[25581] in cryptography@c2.net mail archive
Re: Piercing network anonymity in real time
daemon@ATHENA.MIT.EDU (Ivan Krstic)
Sun May 14 18:22:22 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 13 May 2006 22:34:39 -0400
From: Ivan Krstic <krstic@fas.harvard.edu>
To: leichter_jerrold@emc.com
Cc: cryptography@metzdowd.com
In-Reply-To: <Pine.SOL.4.61.0605091200540.26539@mental>
leichter_jerrold@emc.com wrote:
> The Locate appliance sits passively on the network and
> analyzes packets in real time to garner ID info from sources
> like Active Directory, IM and e-mail traffic, then associates
> this data with network information.
This is really nothing new -- I've been seeing systems like these,
though home brewed, in use for years. The availability of good tools as
a foundation (things like Snort, the layer7 iptables patch, and so on)
makes building decent layer 8 inference not far from trivial. Calling
this "piercing network anonymity in real time" is highly misleading; in
reality, it's more like "making it bloody obvious that there's no such
thing as network anonymity".
The best one can hope for today is a bit of anonymous browsing and IM
with Tor, and that only insofar as you can trust a system whose single
point of failure -- the directory service -- was, at least until
recently, Roger's personal machine sitting in an MIT dorm room.
--
Ivan Krstic <krstic@fas.harvard.edu> | GPG: 0x147C722D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
