On Fri, Oct 07, 2005 at 05:39:06PM -0400, jrandom at i2p.net wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > The darknet requires steganographic transports to offer any sort of > > > anonymity (since ISPs can easily detect abnormal flows). No such > > > steganographic transports exist, either in theory or in practice. > > > As such, the darknet is not dark, and won't be until someone comes > > > up with some steganographic transport that works on a wide scale and > > > can remain open source. > > > This is not true at present; most ISPs don't implement egress filtering > > let alone traffic flow analysis. It is available but expensive; a report > > prepared for the French government which I will try to extract from > > nextgens seems to indicate that it's not possible globally, or that it's > > prohibitively expensive globally. > > Egress filtering isn't mandated by the state at the moment. > > This sort of flow detection doesn't need to work on the global or > even regional level - the local ISP has all it needs to detect that > a local user is using abnormal traffic flows (at least, unless the > majority of that ISP's users are using the same steganographic > transport). > > If substantial tech were necessary, China (etc) would just do the > same thing that the US government did - mandate their own version of > CALEA to include the required local flow detection hooks. They'd > probably pitch it as a boon for business, creating new jobs, blah > blah blah.
I don't know the details of censorship in the US, but in the UK, ISPs are required to provide traffic data (email headers, visited web sites, and I think now VoIP calls, although I don't know at what level they are demanding that) without a (real) warrant, and actual content when presented with a court warrant, tied to a specific individual or premises. > > I'd be interested to read the report you reference though (english > preferred, but I can probably hack my way through it if its in > french) > > > Personally I think it's more likely that they'd NAT everyone. > > NATs are the least of our troubles. Well okay, I meant they'd force everyone through government controlled application proxies. NATting everyone is a good approximation of this, if set up the right way, as you can't talk to your peers. > > =jr > (and CofE, wherever you are, don't worry, we're focusing on the tech > issues here. IMHO Toad et al have been doing a great job, but I > do think some strategies may need to be refined. Ask any two > soldiers and you'll probably get two different ideas as to how best > to defeat the common foe, but at the end of the day, we're on the > same side) -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051007/ecd3897b/attachment.pgp>
