> At one of the PET workshops {these discussed much of the academic
> background to the technology behind TOR, Mixminion etc} someone
> presented a paper on how long a user would wait for a reply to a web
> request. Up jumps an attendee who says he and some colleagues had
> already done a paper on this, and the answer was 5 seconds. Ooops.
>
> Now for a 5 second maximum response time it is technologically
> infeasable to implement an untrusted onion network which resists attack
> by a global persistent threat like the NSA or GCHQ.The APT just
> temporally correlates data exiting the endpoints.
>
> The network can introduce timing jitter and packet size standardisation
> or variation in order to make this harder, but with cost-limited dummy
> traffic and a maximum 5 seconds response time it can't reliably stop it.
>
> It cain't be done.This is such an old discussion that I am also not up to date on, but I don't see why snail mail and constant bandwidth were not effective counterarguments to user expectations and timing correlation.
