[Cryptography] Dark Web should really be called the Twilight Web
grarpamp at gmail.com
Thu May 28 01:26:49 EDT 2015
On Wed, May 27, 2015 at 11:08 PM, Phillip Hallam-Baker
<phill at hallambaker.com> wrote:
> Tor certainly works for some of its intended uses. If you are in a
> repressive state and want to get access to CNN or the like, Tor is your
> friend. It isn't going to prevent a police state noticing that you might be
> up to some sort of unapproved activity but they won't be able to tell the
> difference between a dissident and someone surfing for porn etc. So it is
> useful and reduces risk in countries like Iran or Russia. But using it in
> North Korea would mean risking a death sentence.
> Where I don't see Tor being remotely safe is trying to operate an online
> Drug bazar as a hidden service. I mean seriously guys, cryptography isn't
> magic and traffic analysis is a very effective tool. Tor is still going to
> help your customers keep their identity secret but it isn't going to stop a
> determined law enforcement team with pervasive Internet access tracking down
> your server. Not when the hidden service is trying to become a consumer
> brand with global reach.
> So I think a change in terminology is needed. It is not just that people are
> not taking security precautions due to a false sense of security, some
> people are ordering up mob hits because they think they are in a permissive
> environment that is accountability free.
> Rather than calling it the dark web, the term Twilight Web seems more
> appropriate to me. It is possible to hide but only if you know how and only
> among the trees.
For whatever part of your threat models above includes global passive
adversary watching the input and output points of your network
of choice and lining up traffic observations... there is little defense
to be taken other than filling your unused capacity with fill traffic.
No network to date appears to be developing or using that defense.
There have been threads on that within the last year, and even one on
making such background fill a part of IEEE for fiber and copper physical links.
More information about the cryptography