Re: [ietf-privacy] Media without censorship - attend IETF 85 side meeting ?
Vincent Roca <vincent.roca@inria.fr> Wed, 07 November 2012 01:58 UTC
Return-Path: <vincent.roca@inria.fr>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 9F18921F8BAB for <ietf-privacy@ietfa.amsl.com>;
Tue, 6 Nov 2012 17:58:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.249
X-Spam-Level:
X-Spam-Status: No, score=-110.249 tagged_above=-999 required=5 tests=[AWL=0.000,
BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DZJlMfMLmi-s for
<ietf-privacy@ietfa.amsl.com>; Tue, 6 Nov 2012 17:58:09 -0800 (PST)
Received: from mail1-relais-roc.national.inria.fr
(mail1-relais-roc.national.inria.fr [192.134.164.82]) by ietfa.amsl.com
(Postfix) with ESMTP id A34EC21F8B69 for <ietf-privacy@ietf.org>;
Tue, 6 Nov 2012 17:58:08 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.80,725,1344204000"; d="scan'208";a="180439668"
Received: from ral120r.vpn.inria.fr ([128.93.178.120]) by
mail1-relais-roc.national.inria.fr with ESMTP/TLS/AES128-SHA;
07 Nov 2012 02:58:06 +0100
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset=us-ascii
From: Vincent Roca <vincent.roca@inria.fr>
In-Reply-To: <CAJYQ-fQZ=FByKJriiE6RRpwMXku+nvAGpOosGUuiRtc0=EVAhQ@mail.gmail.com>
Date: Wed, 7 Nov 2012 02:58:04 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <EB350BDE-A286-437B-806A-619C2C67464C@inria.fr>
References: <CAJYQ-fS-nKWEFKYXPKqwLeXbzuq3n6+Na7vuDhUfANZgO2ZMsg@mail.gmail.com>
<508984AE.9000401@cs.tcd.ie>
<CAJYQ-fQZ=FByKJriiE6RRpwMXku+nvAGpOosGUuiRtc0=EVAhQ@mail.gmail.com>
To: Johan Pouwelse <peer2peer@gmail.com>
X-Mailer: Apple Mail (2.1085)
Cc: ietf-privacy@ietf.org
Subject: Re: [ietf-privacy] Media without censorship - attend IETF 85 side
meeting ?
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>,
<mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2012 01:58:09 -0000
Hello,
I've read your I-D (extremely interesting) and have a few comments:
1- The attacker model of the 20sec and kill-switch scenarios
We assume "the adversary cannot compromise smartphones or other
participating devices".
It looks rather strange to me. Personally I'd rather state the opposite:
the threat model must be that of a powerful attacker (as in the 3rd scenario).
Indeed, a device owners can be arrested and obliged to unlock its
device... He may also be obliged to move around and to collect more
information on others, using a modified device.
Is it motivated by the desire to have some progression in the threat model
in the document? If that's the case, then I understand, but state it clearly.
2- The 20sec scenario and the list of peers
Is it recommended to have such a list with possibly thousands
peers in this scenario when a device might be compromised
(previous comment)? Is it the reason why the threat model makes
the opposite assumption?
3- The 20sec scenario: clarification
I understand the wired Internet is here, and usable, even if
many links/servers/services are compromized. Am I correct?
Because if it's not the case, then how would it be possible to
broadcast a message to 20 million devices in 20sec using
bluetooth and wifi networks only? 20 millions is a lot and having
a meshed network large enough to reach them all using small
range wireless techniques seems rather challenging ;-)
4- AThe friend-to-friend scenario
What does the following bullet mean?
o The adversary can choose the data written to the microblogging
layer by higher protocol layers.
(I confess I didn't read [BRIAR] where it's certainly explained)
5- Concerning Tor...
I agree, it's not the panacea for this use-case. In addition to
what you're saying, we can add that it can make the situation
worse. My colleagues have a paper on this topic:
S. Leblond, A. Chaabane, P. Manils, M.A. Kaafar, C. Castelluccia, A. Legout, W. Dabbous,
"One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users",
USENIX Workshop on Large Scale Exploits and Emergent Threats (LEET'11), April 2011.
http://arxiv.org/abs/1103.1518
I'll be at the side-meeting.
Cheers,
Vincent
- [ietf-privacy] Media without censorship - attend … Johan Pouwelse
- Re: [ietf-privacy] Media without censorship - att… Stephen Farrell
- Re: [ietf-privacy] Media without censorship - att… Johan Pouwelse
- Re: [ietf-privacy] Media without censorship - att… Vincent Roca
- Re: [ietf-privacy] Media without censorship - att… Rodolphe Marques