[linux-elitists] What to do about RIAA?

Eugene.Leitl@lrz.uni-muenchen.de Eugene.Leitl@lrz.uni-muenchen.de
Sat Feb 24 13:26:59 PST 2001


Kurt Seifried wrote:
 
> "Anonynimity loves a crowd"

Sure, check out how many SSL and streaming multimedia sessions are out there.
Or compressed content downloading sessions.
 
> The plan was to get a LOT of people using freedom, so that using it wouldn't be
> to far out of the ordinary. Face it, totally hiding traffic/etc is damn near

Wrong approach. You have to make Freedom look like bona fide SSL traffic, right
from the start. You can't block/filter that, at least without sophisticated 
traffic analysis. No one has that much resources, at least not now.

> impossible, You may want to pick up "Lecture Notes in COmputer Science 1895" and
> read the "Finding a connection chain for tracing intruders". This is something

We need to address the current threat model. Statistic traffic analysis is this
not. Just use standart ports, and don't send in clear, that's all.

> freedom did address, by padding traffic between nodes to constant values they
> make traffic analysis exceedingly difficult.

Um, does Freedom look like a SSL browser session, now?
 
> This is an extremely non-trivial problem.

I disagree. It is only extremely non-trivial if you don't want the NSA bust your 
ass, while trading stolen nukes. RIAA NSA is not. IP mafia will never get the mandate
to get that intrusive.



More information about the linux-elitists mailing list