SlideShare a Scribd company logo

2009 01-21-mit-media-presentation

Download as ODP, PDF
A
Andrew Lewman

2009 Presentation to MIT Media Lab about online anonymity with Tor.

Technology
1 of 37
Online Anonymity Andrew Lewman The Tor Project
Outline ● Why anonymity? ● Crash course on Tor ● Future
Informally: anonymity means you can't tell who did what “Who wrote this blog post?” “Who's been viewing my webpages?” “Who's been emailing patent attorneys?”
Formally: anonymity means indistinguishability within an “anonymity set” Alice1 Alice4 Alice7 Alice2 Alice6 Alice5 Alice8 Alice3 .... Bob Attacker can't tell which Alice is talking to Bob!
Anonymity isn't cryptography: Cryptography just protects contents. Alice Bob “Hi, Bob!”“Hi, Bob!” <gibberish> attacker
Anonymity isn't steganography: Attacker can tell that Alice is talking; just not to whom. Alice1 Bob1 .. . Anonymity networkAlice2 AliceN (Strong high-bandwidth steganography may not exist.) Bob2
Anonymity isn't just wishful thinking... “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?”
...since “weak” anonymity... isn't. “You can't prove it was me!” Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?” Will others parties have the ability and incentives to keep their promises? Proof is a very strong word. With statistics, suspicion becomes certainty. Not what we're talking about. Nope! (More info later.)
Anonymity serves different interests for different user groups. Anonymity Private citizens “It's privacy!”
Regular citizens don't want to be watched and tracked. (the network can track too) Hostile Bob Incompetent Bob Indifferent Bob “Oops, I lost the logs. “I sell the logs.” “Hey, they aren't my secrets.” Name, address, age, friends, interests (medical, financial, etc), unpopular opinions, illegal opinions.... Blogger Alice 8-year-old Alice Sick Alice Consumer Alice Oppressed Alice ....
Anonymity serves different interests for different user groups. Anonymity Private citizens Businesses “It's network security!” “It's privacy!”
Businesses need to keep trade secrets. AliceCorp Competitor Competitor Compromised network “Oh, your employees are reading our patents/jobs page/product sheets?” “Hey, it's Alice! Give her the 'Alice' version!” “Wanna buy a list of Alice's suppliers? What about her customers? What about her engineering department's favorite search terms?”
Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!”
Law enforcement needs anonymity to get the job done. Officer Alice Investigated suspect Sting target Anonymous tips “Why is alice.localpolice.gov reading my website?” “Why no, alice.localpolice.gov! I would never sell counterfeits on ebay!” Witness/informer Alice “Is my family safe if I go after these guys?” Organized Crime “Are they really going to ensure my anonymity?”
Governments need anonymity for their security Coalition member Alice Shared network Defense in Depth Untrusted ISP “Do I really want to reveal my internal network topology?” “What about insiders?” Agent Alice “What does the CIA Google for?” Compromised service “What will you bid for a list of Baghdad IP addresses that get email from .gov?”
Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!” Blocked users “It's reachability!
You can't get anonymity on your own: private solutions are ineffective... Officer Alice Investigated suspect ... AliceCorp Competitor Citizen Alice AliceCorp anonymity net Municipal anonymity net Alice's small anonymity net “Looks like a cop.” “It's somebody at AliceCorp!” “One of the 25 users on AliceNet.”
... so, anonymity loves company! Officer Alice Investigated suspect ... AliceCorp Competitor Citizen Alice Shared anonymity net “???” “???” “???”
Current situation: Bad people on the Internet are doing fine Trojans Viruses Exploits Phishing Spam Botnets Zombies Espionage DDoS Extortion
IP addresses can be enough to bootstrap knowledge of identity. Alice 18.244.x.x Amazon account Hotlinked ad Wikipedia post
Tor is not the first or only design for anonymity. Chaum's Mixes (1981) Remailer networks: cypherpunk (~93), mixmaster (~95), mixminion (~02) High-latency ...and more! anon.penet.fi (~91) Low-latency Single-hop proxies V1 Onion Routing (~96) ZKS “Freedom” (~99-01) Crowds (~96) Java Anon Proxy (~00-) Tor (01-)
Outline ● Why anonymity? ● Crash course on Tor ● Future
What is Tor? ● online anonymity software and network ● open source, freely available ● active research environment
● 501(c)(3) non-profit organization dedicated to the research and development of tools for online anonymity The Tor Project, Inc.
~300,000
The simplest designs use a single relay to hide connections. Bob2 Bob1 Bob3 Alice2 Alice1 Alice3 Relay E(Bob3,“X”) E(Bob1, “Y”) E(Bob2, “Z”) “Y” “Z” “X” (example: some commercial proxy providers)
But a single relay is a single point of failure. Bob2 Bob1 Bob3 Alice2 Alice1 Alice3 Evil Relay E(Bob3,“X”) E(Bob1, “Y”) E(Bob2, “Z”) “Y” “Z” “X” Eavesdropping the relay works too.
So, add multiple relays so that no single one can betray Alice. BobAlice R1 R2 R3 R4 R5
A corrupt first hop can tell that Alice is talking, but not to whom. BobAlice R1 R2 R3 R4 R5
A corrupt final hop can tell that somebody is talking to Bob, but not who. BobAlice R1 R2 R3 R4 R5
Alice makes a session key with R1 ...And then tunnels to R2...and to R3 BobAlice R1 R2 R3 R4 R5 Bob2
Who uses Tor? ● Normal people ● Law Enforcement ● Human Rights Activists ● Business Execs ● Militaries ● Abuse Victims
● Tor doesn't magically encrypt the Internet ● Operating Systems and Applications leak your info ● Browser Plugins, Cookies, Extensions, Shockwave/Flash, Java, Quicktime, and PDF all conspire against you
Outline ● Why anonymity? ● Crash course on Tor ● Future
Community ● Many tools make a big splash in the press – Censors need to feel in control; publicity removes the appearance of control ● Increase community diversity – Strong social network ● Funding – Donations, grants, contracts
3-Year Development Roadmap ● Improve Performance ● Client Safety ● Ease of Use and Understanding ● Core Research & Development https://torproject.org/press/ for details
Copyrights ● who uses tor? http://www.flickr.com/photos/mattw/2336507468/siz , Matt Westervelt, CC-BY-SA ● danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/ , hmvh, CC-BY-SA ● 300k, http://flickr.com/photos/tochis/1169807846/sizes/o/ , tochis, CC-BY-NC

Recommended

Social media, mobile phone, and our lonely lives
Social media, mobile phone, and our lonely livesSocial media, mobile phone, and our lonely lives
Social media, mobile phone, and our lonely livesHelen Wu
 
Mobile Marketing Presentation
Mobile Marketing Presentation Mobile Marketing Presentation
Mobile Marketing Presentation thunder::tech
 
Money is not the most important thing in life
Money is not the most important thing in lifeMoney is not the most important thing in life
Money is not the most important thing in lifeSenghour Touch
 
Mobile Marketing
Mobile MarketingMobile Marketing
Mobile MarketingSivaraman Swaminathan
 
Advantages and Disadvantages of Mobile phone
Advantages and Disadvantages of Mobile phoneAdvantages and Disadvantages of Mobile phone
Advantages and Disadvantages of Mobile phoneMuhammad Ali
 
Mobile technology presentation
Mobile technology presentation Mobile technology presentation
Mobile technology presentation Clair Waterbury
 
Science of Happiness Presentation
Science of Happiness PresentationScience of Happiness Presentation
Science of Happiness PresentationJon Unal
 
Presentation on mobile phones
Presentation on mobile phonesPresentation on mobile phones
Presentation on mobile phonessirtwinkles
 

Recommended

Social media, mobile phone, and our lonely lives
Social media, mobile phone, and our lonely livesSocial media, mobile phone, and our lonely lives
Social media, mobile phone, and our lonely livesHelen Wu
 
Mobile Marketing Presentation
Mobile Marketing Presentation Mobile Marketing Presentation
Mobile Marketing Presentation thunder::tech
 
Money is not the most important thing in life
Money is not the most important thing in lifeMoney is not the most important thing in life
Money is not the most important thing in lifeSenghour Touch
 
Mobile Marketing
Mobile MarketingMobile Marketing
Mobile MarketingSivaraman Swaminathan
 
Advantages and Disadvantages of Mobile phone
Advantages and Disadvantages of Mobile phoneAdvantages and Disadvantages of Mobile phone
Advantages and Disadvantages of Mobile phoneMuhammad Ali
 
Mobile technology presentation
Mobile technology presentation Mobile technology presentation
Mobile technology presentation Clair Waterbury
 
Science of Happiness Presentation
Science of Happiness PresentationScience of Happiness Presentation
Science of Happiness PresentationJon Unal
 
Presentation on mobile phones
Presentation on mobile phonesPresentation on mobile phones
Presentation on mobile phonessirtwinkles
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

More Related Content

Recently uploaded

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

Featured

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

2009 01-21-mit-media-presentation

  • 2. Outline ● Why anonymity? ● Crash course on Tor ● Future
  • 3. Informally: anonymity means you can't tell who did what “Who wrote this blog post?” “Who's been viewing my webpages?” “Who's been emailing patent attorneys?”
  • 4. Formally: anonymity means indistinguishability within an “anonymity set” Alice1 Alice4 Alice7 Alice2 Alice6 Alice5 Alice8 Alice3 .... Bob Attacker can't tell which Alice is talking to Bob!
  • 5. Anonymity isn't cryptography: Cryptography just protects contents. Alice Bob “Hi, Bob!”“Hi, Bob!” <gibberish> attacker
  • 6. Anonymity isn't steganography: Attacker can tell that Alice is talking; just not to whom. Alice1 Bob1 .. . Anonymity networkAlice2 AliceN (Strong high-bandwidth steganography may not exist.) Bob2
  • 7. Anonymity isn't just wishful thinking... “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?”
  • 8. ...since “weak” anonymity... isn't. “You can't prove it was me!” Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?” Will others parties have the ability and incentives to keep their promises? Proof is a very strong word. With statistics, suspicion becomes certainty. Not what we're talking about. Nope! (More info later.)
  • 9. Anonymity serves different interests for different user groups. Anonymity Private citizens “It's privacy!”
  • 10. Regular citizens don't want to be watched and tracked. (the network can track too) Hostile Bob Incompetent Bob Indifferent Bob “Oops, I lost the logs. “I sell the logs.” “Hey, they aren't my secrets.” Name, address, age, friends, interests (medical, financial, etc), unpopular opinions, illegal opinions.... Blogger Alice 8-year-old Alice Sick Alice Consumer Alice Oppressed Alice ....
  • 11. Anonymity serves different interests for different user groups. Anonymity Private citizens Businesses “It's network security!” “It's privacy!”
  • 12. Businesses need to keep trade secrets. AliceCorp Competitor Competitor Compromised network “Oh, your employees are reading our patents/jobs page/product sheets?” “Hey, it's Alice! Give her the 'Alice' version!” “Wanna buy a list of Alice's suppliers? What about her customers? What about her engineering department's favorite search terms?”
  • 13. Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!”
  • 14. Law enforcement needs anonymity to get the job done. Officer Alice Investigated suspect Sting target Anonymous tips “Why is alice.localpolice.gov reading my website?” “Why no, alice.localpolice.gov! I would never sell counterfeits on ebay!” Witness/informer Alice “Is my family safe if I go after these guys?” Organized Crime “Are they really going to ensure my anonymity?”
  • 15. Governments need anonymity for their security Coalition member Alice Shared network Defense in Depth Untrusted ISP “Do I really want to reveal my internal network topology?” “What about insiders?” Agent Alice “What does the CIA Google for?” Compromised service “What will you bid for a list of Baghdad IP addresses that get email from .gov?”
  • 16. Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!” Blocked users “It's reachability!
  • 17. You can't get anonymity on your own: private solutions are ineffective... Officer Alice Investigated suspect ... AliceCorp Competitor Citizen Alice AliceCorp anonymity net Municipal anonymity net Alice's small anonymity net “Looks like a cop.” “It's somebody at AliceCorp!” “One of the 25 users on AliceNet.”
  • 18. ... so, anonymity loves company! Officer Alice Investigated suspect ... AliceCorp Competitor Citizen Alice Shared anonymity net “???” “???” “???”
  • 19. Current situation: Bad people on the Internet are doing fine Trojans Viruses Exploits Phishing Spam Botnets Zombies Espionage DDoS Extortion
  • 20. IP addresses can be enough to bootstrap knowledge of identity. Alice 18.244.x.x Amazon account Hotlinked ad Wikipedia post
  • 21. Tor is not the first or only design for anonymity. Chaum's Mixes (1981) Remailer networks: cypherpunk (~93), mixmaster (~95), mixminion (~02) High-latency ...and more! anon.penet.fi (~91) Low-latency Single-hop proxies V1 Onion Routing (~96) ZKS “Freedom” (~99-01) Crowds (~96) Java Anon Proxy (~00-) Tor (01-)
  • 22. Outline ● Why anonymity? ● Crash course on Tor ● Future
  • 23. What is Tor? ● online anonymity software and network ● open source, freely available ● active research environment
  • 24. ● 501(c)(3) non-profit organization dedicated to the research and development of tools for online anonymity The Tor Project, Inc.
  • 26. The simplest designs use a single relay to hide connections. Bob2 Bob1 Bob3 Alice2 Alice1 Alice3 Relay E(Bob3,“X”) E(Bob1, “Y”) E(Bob2, “Z”) “Y” “Z” “X” (example: some commercial proxy providers)
  • 27. But a single relay is a single point of failure. Bob2 Bob1 Bob3 Alice2 Alice1 Alice3 Evil Relay E(Bob3,“X”) E(Bob1, “Y”) E(Bob2, “Z”) “Y” “Z” “X” Eavesdropping the relay works too.
  • 28. So, add multiple relays so that no single one can betray Alice. BobAlice R1 R2 R3 R4 R5
  • 29. A corrupt first hop can tell that Alice is talking, but not to whom. BobAlice R1 R2 R3 R4 R5
  • 30. A corrupt final hop can tell that somebody is talking to Bob, but not who. BobAlice R1 R2 R3 R4 R5
  • 31. Alice makes a session key with R1 ...And then tunnels to R2...and to R3 BobAlice R1 R2 R3 R4 R5 Bob2
  • 32. Who uses Tor? ● Normal people ● Law Enforcement ● Human Rights Activists ● Business Execs ● Militaries ● Abuse Victims
  • 33. ● Tor doesn't magically encrypt the Internet ● Operating Systems and Applications leak your info ● Browser Plugins, Cookies, Extensions, Shockwave/Flash, Java, Quicktime, and PDF all conspire against you
  • 34. Outline ● Why anonymity? ● Crash course on Tor ● Future
  • 35. Community ● Many tools make a big splash in the press – Censors need to feel in control; publicity removes the appearance of control ● Increase community diversity – Strong social network ● Funding – Donations, grants, contracts
  • 36. 3-Year Development Roadmap ● Improve Performance ● Client Safety ● Ease of Use and Understanding ● Core Research & Development https://torproject.org/press/ for details
  • 37. Copyrights ● who uses tor? http://www.flickr.com/photos/mattw/2336507468/siz , Matt Westervelt, CC-BY-SA ● danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/ , hmvh, CC-BY-SA ● 300k, http://flickr.com/photos/tochis/1169807846/sizes/o/ , tochis, CC-BY-NC