Re: Anonymity easily thwarted by flooding network with relays?
On 11/18/2010 11:03 PM, Roger Dingledine wrote: attack, which doesn't care how many hops your path has (as long as it's at least two). You can read more about it from the various freehaven.net/anonbib/ links in this blog post about a related topic: https://blog.torproject.org/blog/one-cell-enough --Roger *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ Roger, I'm not sure as a career sys admin that I am qualified to really comment on this. But in order for this attack to work, you have to correlate the input data to the entry node to the output data to the exit node (as you have said). That can be done by measuring timing and size of the data. Getting around this seems to me to be easy. All that has to happen is the addition of garbage data from the client which is then stripped out on the exit node. That way the data going into the network has a false size, always larger than what is actually being transported, this happens in the first layer of the onion. So the data in, never equals the data out and vice versa. At that point *timing* is the only correlating factor. And with the latency of the tor network, that would be very hard to track, with the perceived security going up on busier guard and exit nodes. Also, some slight random latency could be introduced (smallish factor, 1 to 10 ms) for all middle nodes, muddying the waters even more. Like I mentioned before, I'm not really qualified to comment on this. I use tor as an IT tool for security and offsite testing. -- Michael Cozzi co...@cozziconsulting.com *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: How does TOR deal with mac addresses
On 3/26/2010 2:27 PM, Seth David Schoen wrote: In the message you're replying to, the ISP means your ISP, not some other ISP. It's true that your ISP knows your home router's MAC address. Other ISPs don't. As an aside, This is true, assuming the upstream protocol uses ethernet signaling, wasn't there some old point to point protocols where the MAC was ignored? I seem to remember something like that. I know ATM, FDDI, Bluetooth, and PPP/PPPOE use MAC addresses. SLIP, if my old brain is functioning, did not. I think there were others too. But I'm too old and salty to remember them all. Xerox sure got some mileage off of ethernet addressing huh? I'm wondering if they made any money on it. -- Michael Cozzi *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: unsubscribe or-talk
Scott Bennett wrote: On Mon, 10 Aug 2009 17:42:56 -0400 Michael Cozzi co...@cozziconsulting.com wrote: Dan Collins wrote: As was noted the last ten times (by my count) someone did this, and as you were told when you registered, and as you are told in every email sent by this list, and just like any other mailing list using this software, of which there are a great many, your message says this: Subject: unsubscribe or-talk and a few lines later, X-To-Get-Off-This-List: mail majord...@seul.org, body unsubscribe or-talk Apparently, the illiterate still manage to learn how to subscribe to mailing lists (perhaps their kids show them how?), though to what purpose is anyone's guess. One of the things I love about being an IT Professional is, in general, being really smart. One of the things I hate about being an IT Professional is when the really smart look down their nose at someone who apparently can't do something simple. USENET from 1992 is pretty much finished and I would personally be gratified, not that it matters, if you just explained the proper command to the guy instead of proving to me, and everyone else, that indeed you have mastered Majordomo. I, for one, wasn't impressed. There's probably a good amount of user class subscriptions to this list. Try to remember that those folks actually get attention from women, and have what we, the IT People, only dream of: Lives. Yes, I've had a bad day. But please... be nice. Actually, most/all of what he posted was a quotation without citation of me from several weeks ago, IIRC, when yes, I had had a bad day. However, it doesn't matter whether a person is familiar with majordomo, listserv, or other mailing list software. What matters is whether they can read and bother to do so. FWIW, I responded privately to the OP in the current case, quoting and undercareting the header in question and asking him to unsubscribe himself. He then wrote back, asking me how to do it! So I wrote once again, stating that I couldn't believe it, this time placing a large, vertical arrow below the undercareting and pointing upward toward it. That time he finally got it. Sigh. If you can think of any excuse for that, I'd love to read it. Scott, I'll just let my comment stand on it's own merits. Michael
Re: unsubscribe or-talk
Dan Collins wrote: As was noted the last ten times (by my count) someone did this, and as you were told when you registered, and as you are told in every email sent by this list, and just like any other mailing list using this software, of which there are a great many, your message says this: Subject: unsubscribe or-talk and a few lines later, X-To-Get-Off-This-List: mail majord...@seul.org, body unsubscribe or-talk Apparently, the illiterate still manage to learn how to subscribe to mailing lists (perhaps their kids show them how?), though to what purpose is anyone's guess. One of the things I love about being an IT Professional is, in general, being really smart. One of the things I hate about being an IT Professional is when the really smart look down their nose at someone who apparently can't do something simple. USENET from 1992 is pretty much finished and I would personally be gratified, not that it matters, if you just explained the proper command to the guy instead of proving to me, and everyone else, that indeed you have mastered Majordomo. I, for one, wasn't impressed. There's probably a good amount of user class subscriptions to this list. Try to remember that those folks actually get attention from women, and have what we, the IT People, only dream of: Lives. Yes, I've had a bad day. But please... be nice. Michael
Re: Thanks for the inclusion...
Andrew Lewman wrote: On 07/30/2009 06:14 AM, Michael Cozzi wrote: Hello Tor Team. I'm not sure who to thank, but I noticed my suggested text regarding what IT Professionals use Tor for was included whole cloth on the web page. Thanks for the content. I did strip out one bullet point, * The CTO is an asshat: . I wasn't sure that would help convince someone to use Tor. ;) I've been considering writing a guide or white paper on how to use Tor as an IT professional. May I submit it? Michael
Thanks for the inclusion...
Hello Tor Team. I'm not sure who to thank, but I noticed my suggested text regarding what IT Professionals use Tor for was included whole cloth on the web page. Thank you, that gave me geek-warm-fuzzies. Michael
Speed observations...
Hi all, I've been watching the numbers of routers fluctuate between 1500 and 1800 for some time now. I've also noticed a correlation that my Tor surfing is a lot faster when there are 1800 relays as opposed to 1500. Anyone else notice this? Also, as a side question: At what point is a relay marked stable? Michael
