On Thu, Jul 15, 2010 at 12:53:50AM +0100, Anon Mus wrote: > Paul Syverson wrote: >> On Tue, Jul 13, 2010 at 05:30:27PM +0100, Anon Mus wrote: >> >>> Paul Syverson wrote: >>> >> And just as there is no such thing as a secure system---only systems >> secure against a given adversary conducting a given class of attack >> provided that the implementation, deployment and environment satisfy >> certain assumptions, so to there is no such thing as an anonymous >> system. In that sense, the answer is no, "anonymous" should not mean >> anonymous, or rather it depends what _you_ mean by anonymous and a >> whole bunch of other things that must be stated. >> >> > > Well if is your attitude,
This is not attitude; it's an explanation of science. It's how 'secure' is understood by anyone that I know who works on security analysis and design from those who write the textbooks on computer security to those who hack, from those who try to secure major defense command and control systems to those who try to make secure web browsers to protect consumers against phishing. > then why have Tor in the first place? To protect communication. And Tor does that pretty much better than anything else available. (The professional philosopher in me feels obligated to acknowledge that there are adversaries and contexts for which other systems are more secure, but I believe that they are less secure in ways that are significant and lack pathways to change that, unlike Tor.) And lots of us are working as hard as we can to make it better still. > Seems to me you need to pull over and let those who are interested > in making Tor secure against Timing Attacks take the road. That way > Tor will at least be on the road to more being more secure than it > is now. > Tor is on the road to being more secure now. I have tried to point you to the research in the area of timing attacks that is being done. I reiterate that there is no evidence to date that the sorts of things you are proposing actually work. That is not to say we shouldn't keep looking at timing attack resistance as a research question. But it is still very unproven research. I think I have taken this as far as anyone, and it's still a long way from practical. But having worked on it and many other aspects for a long time, there are many things that can be and are being done---also research that will lead to improvements IMO long before timing-attack countermeasures ever produce anything but much larger overhead, much smaller anonymity sets and thus worse anonymity (less entropy if you prefer). Why are you so focused on timing attacks? There's plenty of positive changes to work on where the expected payoff is better. > Why get up in the morning? > To make better Tor (amongst other things). aloha, paul *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/