Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Traffic Analysis Countermeasures

vecna [ml] vecnamcclaudio at gmail.com
Sat Jul 20 12:11:24 PDT 2013


> There was this interesting project, called sniffjoke:
>
> http://www.delirandom.net/sniffjoke/
>
> but it doesn't appear to be developed anymore (last
> update 2 years ago..)

I confirm, the last years I and the other developer (giovanni pellerano)
was completely dedicated on another project (globaleaks.org), anyway the
times are mature for a project recovery, strengthen by new goals and
evasion techniques.

Just a little brief for the non tech people: sniffjoke it's a software that
protect connection from eaversdropper, but not acting like cryptography
working on client an server, it works only client side or only server side.
Injecting malformed packets in the session, can trigger ambiguos behavior
on a wiretapping tech, and make the connection unable to be correctly
interpreted by the sniffer.

This may be helpful for:
Protect connection versus server that do not supports encryption

Protect encrypted connection established thru networks the drop certain
protocols usage (eg: iran with not-SSL sessions)

And no, this is not security by obscurity, just the amount of knowledge
possessed by the sniffer its less than the knowlege on the client-server,
and just its exploited because is a legit TCP IP behavior.

This is indeed cool, but contains a certain amount of side effects and
instability, that makes sniffjoked sessions pretty unstable outside a
testing environment.

Anyway, are still undocumented a lots of analysis and strategies usable to
obtain more reliability.

Our wishful thinking bring me and giovanni believe in a new sniffjoke
release, with:

1 clear separation of the OS-depending operations
2 python instead of C++
3 session divert refactor using libdnet
4 research on the networks capabilities
5 porting of the previously developed evasion plugins

I and giovanni shall be present in ohm2013 with the other Hermes guys, if
someone is interested in working with us for reboot the project, meet us ;)

Best,
v
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130720/afd3bd8b/attachment.html>


More information about the liberationtech mailing list