[liberationtech] Jacob Appelbaum's Ultrasurf Report
Douglas Lucas
dal at douglaslucas.com
Thu Apr 26 11:03:28 PDT 2012
Hi all,
On Thu, Apr 26, 2012 at 12:44 AM, Jacob Appelbaum <jacob at appelbaum.net>wrote:
> Practically, I also think that mixmaster is an example of "great on
> paper" and soon we'll see how it works out in the real world. Now that
> the FBI is taking nodes left (in New York last week) and right (in
> Austria this week) - we'll note that some of these anonymity properties
> are coming up for a serious test. For example, if you don't compose Tor
> and Mixmaster together, what happens when you're the only person to ever
> connect to Mixmaster? I think the answer is that you're a suspect,
> cryptographic evidence be damned.
Note (the arrested and alleged Stratfor hacker) Jeremy Hammond's complaint
(
http://www.wired.com/images_blogs/threatlevel/2012/03/Hammond-Jeremy-Complaint.pdf)
says an "FBI TOR network expert analyzed the data from the Pen/Trap
and
was able to determine that a significant portion of the traffic from
[Hammond and others'] CHICAGO RESIDENCE to the Internet was TOR-related
traffic." It goes on to say "[Hammond's] Apple MAC address was the only MAC
address at the CHICAGO RESIDENCE that was connecting to known TOR network
IP addresses. The defendant [...] has discussed with [the informant Sabu]
that he used the TOR network" and elsewhere defines Tor as "a system
designed to enable users to access the Internet anonymously [...]"
Because the FBI connected the only Tor use the Pen/Trap picked up with
Hammond's specific MAC address, and because as Jacob pointed out elsewhere
in this thread "members of police forces around the world use Tor, as does
the Internet Watch Foundation," the Hammond complaint does not per se
indicate that the FBI finds Tor use in itself suspicious. (Nor am I trying
to knock Tor; I myself use it.) But -- the FBI has a Tor network expert? I
wonder what the expert's job duties are, how many Tor experts they have,
and what implications there might be of the FBI having a Tor expert(s).
Anyone know? There is also the issue of ISPs throttling or potentially
throttling Tor traffic, which is a form of suspicion.
This is a tangent, but I wonder why Hammond didn't routinely spoof his MAC
address. I guess it wouldn't have mattered, though.
:-Douglas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120426/057fa83c/attachment.html>
More information about the liberationtech
mailing list