Search Mailing List Archives
[liberationtech] Jacob Appelbaum's Ultrasurf Report
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Sun Apr 22 23:43:09 PDT 2012
On 4/23/12 5:02 AM, StealthMonger wrote:
> Jacob Appelbaum <jacob at appelbaum.net> writes:
>> There is no competitor to the Tor Project in the field of online
> On the contrary:
> Tor has a serious weakness in that it uses a low-latency connection
> between user and server, allowing anonymity to be broken with simple
> packet timing correlation. Even the Tor documentation states
> ... for low-latency systems like Tor, end-to-end traffic
> correlation attacks [8, 21, 31] allow an attacker who can observe
> both ends of a communication to correlate packet timing and volume,
> quickly linking the initiator to her destination.
> --- http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf
That's the value of Tor.
That most important issues have been analyzed and *are known* and there
are "long term" research path to fix all of them in a scalable way.
Many other projects are not capable of scaling long-terms in many
conditions and their weakness are not publicly known/published (that's
not a value, because the enemy will always have the needed resource to
do paid research on it).
Look the pluggable transport modules of Tor recently released:
All of those will provide "Tor Tunneling/Scrambling" systems doable
trough "plug-ins", in order to let the community react quickly and with
creativity upfront new censorship techniques and challenges.
We'll probably see pluggable transports over MSN, QQ, ICQ, AOL,
SMTP,Quake2 or others to challenge the effort of the "adversary" to
inspect all of that traffic.
Please understand that this kind of value cannot be brought by any other
anonymity network project that "look long-term", not in any case
UltraSurf that mainly look at "short-term" results with their approach.
More information about the liberationtech