Presented at
DEF CON 15 (2007),
Aug. 4, 2007, 1 p.m.
(50 minutes).
Any attacker can scam one or two users into revealing themselves, but do you know how to talk an entire community of smart hackers into weakening its anonymity?
In spite of progress in traffic analysis, social engineering attacks remain the most effective way to break users' anonymity and one of the best force multipliers for traditional traffic analysis attacks. Why bother doing traffic analysis when you can trick users into isolating themselves using nothing more than an IRC client? I'll discuss social attacks to circumvent and weaken existing anonymity networks, from the obvious to the intricate.
This talk will include analysis of historical attacks against the Mixmaster and Cypherpunk remailer networks, and advice for building and using anonymity tools to resist these attacks.
Presenters:
-
Nick Mathewson
Nick Mathewson Nick Mathewson is an anonymity researcher, software engineer, and privacy hacker. His research at MIT concentrated in verifying privacy properties in Java bytecodes; he received an M.Eng in 2000. Since 2002, he has worked on anonymity, first as lead developer on Mixminion; and as a core developer on the Tor Project since 2002. His research focuses on attacking and strengthening anonymity networks. He lives in Cambridge, Massachusetts.
Links:
Similar Presentations: