Re: [PracticalSecurity] Anonymity - great technology but hardly used

2005-10-31 Thread Alexander Klimov
On Wed, 26 Oct 2005, JЖrn Schmidt wrote:

 --- Travis H. [EMAIL PROTECTED] wrote:

 [snip]
  Another issue involves the ease of use when switching between a
  [slower] anonymous service and a fast non-anonymous service.  I
  have a tool called metaprox on my website (see URL in sig) that
  allows you to choose what proxies you use on a domain-by-domain
  basis.  Something like this is essential if you want to be
  consistent about accessing certain sites only through an anonymous
  proxy.  Short of that, perhaps a Firefox plug-in that allows you
  to select proxies with a single click would be useful.

 You can already do the latter with SwitchProxy
 (http://www.roundtwo.com/product/switchproxy). Basically, it's a
 Firefox extension that saves you the trouble of going into the
 'preferences' dialogue everytime you want to switch from one proxy
 to another (or go from using a proxy to not using one, that is).

In fact, it is possible to setup it all thru privoxy alone:

#  5. FORWARDING
#  =
#
#  This feature allows routing of HTTP requests through a chain
#  of multiple proxies. It can be used to better protect privacy
#  and confidentiality when accessing specific domains by routing
#  requests to those domains through an anonymous public proxy (see
#  e.g. http://www.multiproxy.org/anon_list.htm) Or to use a caching
#  proxy to speed up browsing. Or chaining to a parent proxy may be
#  necessary because the machine that Privoxy runs on has no direct
#  Internet access.
#
#  Also specified here are SOCKS proxies. Privoxy supports the SOCKS
#  4 and SOCKS 4A protocols.

[...]

#  5.1. forward
#  
#
#  Specifies:
#
#  To which parent HTTP proxy specific requests should be routed.
#
#  Type of value:
#
#  target_pattern http_parent[:port]
#
#  where target_pattern is a URL pattern that specifies to which
#  requests (i.e. URLs) this forward rule shall apply. Use /
#  to denote all URLs.  http_parent[:port] is the DNS name or
#  IP address of the parent HTTP proxy through which the requests
#  should be forwarded, optionally followed by its listening port
#  (default: 8080). Use a single dot (.) to denote no forwarding.

Btw, I guess everybody who installs tor with privoxy has to know about
this since he has to change this section.

The problem is that it is not clear how to protect against `malicious'
sites: if you separate fast and tor-enabled sites by the site's name,
e.g., tor for search.yahoo.com, and no proxy for everything else,
yahoo can trace you thru images served from .yimg.com; OTOH if you
change proxy `with one click' first of all you can easily forget to do
it, but also a site can create a time-bomb -- a javascript (or just
http/html refresh) which waits some time in background (presumably,
until you switch tor off) and makes another request which allows to
find out your real ip.

-- 
Regards,
ASK

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: [PracticalSecurity] Anonymity - great technology but hardly used

2005-10-31 Thread Ben Laurie
Travis H. wrote:
 Part of the problem is using a packet-switched network; if we had
 circuit-based, then thwarting traffic analysis is easy; you just fill
 the link with random garbage when not transmitting packets.  I
 considered doing this with SLIP back before broadband (back when my
 friend was my ISP).  There are two problems with this; one, getting
 enough random data, and two, distinguishing the padding from the real
 data in a computationally efficient manner on the remote side without
 giving away anything to someone analyzing your traffic.  I guess both
 problems could be solved
 by using synchronized PRNGs on both ends to generate the chaff.  The
 two sides getting desynchronzied would be problematic.  Please CC me
 with any ideas you might have on doing something like this, perhaps it
 will become useful again one day.

But this is trivial. Since the traffic is encrypted, you just have a bit
that says this is garbage or this is traffic.

OTOH, this can leave you open to traffic marking attacks. George Danezis
and I wrote a paper on a protocol (Minx) designed to avoid marking
attacks by making all packets meaningful. You can find it here:
http://www.cl.cam.ac.uk/users/gd216/minx.pdf.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/

There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: [PracticalSecurity] Anonymity - great technology but hardly used

2005-10-26 Thread J
--- Travis H. [EMAIL PROTECTED] wrote:

[snip]
 Another issue involves the ease of use when switching between a
 [slower] anonymous service and a fast non-anonymous service.  I have
 a
 tool called metaprox on my website (see URL in sig) that allows you
 to
 choose what proxies you use on a domain-by-domain basis.  Something
 like this is essential if you want to be consistent about accessing
 certain sites only through an anonymous proxy.  Short of that,
 perhaps
 a Firefox plug-in that allows you to select proxies with a single
 click would be useful.

You can already do the latter with SwitchProxy
(http://www.roundtwo.com/product/switchproxy). Basically, it's a
Firefox extension that saves you the trouble of going into the
'preferences' dialogue everytime you want to switch from one proxy to
another (or go from using a proxy to not using one, that is).

It works like a charm with tor and a local proxy. 

It also has a Anonymizer mode, which cycles through a list of proxies
in an attempt to give you some kind of pseudo-anonymity (which I guess
is good enough for many people).

  Jörn





__ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[PracticalSecurity] Anonymity - great technology but hardly used

2005-10-25 Thread R.A. Hettinga

--- begin forwarded text


 Date: Mon, 24 Oct 2005 23:31:34 +0200
 To: [EMAIL PROTECTED]
 From: Hagai Bar-El [EMAIL PROTECTED]
 Subject: [PracticalSecurity] Anonymity - great technology but hardly used
 Sender: [EMAIL PROTECTED]

 Hello,

 I wrote a short essay about anonymity and pseudonymity being
 technologies that are well advanced but seldom used.

 Following are excerpts from the essay that can be found at:
 http://www.hbarel.com/Blog/entry0006.html

 In spite of our having the ability to establish anonymous surfing,
 have untraceable digital cash tokens, and carry out anonymous
 payments, we don't really use these abilities, at large. If you are
 not in the security business you are not even likely to be aware of
 these technical abilities.

 If I may take a shot at guessing the reason for the gap between what
 we know how to do and what we do, I would say it's due to the overall
 lack of interest of the stakeholders. Fact probably is, most people
 don't care that much about anonymity, and most of the ones who do,
 are not security geeks who appreciate the technology and thus trust
 it. So, we use what does not require mass adoption and do not use what does.

 Anonymous browsing is easy, because it does not need an expensive
 infrastructure that requires a viable business model behind it;
 fortunately. A few anonymity supporters run TOR servers on their
 already-existent machines, anonymity-aware users run TOR clients and
 proxy their browsers through them, and the anonymity need is met. The
 onion routing technology that TOR is based on is used; not too often,
 but is used. The problem starts with systems that require a complex
 infrastructure to run, such as anonymous payment systems.

 As much as some of us don't like to admit it, most consumers do not
 care about the credit card company compiling a profile of their money
 spending habits. Furthermore, of the ones who do, most are not
 security engineers and thus have no reason to trust anonymity schemes
 they don't see or feel intuitively (as one feels when paying with
 cash). The anonymous payment systems are left to be used primarily by
 the security-savvy guys who care; they do not form a mass market.

 I believe that for anonymity and pseudonymity technologies to survive
 they have to be applied to applications that require them by design,
 rather than to mass-market applications that can also do (cheaper)
 without. If anonymity mechanisms are deployed just to fulfill the
 wish of particular users then it may fail, because most users don't
 have that wish strong enough to pay for fulfilling it. An example for
 such an application (that requires anonymity by design) could be
 E-Voting, which, unfortunately, suffers from other difficulties. I am
 sure there are others, though.


 Regards,
 Hagai.


 ___
 PracticalSecurity mailing list
 [EMAIL PROTECTED]
 http://hbarel.com/mailman/listinfo/practicalsecurity_hbarel.com

--- end forwarded text


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]