[tor-talk] "Remation" -- joint GCHQ/NSA meeting on Tor
Andrea Shepard
andrea at torproject.org
Fri Oct 4 23:55:02 UTC 2013
On Fri, Oct 04, 2013 at 05:43:32PM +0200, Griffin Boyce wrote:
> There's been a really interesting document to come out of the Guardian
> todhttp://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-documenay:
> http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
>
> Interestingly:
> - NSA/GCHQ was fingerprinting using Flash
> - They were wondering whether to flood the network with slow
> connections in order to discourage users
> - Cookie leakage
> - Timing attacks
> - Supposed bug in TorButton mid last year
>
> There are some questions in my mind as to the legitimacy of this
> document -- particularly given that a slide is marked 2007, but
> references 2012. (In particular, neither Torservers nor TorButton
> existed in 2007).
>
> Thoughts?
I think "flood the network with slow connections" is a mis-read; they
seemed to be speaking of slow nodes that falsely advertise high bandwidth,
an attack which won't work since we now cap unmeasured bandwidths to
20 kbit/sec IIRC.
Their evident interest in this sort of thing suggests we should examine
the bwauth system more closely to be sure the node can't distinguish a
bwauth measurement from other connections, though - otherwise they could
still manipulate the path selection weights like that.
--
Andrea Shepard
<andrea at torproject.org>
PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536
PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 328 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131004/0c15008a/attachment.sig>
More information about the tor-talk
mailing list