[liberationtech] Jacob Appelbaum's Ultrasurf Report
Jacob Appelbaum
jacob at appelbaum.net
Thu Apr 26 15:43:38 PDT 2012
On 04/26/2012 01:25 PM, Michael Rogers wrote:
> On 26/04/12 06:44, Jacob Appelbaum wrote:
>> Practically, I also think that mixmaster is an example of "great on
>> paper" and soon we'll see how it works out in the real world. Now
>> that the FBI is taking nodes left (in New York last week) and right
>> (in Austria this week) - we'll note that some of these anonymity
>> properties are coming up for a serious test. For example, if you
>> don't compose Tor and Mixmaster together, what happens when you're
>> the only person to ever connect to Mixmaster? I think the answer is
>> that you're a suspect, cryptographic evidence be damned.
>
> While your point about the importance of non-cryptographic evidence is
> well taken, the FBI's behaviour in this case is consistent with an
> investigation looking for cryptographic evidence.
>
I'm not sure that I agree but I think we'll see in the long run. I'm
willing to reserve my full thoughts on the matter for a while. :)
> Mixmaster doesn't provide forward secrecy - if you've recorded the
> messages entering and leaving a remailer (which seems plausible for
> the FBI, especially during the investigation of a long series of bomb
> threats), you can seize the remailer and use its private key to match
> incoming and outgoing messages. If the message you're interested in
> came from another remailer, seize it and repeat. If not, you've found
> the sender.
>
Perhaps that is why they chose the two nodes in question?
> This attack against Mixmaster has been known about for ten years. If
> nothing else, I hope this case revives interest in Mixminion...
>
Indeed! I think it would be nice to see a revival of remailers!
All the best,
Jake
More information about the liberationtech
mailing list