First: this is a fascinating discussion. Thank you. Second:
On Sat, Jun 15, 2013 at 01:56:34AM -0500, Jimmy Hess wrote: > There will be indeed be _plenty_ of ways that a low bit rate channel > can do everything the right adversary needs. > > A few bits for second is plenty of data rate for sending control > commands/rule changes to a router backdoor mechanism, stealing > passwords, or leaking cryptographic keys required to decrypt the VPN > data stream intercepted from elsewhere on the network, leaking > counters, snmp communities, or interface descriptions, or > criteria-selected forwarded data samples, etc.... I was actually thinking much slower: a few bits per *day*. Maybe slower yet. (So what if it takes a month to transmit a single 15-character password?) For people who think in terms of instant gratification, or perhaps, in next-quarter terms, or perhaps, in next-year terms, that might be unacceptabe. But for people who think in terms of next-decade or beyond, it might suffice. And if the goal is not "get the password for router 12345" but "get as many as possible", then a scattered, random, slow approach might yield the best results -- *because* it's scattered, random, and slow. ---rsk