a Harvard student who used Tor > to send a bomb threat to Harvard in order to cancel classes so he > wouldn't have to take a test. He was apprehended within a day, which > puts into question the anonymity of Tor.

[tor-dev] Projects to combat/defeat data correlation

2014-01-15 Thread Jim Rucker
There was a story in the news recently of a Harvard student who used Tor to send a bomb threat to Harvard in order to cancel classes so he wouldn't have to take a test. He was apprehended within a day, which puts into question the anonymity of Tor. >From my understanding (please correct me if I'm