On Sat, Aug 14, 2010 at 12:26:57PM +0100, Anon Mus wrote: > It looks like 90% of the funding is from the US, nearly all US government.
If you know any funders outside the US who care about privacy, anonymity, or circumvention, we're all ears. :) > Add to this the number of Tor nodes run from US institutions (many at US > gov funded edu's) and you should be able to see who that "Global > Adversary" is! > > **** US - GOV **** Conspiracy theories aside, this is an important open research question that still needs more research attention: if you can watch a given amount of Internet backbone traffic, how much of the Tor network can you surveil? Here are three papers to get you started if you want to learn more about this issue: http://freehaven.net/anonbib/#feamster:wpes2004 http://freehaven.net/anonbib/#DBLP:conf/ccs/EdmanS09 http://freehaven.net/anonbib/#murdoch-pet2007 Designs like Tor have always accepted that they will be vulnerable to a global passive adversary: https://svn.torproject.org/svn/projects/design-paper/tor-design.html#subsec:threat-model The key point to realize here is that you shouldn't so much think about the locations of the Tor relays, but instead think about which networks the communication between Tor users and the Tor network traverses, and which networks the communication between the Tor network and the destination services (e.g. websites) traverses. The Internet itself has bottlenecks that make our task hard even if we could engineer a good diversity of relay locations. We can certainly imagine that some pieces of the US government have the capability to tap large pieces of the Internet: https://www.eff.org/nsa/faq But what saves us here is that the US government, like all governments, is not one person. It's a lot of different groups, all with different goals and different capabilities. So a) that means some parts of the government actually want to support freedom of speech and/or need for themselves the security properties that Tor provides, and b) there's a huge amount of bureaucracy to slow down coordination between different pieces of the government -- so even if somebody at NSA can beat Tor, that doesn't mean somebody at FBI can call him up and ask for answers. --Roger *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
