Full Disclosure mailing list archives
RE: JAP back doored
From: "Rainer Gerhards" <rgerhards () hq adiscon com>
Date: Fri, 22 Aug 2003 18:28:26 +0200
There is no exponential term in MIX traffic. That means that if you try to ensure that all traffic leaves the network quickly (so you can say, web browse), then your attacker only needs to analyze traffic over a few seconds, and that's easy. Simple attacks work really well on real time mix chains of any length that TCP timeouts are likely to allow.
I haven't looked at the actual protocol used by JAP, just followed the postings here. But if they re-route traffic through the mixes *quickly* it may be hard to trace who is an actual user, but it is definitely possible. In the Dresden-Dresden case it is really so easy that it is (again) laughable at what the Germany police is trying over here. They could obtain what the want by "just" running some traffic analysis. Sure, that would be more expensive, but it would have had the benefit of not beeing publically discussed. Bottom line: a real analyzer must randomly *delay* in- and outgoing traffic. In high-volume environments a few (milli) seconds may do. If JAP does this, then it (was) fine. If it didn't, it wasn't any secure in the first place... As another example (being shut down externally), that famous anonymous remailer (pennet.fi or so) introduced random delays by design to circumvent this issue. My (technical;)) 2 cts... Rainer PS: If you would like to run a rant on German gouvernment, its technical incompetence may be a much better target ;) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: JAP back doored, (continued)
- Re: JAP back doored felix . roennebeck (Aug 25)
- Re: JAP back doored Adrian Nutz (Aug 21)
- Re: JAP back doored Florian Weimer (Aug 21)
- Re: JAP back doored Adam Shostack (Aug 22)
- Re: JAP back doored Florian Weimer (Aug 21)
- Re[2]: JAP back doored Bernhard Seibold (Aug 21)
- RE: JAP back doored Vincent Penquerc'h (Aug 21)
- RE: JAP back doored Rainer Gerhards (Aug 22)
- RE: JAP back doored Drew Copley (Aug 22)
- RE: JAP back doored Rainer Gerhards (Aug 22)
- RE: JAP back doored Drew Copley (Aug 22)
- RE: JAP back doored Rainer Gerhards (Aug 22)
- Re: JAP back doored Adam Shostack (Aug 22)
- RE: JAP back doored Rainer Gerhards (Aug 22)
- RE: JAP back doored Drew Copley (Aug 25)
- Re: JAP back doored Valdis . Kletnieks (Aug 27)
- Re: JAP back doored Goncalo Costa (Aug 27)
- RE: JAP back doored Drew Copley (Aug 27)
- Re: JAP back doored Jeremiah Cornelius (Aug 27)
- RE: JAP back doored Drew Copley (Aug 27)
- Re: JAP back doored Goncalo Costa (Aug 28)
- RE: JAP back doored Drew Copley (Aug 29)
- Re: JAP back doored Valdis . Kletnieks (Aug 27)