Re: Last Call: <draft-farrell-perpass-attack-02.txt> (Pervasive Monitoring is an Attack) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>>>> "Bjoern" == Bjoern Hoehrmann <derhoermi@xxxxxxx> writes:

    Bjoern> I do not really read this in Stephen Farrell's response and
    Bjoern> I am not in fact sure what you
    Bjoern> mean. <draft-farrell-perpass-attack-02.txt>, for all I can
    Bjoern> tell, is telling us that Google Analytics is an attack. The
    Bjoern> above sounds more like it would not be okay for the IETF to
    Bjoern> design some onion routing protocol without considering an
    Bjoern> adversary that can see the raw bits of 99% of publicly
    Bjoern> routed IP packets and analyse them in real time.  --

So, our threat model has included passive monitoring basically since we
first wrote it down.

To me, the interesting changes here are that:

1) The probability of passive monitoring approaches 1.  We know it's
happening which is a stronger statement than we know it may happen or we
know it sometimes happens.
(I'm not saying it's happening everywhere on every link all the time)

2) We know people are collecting data at multiple points and putting
it together.
So, if a request into a system generates a request out of a system to
another party, it's reasonable to assume attackers will be trying to
corrilate the events.




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]