-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > The darknet requires steganographic transports to offer any sort of > > anonymity (since ISPs can easily detect abnormal flows). No such > > steganographic transports exist, either in theory or in practice. > > As such, the darknet is not dark, and won't be until someone comes > > up with some steganographic transport that works on a wide scale and > > can remain open source.
> This is not true at present; most ISPs don't implement egress filtering > let alone traffic flow analysis. It is available but expensive; a report > prepared for the French government which I will try to extract from > nextgens seems to indicate that it's not possible globally, or that it's > prohibitively expensive globally. Egress filtering isn't mandated by the state at the moment. This sort of flow detection doesn't need to work on the global or even regional level - the local ISP has all it needs to detect that a local user is using abnormal traffic flows (at least, unless the majority of that ISP's users are using the same steganographic transport). If substantial tech were necessary, China (etc) would just do the same thing that the US government did - mandate their own version of CALEA to include the required local flow detection hooks. They'd probably pitch it as a boon for business, creating new jobs, blah blah blah. I'd be interested to read the report you reference though (english preferred, but I can probably hack my way through it if its in french) > Personally I think it's more likely that they'd NAT everyone. NATs are the least of our troubles. =jr (and CofE, wherever you are, don't worry, we're focusing on the tech issues here. IMHO Toad et al have been doing a great job, but I do think some strategies may need to be refined. Ask any two soldiers and you'll probably get two different ideas as to how best to defeat the common foe, but at the end of the day, we're on the same side) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDRvK9WYfZ3rPnHH0RAl4FAJ9+QtTcjP3jBOeXgYLzM3bTXnGVtgCeKDz+ 8vMr2cpjF6WuxBruM9E2kwo= =nn/M -----END PGP SIGNATURE-----
