作者:Michael J. Freedman, Emil Sit, Josh Cates, Robert Morris
全文:http://www.cs.rice.edu/Conferences/IPTPS02/182.pdf
摘要:We introduce Tarzan, a peer-to-peer anonymous network layer that provides generic IP forwarding. Unlike prior anonymizing layers, Tarzan is flexible, transparent, decentralized, and highly scalable. Tarzan achieves these properties by building anonymous IP tunnels between an open-ended set of peers. Tarzan can provide anonymity to existing applications, such as web browsing and file sharing, without change to those applications. Performance tests show that Tarzan imposes minimal overhead
over a corresponding non-anonymous overlay route.
Saturday, December 22, 2007
Introducing Tarzan, a Peer-to-Peer Anonymizing Network Layer
US服务器被河蟹了
作者:onlyalizee 来源:爱婕入迷
今天收到我们一块合租美国ixweb的服务器的组织者pony.ch的邮件,果然没有猜错,ixweb的共享IP:98.130.28.2被GFW河蟹掉了,所有用这个ip的兄弟都遭殃。而其他使用独立IP的没事,还好,我比较幸运,使用的是独立IP,而今天,据我们合租服务器建立自己的网站不到一个月,GFW的速度真够快的,估计是98.130.28.2的某个空间上有了不和谐的内容了。合租之前大家都清楚肯能遇到这样的问题,但是因为在国内租用服务器建立blog网站之类的手续很麻烦而且很危险有随时被关掉的危险!我心理承受能力较差,在遭受完上次onlyalizee.cn的空间提供商不告而关闭网站删除数据的事情后我更是对这种事情避而远之。
GFW终究还是来了,没有想到这么快,不知道我的独立IP的什么时候会被和谐….生活在这样的country真是困难,不仅要遭受各大国有垄断企业的光明正大的敲诈与剥削,而且还要整天忍受那些所谓的“砖家”“叫兽”们的无聊言语,让人真是寒心,没办法,虽然这些方面都让人难以忍受,但是我还是深爱这这个国家。因为这是我的祖国,我的父母亲人的祖国,而且有着足以让我自豪终身的很多东西,因此任何胆敢向我们最爱的国家发起挑衅或者敌视的行为我都会极力反对。
讲到国家荣誉,联想到最近的南京大屠杀70周年的纪念,我想说对某些无耻的倭国不自量力胆敢再次挑衅我们伟大祖国的贼子们永远要进行打击,曾经给我们造成了极大的损害,有些事情注定是不能被原谅的!
对了,今天是澳门回归祖国8周年,庆祝下,我们的前途很美好,祖国不够完美,我们要努力让他完美。
广东突发重大事件公安可断网 暂停任何系统
来源:新快报 转自:新华网
《广东省计算机信息系统安全保护条例(草案修改三稿)》(以下简称《条例》)在昨日举行的省十届人大常委会第三十六次会议上获得通过。相对于上次提交审议的草案,《条例》此次增加了“对计算机信息系统将实行安全等级保护”等内容。根据《条例》,计算机信息系统将按照其在国家安全、经济建设、社会生活中的重要程度等因素分为五个等级。而信息系统必须在通过等级测评后方可投入使用,否则将处相关个人五千元以下、单位一万五千元以下罚款。
计算机信息系统分五级
根据《条例》,计算机系统将实行安全等级保护,根据计算机信息系统在国家安全、经济建设、社会生活中的重要程度,计算机信息系统受到破坏后对国家安全、社会秩序、公共利益以及公民、法人和其他组织的合法权益的危害程度等因素,计算机信息系统被分为五级:计算机信息系统受到破坏后,可能对公民、法人和其他组织的合法权益造成损害,但不损害国家安全、社会秩序和公共利益的,为第一级;受到破坏后可能对公民、法人和其他组织的合法权益产生严重损害,或者可能对社会秩序和公共利益造成损害,但不损害国家安全的,为第二级;受到破坏后可能对社会秩序和公共利益造成严重损害,或者可能对国家安全造成损害的,为第三级;受到破坏后可能对社会秩序和公共利益造成特别损害,或者可能对国家安全造成严重损害的,为第四级;受到破坏后可能对国家安全造成特别严重损害的,为第五级。
公安有权暂停任何系统
《条例》规定,第二级以上计算机信息系统的运营、使用单位未建立安全保护组织的,第二级以上计算机信息系统的运营、使用单位在计算机信息系统投入使用前未经符合国家规定的安全等级测评机构测评合格的,将由公安机关责令限期改正,给予警告;逾期不改的,对单位的主管人员、其他直接责任人员将处五千元以下罚款,对单位则处一万五千元以下罚款。
《条例》还规定,对计算机信息系统中发生的案件和重大安全事故,计算机信息系统的运营、使用单位应当在二十四小时内报告县级以上人民政府公安机关,并保留有关原始记录。第二级以上计算机信息系统发生重大突发事件,有关单位应当按照应急处置预案的要求采取相应的处置措施,并服从公安机关和国家指定的专门部门的调度。同时,地级以上人民政府公安机关、国家安全机关为保护计算机信息安全,在发生重大突发事件,危及国家安全、公共安全及社会稳定的紧急情况下,可以采取二十四小时内暂时停机、暂停联网、备份数据等措施。
Sabbia: a low-latency design for anonymous networks
作者:Claudio Agosti,Stefano Zanero
全文:http://www.s0ftpj.org/docs/sabbia-pet2005.pdf
摘要:We present Sabbia, a novel approach for building a low latency anonymous network. Sabbia is characterized by a simple design which offers a perfect forward anonimity to internet traffic, using normal, user-space software. Sabbia is based on natural network concepts to optimize routing, a steganographic approach for data hiding which does not heavily impact performance, and uses expert algorithms and protocol dissection at application layer in order to solve automatically some well-known security problems.
On the anonymity of anonymity systems
作者:Andrei Serjantov
全文:http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-604.pdf
摘要:Anonymity on the Internet is a property commonly identified with privacy of electronic communications. A number of different systems exist which claim to provide anonymous email and web browsing, but their effectiveness has hardly been evaluated in practice. In this thesis we focus on the anonymity properties of such systems. First, we show how the anonymity of anonymity systems can be quantified, pointing out flaws with existing metrics and proposing our own. In the process we distinguish the anonymity of a message and that of an anonymity system.
Secondly, we focus on the properties of building blocks of mix-based (email) anonymity systems, evaluating their resistance to powerful blending attacks, their delay, their anonymity under normal conditions and other properties. This leads us to methods of computing anonymity for a particular class of mixes – timed mixes – and a new binomial mix.
Next, we look at the anonymity of a message going through an entire anonymity system based on a mix network architecture. We construct a semantics of a network with threshold mixes, define the information observable by an attacker, and give a principled definition of the anonymity of a message going through such a network.
We then consider low latency connection-based anonymity systems, giving concrete attacks and describing methods of protection against them. In particular, we show that Peer-to-Peer anonymity systems provide less anonymity against the global passive adversary than ones based on a “classic” architecture.
Finally, we give an account of how anonymity can be used in censorship resistant systems. These are designed to provide availability of documents, while facing threats from a powerful adversary. We show how anonymity can be used to hide the identity of the servers where each of the documents are stored, thus making them harder to remove from the system.
Using caching for browsing anonymity
作者:Anna M. Shubina,Sean W. Smith
全文:http://www.cs.dartmouth.edu/~sws/pubs/ss03.pdf
摘要:Privacy-providing tools, including tools that provide anonymity, are gaining popularity in the modern world. Among the goals of their users is avoiding tracking and profiling. While some businesses are unhappy with the growth of privacy-enhancing technologies, others can use lack of information about their users to avoid unnecessary liability and even possible harassment by parties with contrary business interests, and to gain a competitive market edge.
Currently, users interested in anonymous browsing have the choice only between single-hop proxies and the few more complex systems that are available. These still leave the user vulnerable to long-term intersection attacks.
In this paper, we propose a caching proxy system for allowing users to retrieve data from the World-Wide Web in a way that would provide recipient unobservability by a third party and sender unobservability by the recipient and thus dispose with intersection attacks, and report on the prototype we built using Google
Subscribe to:
Posts (Atom)
