topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:40 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: The NSA Teams Up with the Chinese Government to Limit Internet Anonymity  (Read 3509 times)

CWuestefeld

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,009
    • View Profile
    • Donate to Member
(Remember, we're interested in the technical aspects of this and not politics)
From Schneier on Security
The NSA Teams Up with the Chinese Government to Limit Internet Anonymity

Definitely strange bedfellows:

    A United Nations agency is quietly drafting technical standards, proposed by the Chinese government, to define methods of tracing the original source of Internet communications and potentially curbing the ability of users to remain anonymous.

    The U.S. National Security Agency is also participating in the "IP Traceback" drafting group, named Q6/17, which is meeting next week in Geneva to work on the traceback proposal. Members of Q6/17 have declined to release key documents, and meetings are closed to the public.

    [...]

    A second, apparently leaked ITU document offers surveillance and monitoring justifications that seem well-suited to repressive regimes:

        A political opponent to a government publishes articles putting the government in an unfavorable light. The government, having a law against any opposition, tries to identify the source of the negative articles but the articles having been published via a proxy server, is unable to do so protecting the anonymity of the author.

This is being sold as a way to go after the bad guys, but it won't help. Here's Steve Bellovin on that issue:

    First, very few attacks these days use spoofed source addresses; the real IP address already tells you where the attack is coming from. Second, in case of a DDoS attack, there are too many sources; you can't do anything with the information. Third, the machine attacking you is almost certainly someone else's hacked machine and tracking them down (and getting them to clean it up) is itself time-consuming.
...

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Definitely strange bedfellows...

Not at all.

Police work is police work no matter what.

Only the governing law changes. That, and what's considered acceptable in the way The Law is to be enforced.

A police force is a mirror for the society that created it.

"Angels to some; demons to others." as the saying goes. :)
« Last Edit: September 18, 2008, 09:05 AM by 40hz »

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
So I guess this is made to defeat the usefulness of things like Tor and JAP, isn't it?

CWuestefeld

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,009
    • View Profile
    • Donate to Member
So I guess this is made to defeat the usefulness of things like Tor and JAP, isn't it?
Actually, I don't think so, and I think that's part of the point of the last paragraph of the quote. Whatever system this is might be able to track back to the machine that sent the request itself. But the fact that the request was triggered by something that was received at that address via a TOR "tunnel" is still unknown (short of guessing with the help of traffic analysis).

So it's not defeating the real bad guys at all. It's just snaring us poor, law-abiding sheep citizens.