On Wed, Aug 22, 2012 at 3:29 AM, Ted Smith <te...@riseup.net> wrote: > I ran this script on the current consensus. The full results (the > nodes-sniff-summary file) are below my signature. How did you compile > the country-codes to IPs list? That wasn't produced by the script.
Manually, using WHOIS and traceroute. This can be done automatically using GeoIP, but I wanted to be sure in the results (also visited some hosting sites), and writing a proper program would deviate too much from the initially intended “quick hack” design. > It's comforting that this approach yields quickly diminishing returns. > Going from 25 to 60 networks only gets you a 10% increase in networks > surveillance (if I'm reading the output correctly), and returns plateau > entirely at that point (I'm considering about two percent to be in the > noise, which may not be appropriate to this domain). That's why I insist that everyone should be a relay by default, even if there are some theoretical issues that weren't worked out yet [1]. Making everyone a relay also results in a healthier users community (I think I2P is one), and more intrinsic network growth. > Also, it's not immediately clear whether eavesdropping those networks > would actually get you strong enough correlation to accurately > de-anonymize users[1]. If our rodent(?) friend(s?) could comment on > this, I'd appreciate their expertise. Quoting [2] (referenced by fakefake): “Tor has been long suspected, and later confirmed [11,12], to be vulnerable to an attacker who could observe both the entry and exit point of a connection through an anonymity network.” > I also think that if it were possible for "unsophisticated law > enforcement" to deanonymize Tor users, they would already do it. If I > remember correctly, the Tor project gets a lot of requests from law > enforcement to deanonymize Tor users for them, which indicates that they > can't do it themselves (Andrew Lewman would be able to say if I'm > correct or not). Well, it of course depends on what one calls “unsophisticated”. E.g., if one judges by IACIS email dump [3], then most investigators hardly understand what they are doing when it comes to unfamiliar technologies (like Tor). So maybe you need them to be “sophisticated”, after all, but my point was that you don't need something exceptional like involving state security agencies — i.e., FBI + UK Police + DE Police + a couple of other countries, coordinating via Interpol does not sound impossible to me. I will also expand on that in a reply to Roger. [1] https://www.torproject.org/docs/faq#EverybodyARelay [2] http://petworkshop.org/2007/papers/PET2007_preproc_Sampled_traffic.pdf [3] http://www.theregister.co.uk/2011/11/25/anon_cybercrime_investigator_leak/ -- Maxim Kammerer Liberté Linux: http://dee.su/liberte _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
