>>Astoria [is] both most effective and most usable when at its highest security level, the researchers say, so "Astoria is a usable substitute for the vanilla Tor client only in scenarios where security is a high priority."<p>I'm still working through the research paper[1] linked at the end of the article, but if Astoria is as good as described, wouldn't Tor either adopt the same node selection policies, or people shift over to Astoria wholesale?<p>[1] <a href="http://arxiv.org/pdf/1505.05173.pdf" rel="nofollow">http://arxiv.org/pdf/1505.05173.pdf</a><p>EDIT: From the paper, quotes below provide much clearer context for the quote in the article:<p>"From our evaluation of Astoria, it is clear that the performance-security trade-off is favorable only in its higher security configurations. [...] However, at lower security configurations, the performance offered by Tor is clearly better, and its security, only slightly worse. Therefore, Astoria is a usable substitute for the vanilla Tor client only in scenarios where security is a high priority."
I'm not done reading the paper, but I suspect that astoria clients could be distinguished from regular tor clients at least by the fact that they do not pre-build circuits.<p>This means that the anonymity set has been partitioned, especially given that the authors say "From our evaluation of Astoria, it is clear that the performance-security trade-off is favorable only in its higher security configurations."<p>So there is a danger that people who perceive themselves to need higher security and use this client will lose anonymity guarantees as they are mixing with a much smaller group of people who all consider themselves "interesting targets".<p>The big reason tor is so effective is because they've performed a lot of outreach and gotten different groups to use it, resulting in a large and heterogenous set of users.<p>Of course, this is still very interesting research, and maybe it will be integrated into the official tor client. I know there have been many discussions of AS-path-based selection in the past.
"designed to beat" means better, not perfect. Imperfect means eventually it gets beat. The NSA might say what the IRA told Margaret Thatcher, "Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always."
Isn't the classical solution to this encryption problem to always send packages in the same size at regular intervals. If each host adds a layer of encryption you can't match the packages at the end points. Is this just too expensive? (I'm not an expert so genuine question from my naive POV.)
I really wish more people and companies would host things on Tor's hidden services, avoiding the entire notion of exit nodes and the cleartext network.
>> Astoria also opens multiple avenues for future work such as integrating realtime hijack and interception detection systems (to fully counter RAPTOR [18] attacks)<p>This is really interesting. I'm curious how that would work.
"Astoria reduces the number of vulnerable circuits from 58 percent to 5.8 percent, the researchers say"<p>Yes, their researched showed that exactly 5.8% circuits would be vulnerable with their change, and measured it accurately to 0.1%.<p>The research did not say that vulnerability would be around 10% of the original amount +/- 5%
Maybe this isn't a new idea. But it seems that more Tor exit points would be a big help. Has anyone made a tool that's both and entry and exit point. You could control the amount of bandwidth exiting. This way the exit points would be more transient - like Bittorrent peers.
The problem is getting Tor itself as per Snowden docs they capture your identifiers for later surveillance so need to Jason Bourne around the city to anonymously fetch Tor.