"Using random selection of backup and layering
entry guard nodes will be an improvement, but as in
all Tor circuits, someone connecting through ran-
dom nodes will always be compromised if an at-
tacker owns just two nodes [25]. Using the backup
and layering techniques in combination with a non-
random selection, e.g. based on some kind of trust,
or experience, with the nodes, may slow the attack
even more or may even prevent it entirely"
Yup, it is kind of prevented now (otherwise the Silk Road would've been shut down long ago). From the paper's conclusion:
"Our results show that Tor’s location-hidden servers are not really hidden—or rather they were not really hidden prior to the recent introduction of guard nodes as countermeasures to our attacks."
We always knew that correlation attacks by an adversary that controlled a sufficiently large portion of the Internet were trivial to carry out. Now that we've learned that the NSA is capturing 75% of Internet traffic then we should assume that they are able to carry out correlation attacks fairly trivially, right?
Yes, but I have observed multiple times that many engineers, including crypto and even infosec folks, don't really understand or even think about traffic analysis as a threat vector. I want to chalk this up to a lack of thinking about systems (in the classic sense, not in the jargon for "computer" sense), but I'm not entirely sure.
Yes, an open-source, independently-verified and analyzed, and community-maintained honeypot. How exactly does that work?
Unless you want to call people like Roger Dingledine and Jake Appelbaum agents of the state (Jake has been called many things, but I can never imagine anyone seriously insinuating that there is a connection between him and any government).
Since the meaning apparently eluded you let me spell it out;
Tor seems like the perfect honeypot for government agencies looking to lure people who are involved in illegal activities online (child porn, drug trafficking, stolen credit cards, black hat hacking, etc.) Its origin is also well known to be based in government research. The source/identities/ownership of the various Tor nodes is by design unclear as being "safe".
In other words, if I were working for the NSA or FBI or whatever and designing a honeypot to lure in as much illegal activity online under a guise of safety and security but enable me to fully track it, I would design something like Tor.
If they intentionally included flaws when they originally developed it, then what is your explanation for why are they now informing the public of flaws?
The Naval Research Lab employs 3 of the 5 authors of the paper we are discussing. One of those authors (Syverson) was an original developer of Tor.
You would assume the versions of anything the NSA uses is significantly modified or different than the versions in public... these guys [allegedly] have the best cryptographers, mathematicians and programmers in the world on their payroll. You can assume that anything you have in your hands is either completely insecure or only trivially secure in comparison to anything the NSA has.
I'm willing to bet that the best security mechanisms you have at your disposal have been cracked, breached or otherwise compromised. I wouldn't be at all surprised to hear that they hold secret mathematical breakthroughs that render half or all of the encryption algorithms the public are aware of useless.
Mathematical breakthroughs, yes. I know PhD level mathematicians who have gone to work for the NSA. They are very, very intelligent and capable people.
That said, I wouldn't let that stop you from using Selinux. They might have left easier methods around it available to them, but by now if there was a giant 'backdoor' in it, it would have been discovered by the community by now since it's not distributed as a binary blob. I hear these complaints every time there's a conversation about the NSA on here. Essentially the end-of-story take away should be that you need to use Selinux or comparable tools in a live environment.
> I'm willing to bet that the best security mechanisms you have at your disposal have been cracked, breached or otherwise compromised. I wouldn't be at all surprised to hear that they hold secret mathematical breakthroughs that render half or all of the encryption algorithms the public are aware of useless.
Paradoxically, if that is true, I think it could work to strengthen the average American's privacy.
If the NSA has made significant advances in cryptography that allows them to read pretty much anything, the focus will undoubtedly be placed on "national interests" - intercepting and reading high-level communications from friends and enemies alike.
More importantly, though, the NSA would want to ensure everyone keeps using the encryption they know how to break. If a twenty-year old systems administrator discovered and leaked that the NSA can break AES, the NSA would lose that significant advantage.
So, at least in the short term, the NSA being able to read everything would likely mean they read nothing of mine!
Even so - the real question is whether the risk of the NSA (or some other well-funded highly-capable actor) having access to vulnerabilities in your system is greater or less than the risks of other actors exploiting the vulnerabilities in your system that the tools would prevent.
In other words: what's worse, the NSA having the ability to bypass SELinux, or everybody being able to exploit things that SELinux would have protected?
What's silly? Thinking that when the NSA finds vulnerabilities in public software or algorithms, they keep them to themselves instead of advertising them? What, of course they do, it's silly to think they'd advertise them! That's their job.
It depends, they have to keep in mind that they're setting up a risk that foreign adversaries will exploit the same flaws. You're trying to square the circle - you want to have your own country's infrastructure, not all of which is under your control, secure from attackers and at the same time have it open for control purposes. And inevitably trade offs have to be made.
The driving force behind encryption becoming widely acceptable, in business terms, for instance seems to have been e-commerce.
Turns out the NSA has cracked a bunch of internet encryption, and, yes, they kept it a secret they had done so, as most would expect they would. Until Snowden.
> You would assume the versions of anything the NSA uses is significantly modified or different than the versions in public.
That's not something that I assume.
When I think about things like the Debian PRNG bug (https://www.schneier.com/blog/archives/2008/05/random_number...) I wonder if i) it was somehow planted by the NSA or ii) They knew about it, and fixed it in any internal uses, but didn't tell the world.
> You can assume that anything you have in your hands is either completely insecure or only trivially secure in comparison to anything the NSA has.
I'm not sure this makes much sense. You can probably trust the math, as far as we do trust the math. And that is "We don't yet know of any feasible attacks on this." Implementations of that math into algorithms and then code and then software on machines with real world users - well, yes, there are a whole slew of things that can go wrong and I guess NSA / GCHQ are aware of many of these and enjoy spotting the flaws in the wild.
Having said all that, if a person is worried about well funded government agencies coming after them then some crypto isn't much of a barrier. Even if the crypto is secure 'they' will find some way to get the information.
> these guys [allegedly] have the best cryptographers, mathematicians and programmers in the world on their payroll.
> But then Ellis came across a paper buried in the GCHQ's mountain of secret material. Written by an anonymous author, it described a project conceived by Bell Telephone toward the end of World War II. The scheme, labeled Project C43, was an ingenious method of analog voice scrambling that worked by the use of distortion.
To give some context to this, GCHQ have only just released some work by Turing, nearly 60 years after his death. Normal secrets are kept for 30 years. Thus, GCHQ's mountain of secret material is likely to contain some delicious nuggets.
The Internet was originally funded by DARPA. Must be a trap!
Tor is not controlled by the US government. Moreover, Tor was originally created to protect US government spies in foreign countries; a deliberate compromise would have done far more harm to government interests than good.
Moglen at Re:Publica: Freedom of thought requires free media
On the other side was the then deputy attorney general of the United States and a lawyer in private practice named Stewart Baker who had been chief council to the National Security Agency our listeners and who was then in private life helping businesses to deal with the listeners. He then became later on the deputy for policy planning in the Department of Homeland Security in the United States and has much to do with what happened in our network after 2001
and anyway the four of us spent two pleasant hours debating the right to encrypt and at the end their was a little diner party at the Harvard faculty club and at the end after all the food had been taken away and the pork and the walnut were left on the table Stuart said,
"All right, among us now we that we are all in private just us girls all let our hair down" he didn’t had much hair even then but he let it down "We are not going to prosecute your client Mr Zimmermann he said public key encryption will become available we fought a long loosing battle against it but it was just a delaying tactic" and then he looked around the room and he said "But nobody cares about anonymity do they?"
And a cold chilled went up my spine and I thought alright Stuart and now I know you’re going to spent the next twenty years trying to eliminate anonymity in human society and I am going to try to stop you and let’s see how it goes.
And it’s going badly.
We didn’t built the net with anonymity built in. That was a mistake now we are paying for it.
Our network assumes that you can be tracked everywhere.
And we have taken the Web, and we made facebook out of it.
"Using random selection of backup and layering entry guard nodes will be an improvement, but as in all Tor circuits, someone connecting through ran- dom nodes will always be compromised if an at- tacker owns just two nodes [25]. Using the backup and layering techniques in combination with a non- random selection, e.g. based on some kind of trust, or experience, with the nodes, may slow the attack even more or may even prevent it entirely"
TIL: The Office of Naval Research has been working on onion routing for 18 years. http://www.onion-router.net/History.html