[TWN team] Recent changes to the wiki pages

Lunar lunar at torproject.org
Mon Oct 13 19:00:05 UTC 2014 

===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/41 ===
===========================================================================

version 17
Author: harmony
Date:   2014-10-13T18:28:30+00:00

   remove unused sections/expand Tor.SE section a little

--- version 16
+++ version 17
@@ -101,26 +101,19 @@
  [XXX]: https://citizenfourfilm.com/
  [XXX]: https://www.youtube.com/watch?v=XiGwAvd5mvM
 
-Tor help desk roundup
----------------------
-
-Summary of some questions sent to the Tor help desk. 
-
 News from Tor StackExchange
 ---------------------------
 
 "What happens when Tor always chooses the same path?" asks Mark [XXX]
-and wants to know which weaknesses this exposes. User194 answers that
-this would prevent a predecessor attack and makes the system stronger.
+and wants to know which weaknesses this exposes. User194 believes that
+this would prevent a “predecessor attack” and make the system stronger,
+while Lisbeth writes: “This makes your entire traffic highly
+fingerprintable as compared to a standard random path. If your
+connections always used A, B, and C nodes, it is statistically unlikely
+that many other people are consistently using that same path, therefore
+it’s very easy to correlate your traffic to your originating IP.”
 
  [XXX]: https://tor.stackexchange.com/q/3689/88
-
-Easy development tasks to get involved with
--------------------------------------------
-
-Text with cited source [XXX].
-
- [XXX]:
 
 Upcoming events
 ---------------

version 16
Author: harmony
Date:   2014-10-13T18:17:27+00:00

   my head hurts

--- version 15
+++ version 16
@@ -10,26 +10,69 @@
 ========================================================================
 
 Welcome to the forty-first issue in 2014 of Tor Weekly News, the weekly
-newsletter that covers what is happening in the XXX Tor community.
+newsletter that covers what’s happening in the Tor community.
 
-Feature XXX
------------
+Academic research into Tor: three recent studies
+------------------------------------------------
 
-Feature 1 with cited source [XXX]
+Major contributions to the development and security of Tor are often
+made by academic researchers, either in a laboratory setting using
+network simulators like Shadow [XXX], or through measurement and
+analysis of the live network itself (taking care not to harm the
+security or anonymity of clients and services). Different aspects of
+Tor’s networking and security, from path selection to theoretical
+attacks, have been analysed in three recently-published studies.
 
- [XXX]:
+Otto Huhta’s MSc thesis [XXX] investigates the possibility that an
+adversary in control of a non-exit relay could link two or more Tor
+circuits back to the same client based on nothing more than timing
+information. As Otto explained [XXX], “this is mainly the result of the
+fixed 10 minute circuit lifetime and the fact that the transition to
+using a new circuit is quite sharp.” With the help of a machine
+classifier, and the fact that any one client will build its circuits
+through a fixed set of entry guards, the study suggested that such an
+adversary “can focus only on circuits built through these specific nodes
+and quite efficiently determine if two circuits belong to the same
+user.” There is no suggestion that this knowledge alone poses a serious
+deanonymization risk to clients; however, wrote Otto, “our goal was not
+to ultimately break the anonymity of any real user but instead to expose
+a previously unknown threat so that it can be mitigated before anyone
+actually devises an attack around it.”
 
-Monthly status reports for XXX month 2014
------------------------------------------
+Steven Murdoch published a paper [XXX] on the optimization of Tor’s node
+selection probabilities showing, in Steven’s words [XXX], “that what
+Tor used to do (distributing traffic to nodes in proportion to their
+contribution to network capacity) is not the best approach.” Prior to
+publication of the study, “Tor moved to actively measuring the network
+performance and manipulating the consensus weights in response to
+changes. This seems to have ended up with roughly the same outcome. […]
+However, the disadvantage is that it can only react slowly to changes in
+network characteristics.”
 
-The wave of regular monthly reports from Tor project members for the
-month of XXX has begun. XXX released his report first [XXX], followed
-by reports from name 2 [XXX], name 3 [XXX], and name 4 [XXX].
+Sebastian Urbach shared [XXX] a link to “Defending Tor from Network
+Adversaries: A Case Study of Network Path Prediction” [XXX], in which
+the researchers analyze the effect of network features like autonomous
+systems [XXX] and Internet exchanges [XXX] on the security of Tor’s path
+selection, finding that “AS and IX path prediction significantly
+overestimates the threat of vulnerability to such adversaries”, and that
+“the use of active path measurement, rather than AS path models” would be
+preferable “in further study of Tor vulnerability to AS- and IX-level
+adversaries and development of practical defenses.”
 
- [XXX]:
- [XXX]:
- [XXX]:
- [XXX]:
+Each of these studies is up for discussion on the tor-dev mailing
+list [XXX], so feel free to join in there with questions and comments
+for the researchers!
+
+ [XXX]: https://shadow.github.io/
+ [XXX]: http://www0.cs.ucl.ac.uk/staff/G.Danezis/students/Huhta14-UCL-Msc.pdf
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2014-September/007517.html
+ [XXX]: http://www.cl.cam.ac.uk/~sjm217/papers/#pub-el14optimising
+ [XXX]: https://lists.torproject.org/pipermail/tor-dev/2014-October/007601.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-relays/2014-October/005434.html
+ [XXX]: http://arxiv.org/pdf/1410.1823v1.pdf
+ [XXX]: https://en.wikipedia.org/wiki/Autonomous_System_%28Internet%29
+ [XXX]: https://en.wikipedia.org/wiki/Internet_exchange_point
+ [XXX]: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
 
 Miscellaneous news
 ------------------
@@ -105,8 +148,5 @@
 }}}
 
 Possible items:
- * Attack linking Tor circuits https://lists.torproject.org/pipermail/tor-dev/2014-September/thread.html#7489
  * Patches to improve mobile hidden service performance https://lists.torproject.org/pipermail/tor-dev/2014-October/007590.html
- * Trying Trusted Tor Traceroutes results https://lists.torproject.org/pipermail/tor-relays/2014-October/005434.html
  * A closer look at the Great Firewall of China https://blog.torproject.org/blog/closer-look-great-firewall-china
- * Optimising Tor node selection probabilities https://lists.torproject.org/pipermail/tor-dev/2014-October/007601.html



-- 
Your friendly TWN monitoring script

      In case of malfunction, please reach out for lunar at torproject.org
          or for the worst cases, tell weasel at torproject.org to kill me.

More information about the news-team mailing list