back to article New relay selection fix for Tor to spoil spooks' fun (eventually)

Research by American and Israeli academics has lead to the development of Astoria, a new Tor client specifically designed to spoil spooks' traffic analysis of the surveillance-dodging network. Astoria all-but decimates the number of vulnerable connections on the Tor network, bringing the figure from 58 per cent of total users …

Anonymous Coward

<pedant> decimate reduces a number *by* 10% </pedant>

traditionally associated with Roman legions failing to hit their targets

16
2
Silver badge
Headmaster

Language has changed a lot since Roman Times

See: Decimate

"Historically, the meaning of the word decimate is ‘kill one in every ten of (a group of people)’. This sense has been more or less totally superseded by the later, more general sense ‘kill, destroy, or remove a large proportion of’, as in the virus has decimated the population."

6
0
Anonymous Coward

"Decimate reductionem in numerum X %"

centenis vicibus scribimus toto muro!!

2
0
Anonymous Coward

OI!

NO FRENCH!!!

Back off, Brussels!!

4
2

more pedantry

Interestingly, the full OED entry (possibly £) for decimate has the, er, "colloquial" usage as sense 4b

"4. transf.

b. rhetorically or loosely. To destroy or remove a large proportion of; to subject to severe loss, slaughter, or mortality."

Which just goes to show that, even though English dictionaries are descriptive, not prescriptive of current usage (there is no Académie Anglaise), there aren't an awful lot of dictionary compilers gritting their teeth and muttering "that is WRONG!"

1
0
Silver badge

Re: more pedantry

it says 'loosely'

I suspect that's dictionary-compiler understatement for 'inaccurately', said with considerable gritting of teeth.

0
0
Silver badge

Hmmm

"... the service is often used by the security services and law enforcement when they wish to use the internet anonymously. "

Ha! If they weren't doing anything wrong, they wouldn't need to be anonymous. Isn't that the argument governments (and their agencies) use?

9
1
Silver badge

Re: Hmmm

The gov paper is surprisingly sane and well thought out. Basically it says trying to ban stuff like Tor is a stupid plan as its difficult to do and would make the jobs of police, etc, harder in practice.

It remains to be seen if technically stupid and knee-jerking politicians listen to those who know something about the subject though...

3
1
Silver badge
Devil

Re: Paul Crawford Re: Hmmm

"....to ban stuff like Tor is a stupid plan as its difficult to do and would make the jobs of police, etc, harder in practice....." Very much so if TOR is already owned as much as suspected. Trying to be clever with what happens with routing inside the TOR network is like closing the barn door after the horse has been taken to the glue factory! Pretty silly if The Man already owns the majority of entry and exit nodes and can game the listings of "best" entry node that your client uses to choose its entry point. Remember, the spooks are interested in who the "bad people" are talking to, not necessarily what is in every message, and what a great way to draw attention to yourself by firing up a TOR client browser, information available from your ISP's connection (or from Google if you did a search from your TOR client browser). Much easier to then remotely or physically hack your system and read your unencrypted copy rather than try and catch your message in the TOR network. And if all else fails, decryption by waterboarding is a lot more efficient than trying to crack top-end encryption. Why on Earth would the spooks want to lose that simple way of identifying "persons of interest" that scanning for TOR users presents?

1
0
Anonymous Coward

Re: Paul Crawford Hmmm and What a shame?

Of course, the "sore thumb" model will immediately fall apart as soon as multitudes of relay nodes (currently only 6000 or so) and tens of millions of browsers routinely implement Astoria. When everyone uses encryption and TOR, everyone will be a potential terrorist. The haystack will become mathematically impossible to search effectively.

Which is why security agencies (and their paymasters) sweat over things like globalised strong encryption for consumer internet services. Stronger TOR will probably become the next taboo / fetish for the Man.

On the upside, tools like Astoria could promote better secured internet network traffic, better online privacy, more secure e-commerce and less paranoia about TLAs and out-of-control commercial data sniffing and gathering. Cyber crime might drop too as people learn how to use a secure internet to do their daily business. Politicians selling fear for a living may need to find a new message as the sky refuses to fall.

We might go from Prison Guard / Nanny World to Free World, a place where people can make their own decisions and shape their own futures.

What a pity that no one ever measures how much fear-based decision-making (which mandates that absurdities such as TIA can ever work without superhuman and superbudgetary efforts) will actually cost the world body politic and the economy.

Its impact on human evolution, economic development and world peace has probably been more profound than we can ever imagine. In 20 years, the US has descended from being a beacon of hope to the world's worst bogeyman. How did this happen? A group of barely financed maniacs managed to fly commercial jets into buildings and kill over 3000 people. In response, the US and its allies have wreaked economic, cultural, civil libertarian, social and military havoc on the rest of the world for almost 15 years. And Google still globally knows more about you than the NSA ever will.

If companies can no longer sell online services because CIA (the computing one) is no longer a feature, they will disappear and be replaced by companies who can. If America and the West wish to lead in the 21st century as a cultural, economic and technology powerhouse, they need to get this right. Sheeple will eventually disappear and reject their vision of the brave new world. If I am not mistaken, it may already be happening.

Think about these things when your representatives say it is a good idea to give 80 billion USD to TLAs who seem devoted to actively weakening global internet security infrastructure and mining personal information for no other reasons than that they can and might find a terrorist needle. Who cares if it costs a fortune and shows no measurable returns? Cyber crime costs escalate into the 10s of millions every year while traditional physical crime is being dwarfed in its financial impact. Why don't the LEAs focus on that instead of collecting everyone's call records? Oh, I know, because it's hard.

Imagine if that 80 billion USD were instead spent on foreign trade development, domestic economic growth, human education, international cultural development, internet security or God forbid, the promotion of sustainable development and industry? Drones and surveillance technology will be very useful for enslaving and killing people, perhaps not so useful for helping them grow their own economies and improving their existence. When people can build working economies, war quickly loses its appeal.

2
0
Anonymous Coward

link to the new paper

Where is the link to the new paper, or Astoria itself?

0
0
Silver badge

Re: link to the new paper

Here you go http://arxiv.org/pdf/1505.05173.pdf

2
0

Re: link to the new paper

Somewhat incredibly, given the times, it looks like the devs got caught unprepared for the amount of attention:

https://lists.torproject.org/pipermail/tor-talk/2015-May/037914.html

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017