Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Building a encrypted mobile network

Jonathan Wilkes jancsika at yahoo.com
Tue Jun 11 09:47:22 PDT 2013





________________________________
 >From: Michael Rogers <michael at briarproject.org>
>To: liberationtech <liberationtech at lists.stanford.edu> 
>Sent: Tuesday, June 11, 2013 10:45 AM
>Subject: Re: [liberationtech] Building a encrypted mobile network
 

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1

>>Hi Anthony,

>On 08/06/13 13:36, Anthony Papillion wrote:
>> 1. Location is a particularly thorny issue. Presentations at either
>> HOPE or BlackHat demonstrated how easy it is to locate a mobile
>> even if you're not the government with a massive budget and mad
>> technology.
>> 
>> Perhaps routing the network connection through Tor may suffice? But
>> I don't think so as something doesn't 'feel' right about that.
>> Thoughts?

>Routing the call through Tor wouldn't conceal the phone's location
>from the mobile network. The caller and callee would both have to use
>cell towers to reach the Tor network, so their respective mobile
>networks would still know their locations, and any hacks that can
>currently be used to trick the mobile network into revealing a phone's
>location would still work.

>In theory you could conceal who calls whom from the mobile network by
>routing the call through Tor. However, in order to be able to receive
>calls, the callee would either have to maintain a constant connection
>to Tor (draining her battery and data allowance) or ask some third
>party with a constant connection to Tor to send her push notifications
>of incoming calls, which she could then answer by connecting to Tor.
>The third party would know when the callee was receiving incoming
>calls, though not necessarily from whom.

>Even this would reveal quite a lot of information to the mobile
>network. Alice starts sending data at 12:34:56. Bob receives a push
>notification at 12:34:57. Bob starts sending data at 12:34:58. Alice
>and Bob both stop sending data at 12:44:58. The inference is pretty
>clear: Alice called Bob at 12:34 and the call lasted ten minutes.

>Concealing these patterns would require users to send and receive
>dummy data even when they weren't sending or receiving calls, which
>would drain their batteries and data allowances. It would be possible
>to build such a system, but I don't think anyone would use it.

I don't think it's out of the realm of possibility that somebody would have
a device running orbot with a (non-exit) relay that sits at home, plugged
in, running over wifi.  Or, some small plug computer with a headset
hookup that functions the same.  Or on their main machine that just runs
all the time.  All that's needed then is a mechanism to
leave a text message when the other person isn't at home (Torchat, maybe
Bitmessage, etc.).

It's reinventing old technology: the landline and the answering machine.
But users would avoid the new surveillance problems with metadata
leaking.  Whoever is planning the "Restore the Fourth Amendment"
project would certainly make use of such a system if it existed
and was usable.

-Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130611/abd39a06/attachment.html>


More information about the liberationtech mailing list