Nice graphic :)
Some small details not worth including... site.com under HTTPS really means site-IP to various observers between user and webserver. site-IP may or may not mean site.com in the presence of virtual hosting schemes. At the exit and beyond, knowing a site user is using Tor could be presumed by use of the known exit IP. Relay 2 doesn't know any named user is using Tor. Relay 3 doesn't know any named user is using Tor, when under HTTPS. The GPA's typically reside in the unshown tier-n internet cloud. The nodes reside in the mini red ISP bubbles, linked into the cloud. > GPA - myth vs. reality As to doubts about the current possible state of affairs... Wait a sec! So an academic can borrow their departmental compute cluster and prove GPA is workable. Yet massive TLA's with say $50 billion budgets can't move to spend a few million to patch together a global array of hosts, in their already existing racks, on their already existing taps, over which they know juicy info flows and 'social' network graphs exist? And for which people who like 'doing good for their country/business/people' would die to geek out on the $50-$100k salary, fun and access they might pay to do it. Come on, get real. Other investments surely pay off with more frequency and plaintext. But even as a testbed, and with limited or targeted global visibility, production research seems doable and maybe even profitable. Regardless of whether it could be easily/directly used in civilian matters. Global logistics is already done. For example, every bank, shipping service, airline, manufacturer, etc... has a network node in every one of its locations. A GPA is nothing special in that regard. Maintaining the secrecy of it all might be the hardest problem to scaling up beyond either a specific target, or the occaisional matchup as circuits transit a number of domestic taps/nodes. Whether or not GPA is deployed, everyone knows whitepapars, taps, interest, shell companies and bankroll and vans, and flat out cooperation exist. Setting aside the taps, what if half the 3000 nodes are 'The Man'? At $35/mo a year of them is $630k. What's the budget of your adversary and its friends again? 'non-exit relay by default' might be a good way to drive their odds down and costs up on that a bit. I don't know. Taps or nodes, if such an adversary might have an interest in you, I wouldn't wait for the canary before donning your mask. > At PETS in 2009[0], Paul did a talk on 'why I'm not an entropist' > and suggested that people need to start working on defeating a > mythical global passive adversary. > Yes, I meant stop. When skynet achieves consciousness, the analysis > of traffic on the Internet will be the least of our problems. There may not be anything to do about it, now or then. But without at least some part of the greater community always thinking about solutions, there never will be. One solution may involve somehow furthering the cause of distributed private mesh networks. GPA is possible because of collusion with large single entity backbones and or knowing where to tap profitably and or secretly. Moving the global model from hierarchical space, to distributed mesh space would make that harder. When facebook parks its cluster on Joe's well connected 'better than commercial ISP' wifi, the cause has succeeded :) (Note that a mesh need not be wifi, neighbors to neighbors with cable scraps works as well.) Not happening anytime soon though, not before the whole 'thou shalt not run vs. freedom of speech vs. wiretap vs. data retention' thing settles. > It is true that Tor is weak against a global passive adversary, > but there's no reason, from my point of view, to include that in > material geared towards non-PET researchers. As Tor is being used by those who are either friends or enemies with their GPA of choice, having it on the chart seems ok food for thought. > I'm a mere four years behind in putting my work up on the web, > I'll try to do something about that in my copious free time this > week and send a link. > [0] http://petsymposium.org/2009/program.php Someone will read it. Being behind happens, no worries :) _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
