[SGVLUG] PRIVACY???

Dustin laurence at alice.caltech.edu
Mon Sep 26 18:52:09 PDT 2005 

On Mon, 26 Sep 2005, John E. Kreznar wrote:

> "Dennis Birney" <DennisBirney at msn.com> writes:
> 
> > The NSA's patent relies
> > on measuring the latency, meaning
> > the time lag between...
> 
> Obliteration of latency information is exactly why anonymizing
> remailers are preferred over the tor/privoxy approach that Dustin
> mentioned.  The NSA method doesn't do much good if the latency can't
> be measured in the first place.
> 
> Anonymizing remailers deliberately introduce random latency --
> typically between 10 minutes and 3 hours -- between message receipt
> and retransmission, and deliberately randomize the order in which
> messages are sent, and use other techniques as well, all these things
> precisely to thwart the tracing of a message through the remailer
> cloud.

Um, I think that's good advice, but I think you're confusing applications
and problem domains.  Minutes or hours are suitable for a non-interactive
system like email.  Tor is good for interactive TCP things like web
browsing--I'm not sure even those of us who remember owning 1200 baud
modems (I think there's a Commodore 64 modem out in the garage :-) would
accept an extra 10min-3hr latency for web browsing. :-)  Tor is actually
fast enough for web browsing, and I use the combination for all my
ordinary browsing and rarely shut off the proxy.  The delay is noticable,
but tolerable.

By all means, use something designed for email to anonymize your email.  
That has nothing to do with what you use for protocols that can't be
handled that way.  For that matter, smtp is carried over tcp, isn't it?  
Tou could probably be paranoid and send your SMTP packets to the anonymous
remailer through Tor in case you're worried that someone is logging
incoming connections to the remailer.  :-)

More slightly uninformed thoughts about Tor based on a quick scan of the
FAQ:

First--since I'm just fresh out of subversive projects at the moment, I
find Tor most useful for doing things like screwing up automated internet
market research.  Those guys aren't doing lots of analysis on any one
person, they're doing simple things to tens of thousands of people.

Second, I wonder if Tor is vulnerable to that particular attack.  From the
FAQ, I'd guess so, but it might take a "global adversary," or at least
someone correlating data both ends.  Sure, the NSA would be a global
adversary, but I don't think I've made it onto their "interesting people"
list just yet.  It isn't at all clear that a adversary with one or two
servers is going to do much good with timing based attacks--given that Tor
is by default a "three hop" protocol, it might even turn out that everyone
has more or less the same latency distribution.  Tor seems most vulnerable
to attacks at both endpoints, where I suppose latency is irrelevant.

Third--if you're really into spooky sekrit stuff, it isn't the stuff on a
patent I'd be most worried about.  Does anyone really believe that the
technique that the NSA put on a patent application, which is necessarily
public, is the best one they know?  Thought not. :-)

Dustin

More information about the SGVLUG mailing list