[EMAIL PROTECTED] wrote: > The Locate appliance sits passively on the network and > analyzes packets in real time to garner ID info from sources > like Active Directory, IM and e-mail traffic, then associates > this data with network information.
This is really nothing new -- I've been seeing systems like these, though home brewed, in use for years. The availability of good tools as a foundation (things like Snort, the layer7 iptables patch, and so on) makes building decent layer 8 inference not far from trivial. Calling this "piercing network anonymity in real time" is highly misleading; in reality, it's more like "making it bloody obvious that there's no such thing as network anonymity". The best one can hope for today is a bit of anonymous browsing and IM with Tor, and that only insofar as you can trust a system whose single point of failure -- the directory service -- was, at least until recently, Roger's personal machine sitting in an MIT dorm room. -- Ivan Krstic <[EMAIL PROTECTED]> | GPG: 0x147C722D --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]