TOKYO MASTER BANNER

MINISTRY OF TOKYO
US-ANGLO CAPITALISMEU-NATO IMPERIALISM
Illegitimate Transfer of Inalienable European Rights via Convention(s) & Supranational Bodies
Establishment of Sovereignty-Usurping Supranational Body Dictatorships
Enduring Program of DEMOGRAPHICS WAR on Europeans
Enduring Program of PSYCHOLOGICAL WAR on Europeans
Enduring Program of European Displacement, Dismemberment, Dispossession, & Dissolution
No wars or conditions abroad (& no domestic or global economic pretexts) justify government policy facilitating the invasion of ancestral European homelands, the rape of European women, the destruction of European societies, & the genocide of Europeans.
U.S. RULING OLIGARCHY WAGES HYBRID WAR TO SALVAGE HEGEMONY
[LINK | Article]
*U.S. OLIGARCHY WAGES HYBRID WAR* | U.S. Empire's Casino Unsustainable | Destabilised U.S. Monetary & Financial System | U.S. Defaults Twice A Year | Causes for Global Financial Crisis of 2008 Remain | Financial Pyramids Composed of Derivatives & National Debt Are Growing | *U.S. OLIGARCHY WAGES HYBRID WAR* | U.S. Empire's Casino Unsustainable | Destabilised U.S. Monetary & Financial System | U.S. Defaults Twice A Year | Causes for Global Financial Crisis of 2008 Remain | Financial Pyramids Composed of Derivatives & National Debt Are Growing | *U.S. OLIGARCHY WAGES HYBRID WAR*

Who's preaching world democracy, democracy, democracy? —Who wants to make free people free?
[info from Craig Murray video appearance, follows]  US-Anglo Alliance DELIBERATELY STOKING ANTI-RUSSIAN FEELING & RAMPING UP TENSION BETWEEN EASTERN EUROPE & RUSSIA.  British military/government feeding media PROPAGANDA.  Media choosing to PUBLISH government PROPAGANDA.  US naval aggression against Russia:  Baltic Sea — US naval aggression against China:  South China Sea.  Continued NATO pressure on Russia:  US missile systems moving into Eastern Europe.     [info from John Pilger interview follows]  War Hawk:  Hillary Clinton — embodiment of seamless aggressive American imperialist post-WWII system.  USA in frenzy of preparation for a conflict.  Greatest US-led build-up of forces since WWII gathered in Eastern Europe and in Baltic states.  US expansion & military preparation HAS NOT BEEN REPORTED IN THE WEST.  Since US paid for & controlled US coup, UKRAINE has become an American preserve and CIA Theme Park, on Russia's borderland, through which Germans invaded in the 1940s, costing 27 million Russian lives.  Imagine equivalent occurring on US borders in Canada or Mexico.  US military preparations against RUSSIA and against CHINA have NOT been reported by MEDIA.  US has sent guided missile ships to diputed zone in South China Sea.  DANGER OF US PRE-EMPTIVE NUCLEAR STRIKES.  China is on HIGH NUCLEAR ALERT.  US spy plane intercepted by Chinese fighter jets.  Public is primed to accept so-called 'aggressive' moves by China, when these are in fact defensive moves:  US 400 major bases encircling China; Okinawa has 32 American military installations; Japan has 130 American military bases in all.  WARNING PENTAGON MILITARY THINKING DOMINATES WASHINGTON. ⟴  
Showing posts with label QCRI. Show all posts
Showing posts with label QCRI. Show all posts

July 31, 2015

Tor Vulnerability - Traffic Analysis Identifies Guard Servers



Vulnerability could make Tor, the anonymous network, less anonymous

    by  Barb Darrow
    @gigabarb
July 29, 2015, 5:27 PM EDT

The bad news; MIT and QCRI researchers found a vulnerability in the Tor network. The good news: they also found a fix.
The Tor network—used by activists, journalists, law enforcement, and yes, criminals—is famous for cloaking web surfers’ identities and locations. And, apparently, it contains a vulnerability that poses a risk to all that protective anonymity, according to researchers at MIT and the Qatar Computing Research Institute (QCRI).
The good (or bad) news—depending on how you view Tor— is they say they’ve also come up with a fix to the problem that they will demonstrate at the Usenix Security Symposium next month, according to an MIT News story “Shoring up Tor.”
An estimated 2.5 million people—including journalists, political activists, terrorists or just consumers who don’t want to share their browsing histories with Facebook or other commercial entities—use Tor daily. And that is why the network is of keen interest not only to “repressive” regimes like Russia and Iran but to governments a lot closer to home, including our own. Not to put too fine a point on this, but one person’s activist could be another person’s terrorist, but I digress.
DigitalTrends has a good description of the Tor basics:
    Tor works by anonymizing the transport of your data. Like an onion, Tor encrypts the data you send through the web in multiple layers. Your data is then “relayed” through other computers. Each relay sheds one layer then finally arrives at the source in full form. The software bounces users around a network of open connections run by volunteers all over the globe. This prevents people from spying on your Internet connection and discovering sites you visit. Tor scrambles information that could pinpoint your exact physical location.
By using a Tor-configured browser, the user enters her request, and it is automatically swaddled in those encryption layers and is sent it to the next, randomly chosen machine that runs Tor. This machine, called “the guard,” peels off the first encryption layer and forwards the still-masked request on until it finally reaches a randomly chosen “exit” machine that strips off the final layer encryption to reveal the destination.
Only the guard machine knows the sender and only the exit machine knows the requested site; no single computer knows both.
The network also offers “hidden services” that enable an activist to aggregate sensitive news reports and make them available to select users, but not the world at large. That is, the archive is not searchable or available on the public Internet.
The creation of those collection points, which involves the building of what Tor calls a “circuit” of machines, offered the researchers a way to snoop on Tor. By connecting a ton of their own machines to the network and then analyzing traffic, they were able to identify likely guard machines.
From the MIT report:
    The researchers showed that simply by looking for patterns in the number of packets passing in each direction through a guard, machine-learning algorithms could, with 99 percent accuracy, determine whether the circuit was an ordinary Web-browsing circuit, an introduction-point circuit, or a rendezvous-point circuit. Breaking Tor’s encryption wasn’t necessary.
    Furthermore, by using a Tor-enabled computer to connect to a range of different hidden services, they showed that a similar analysis of traffic patterns could identify those services with 88 percent accuracy. That means that an adversary who lucked into the position of guard for a computer hosting a hidden service, could, with 88 percent certainty, identify it as the service’s host.
The researchers, including Albert Kwon, an MIT graduate student in electrical engineering and computer science, and Mashael AlSabah, assistant professor of computer science at Qatar University, and a QCRI researcher, said the fix lies in obscuring data traffic patterns to and from the guard machines in a way that renders such “traffic fingerprinting” ineffective.
If the network sends around enough dummy packets so that all the data sequences look the same to prying eyes, problem solved, and anonymity remains safe.
SOURCE
http://fusion.net/story/175068/sorry-the-way-you-type-is-exposing-your-identity-online-even-if-youre-browsing-anonymously/
---------------------
COMMENT

Tor anonymity browser:
  • search/request via Tor browser, wrapped in encryption layers
  • first server = random 'guard' server (knows where request came from)
  • next server = does not know location of request or request
  • final server = random 'exit' server knows the request
  • no single server knows both location & search/request
  • runs data via network of open connections / servers run by volunteers all over globe 
So:
  • scrambles info that could pinpoint your physical location
  • anonymises the transport of your data
  • encrypts the data you send (& relays through the web in multiple layers)
  • each relay sheds one layer
  • relay finally arrives at source in full form
Thought this was interesting. 
Imagine the Tor people are adapting to the fake packet fix, whatever that is.  
My reference to 'server' should probably read 'node' in the Tor network, I would think. 

------- ------- -------
Data transferred by computer is sent via 'packets'.  Due to size constraints, data sent out is broken up and reassembled at the destination.
TCP / IP
  • TCP/IP protocols guide how data is sent
  • TCP = Transmission Control Protocol (reliability of data / checks data for errors & resends if required)
  •  IP = Internet Protocol (more direct 'step closer' transmission of data)
TCP/IP = two separate protocol - used together
Most common TCP/IP protocols:

  • HTTP  - b/w client (ie browser) & server / non-secure data transmissions
  • HTTPS - b/w client & server / SECURE data transmissions - eg. credit card transaction data or other private data
  •   FTP - b/w two or more computers:  one computer sends data to (or receives data from) another computer DIRECTLY.
  • web client =  browser
  • web server = receives client/browser requests & relays data back to web client/browser
These are just notes for my benefit.  Hoping I have the info. straight.  LOL
  

---------------------
MORE

MIT researchers figure out how to break Tor anonymity without cracking encryption
http://www.extremetech.com/extreme/211169-mit-researchers-figure-out-how-to-break-tor-anonymity-without-cracking-encryption

Researchers mount successful attacks against Tor network—and show how to prevent them
http://phys.org/news/2015-07-mount-successful-tor-networkand.html
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)