From: Tom Ritter <tom[at]ritter.vg>
Date: Fri, 8 Mar 2013 13:05:30 -0500
Subject: Re: Summary of where we are right now
To: <cypherpunks[at]al-qaeda.net>, <cypherpunks[at]lne.com>
> So they figured it was easier to just get suckers to use some form of
> encryption (including and specifically TOR) to send the red flag that
> someone wanted to hide something, so “look over here!”.
I don’t agree that the NRL [Naval Research Laboratory] funded Tor for this purpose, but I do agree that our tools today (Tor, mixmaster/mixminion, PGP mail, RedPhone, TextSecure, OTR, etc) are easily distinguishable in traffic streams, and that this is a problem. Just as Riseup collects a bunch of people who care a lot about privacy onto one mailserver – people using these tools are likely to be interesting.
Skype, Facebook, Gmail – for all their problems, they are ubiquitous, and don’t draw attention.
> 3. But we are going to win. Yeah, we’re gonna win. Why? Because we want to.
> It’s not enough to encrypt: The type and context of encryption had to be
> hidden as well. Kind of the network version of Rubberhose. But these young
> kids who grew up not watching TV because it didn’t interact with them, it’s
> they who will create a stego virus to propagate fake stego everywhere on
> Facebook or whatever. It’s them who are going to create TOR services that
> operate ubiquitously behind the scenes, so that most users dob’t even know
> they are using it. Hiding the form of encryption will itself be the final
> frontier as crypto becomes ubiquitous.
A friend I talked with recently told me he thought it was easy to set up an anonymity system that worked great for you and your friends, and near impossible to build one that worked well for everyone else. Once it got popular or you became a target of investigation, people would put the effort into detecting it. Otherwise, it would continue along, looking like another TLS/SSH/Skype/whatever that just a little bit odd… Tor faces this problem immensely.
I don’t see us as having won, I see us as now knowing how to fight.
We know the devices they will use to easily detect our traffic, and in most cases we can get access to them. We must make our protocols indistinguishable on the wire. We know the ubiquitous services and protocols that we must work within or disguise ourselves as.
We know (some of? most of?) the statistical attacks adversaries of the future can conduct – we must make them as difficult and expensive as possible for them to achieve.
We know how woefully inadequate the user interfaces and requirements of the first generation of tools were, and we know where we must go: to browsers, smartphones, tablets, and consumer operating systems.
We have a much better idea of how normal people will react to our tools, and thus how much effort we must make to make them usable, and push for ubiquity.
We know what requirements are unreasonable of us to make upon people, and that we must design systems where those requirements are worked around, dulled, or the single ‘sharp edge’ of the system.
Read more: here