TOP SECRET BULLETIN ABOUT THE RACCOON EFFECT - tor-dev

23 Dec 2020


      Was the Raccoon ACTUALLY RIGHT after ALL THESE YEARS:
           Proof of a SOLO CUTTING EDGE PARADIGM SHIFT, or
         an ALIEN INTERVENTION to EXPOSE ACADEMIC CONSPIRACY?
by
                             Raccoon23
(You'll have to excuse my caps lock: I am going for a world record high
score on the crackpot index[1,2]. Cypherpunk lore has a loooong history
of high scores in this index, so I really do have to work very hard to
get every point I reasonably can. However, I'm already at 226 points in
the title, by my count. Plus I've got this[3] going for me, which is
nice.)
But enough about that. Let's get to the meat[4]!
Recent advances in traffic analysis defenses have finally proved that my
controversial but revolutionary theories[5,6] are valid, overturning
decades of theories about traffic analysis attacks against anonymity
networks!
Ok ok, so I might have made a mistake in the math[7]. But I'm just a
Raccoon who reads discarded academic research papers in a dumpster.
While I have been highly educated through my dumpster schooling, one
can't expect raccoons to do math correctly. Such math is best left to
others who can properly express my theory in terms of equations.
Others like Panchenko, Pulls, Danezis, Kadianakis, et al; and maybe
Perry. (But probably not Perry.)
I have worked on this problem *alone* for many years, while I was in or
around many highly respected mental institutions. I was even cautioned
to take a break, by my therapeutic advisors. Probably because I was
getting too close to the TRUTH!
However, as we shall see, this was not entirely a solo effort. This
leaves only one possibility: ALIEN INTERVENTION[8].
But before we get to that, much has happened since my two posts on this
topic, over a decade ago.
So let's recap:
My two posts were written in opposition to the orthodox view that
anonymity networks would always be 100% broken by traffic correlation
attacks, and so therefore side channels such as cryptographic tagging
attacks were not worth including in Tor's threat model.
Paul Syverson, the famous self-appointed defender of the orthodoxy of
onion routing, argued most vigorously against my points, carefully
trying to correct me. But I would not be dissuaded! (I love you Paul!
Just scoring crackpot points.)
Paul's clout with the "scientific establishment" is clearly very strong.
Paul has had a distinguished career, being named in The Foreign Policy
Top 100 Global Thinkers List in 2012[9], and named an ACM Fellow in
2014[10].
As evidence of his obvious involvement in the scientific conspiracy
against me, consider that my original post was cut short "somehow" on
the official Tor Project mailing list archive[11], compared to the
original[5].
This is also not the first time a famous thinker has suppressed an idea
that they secretly believed in. Elon Musk, renowned and respected former
proponent of the Simulation Hypothesis[12], clearly knows that optimized
versions of the Alcubierre Drive[13] are realizable using excess exotic
matter accumulated during particle accelerator "downtime". Downtime, I
might add, that is facilitated by a Tor Project volunteer administrator
who goes by the codename 'weasel', who subsequently faked his own death
to avoid implication[14]. These are the kinds of people we are dealing
with here. They will stop at NOTHING to conceal the TRUTH!
Elon has since begun a cover-up of the Simulation Hypothesis[15],
presumably because someone collected his bounty to help him escape The
Matrix[16]. Despite all of this being so obviously exposed, Elon still
pursues his wasteful and foolish rocketry! Merely because he likes
lighting things on fire[17], digging tunnels[18], and playing with
electricity[19]. Elon, the raccoons can relate -- we just wish you would
come clean, and admit you did it all for the tunnel rave...
Anyway, I digress. Some time after my post, I would learn from my daily
dumpster deliveries that Website Traffic Fingerprinting had became a fad
in academic research circles. Website Traffic Fingerprinting is a form
of traffic analysis that uses machine learning to recognize website
access over Tor, by observing only the encrypted traffic patterns
entering the Tor network.
For ethical and practical reasons, these attacks are performed in lab
conditions on researcher generated web crawls, often using individual
static web page access, rather than involving interactive user web
browsing or other concurrent Tor activity common to real-world Tor
usage.
Mike Perry, a suspiciously private employee of the Tor Project,
critiqued the limitations of these lab conditions, and questioned the
accuracy of many of these attacks in realistic settings[20]. Perry and
Kadianakis also developed a framework for building traffic analysis
defenses for Tor[21].
Despite this, or perhaps because of it, a long series of attacks and
defenses ensued, and the advent of deep learning[22] caused many to
believe that defenses against deep learning based Website Traffic
Fingerprinting attacks were as hopeless as trying to defend against
end-to-end correlation.
I watched from my dumpster as these hidebound reactionary responses to
traffic analysis defenses continued for many years, seemingly trying to
bait me out of hiding, to no avail[23]. (To be honest, I don't even know
what hidebound means. I'm just a raccoon. But saying that gets me
crackpot points. And it totally happened!)
However, I was eventually delighted to see that some recent advances by
others had arrived in my dumpster, finally allowing my ideas to have
vindication!
Recently, Panchenko et al found traffic splitting to be highly effective
against state of the art Website Traffic Fingerprinting attacks based on
deep learning[24].
Concurrently, Tobias Pulls used Perry and Kadianakis's padding machines
in an optimization problem, using a Genetic Algorithm to evolve optimal
padding machines against deep learning classifiers, for use in defense
against Website Traffic Fingerprinting[25]. With this result, we have
finally entered the age of the machines versus the machines. Raccoon
math, while groundbreaking, is no longer necessary.
Both of these defenses were highly successful on their own.
However, with the combination of traffic splitting and cover traffic
defenses, Tor will be on the CUTTING EDGE of making a PARADIGM SHIFT in
its threat model, to tackle the hardest problem of all: END-TO-END
TRAFFIC CORRELATION.
Allow me to present my case:
Einstien once posited that time was relative. While Einstien's theory of
relativity was fundamentally misguided, time is relative. Relative to
the problem of both end-to-end traffic correlation, and Website Traffic
Fingerprinting.
Einstien, in his later years, even alluded to quantum observation
correlation as "spooky action at a distance", setting precedent for the
connection that I have known all along to be true. Einstien might not
have been as insightful as me, but for all his fumbling, Einstien was
right about one thing: correlation attacks *are* spooky. Metadata kills
people[26]. (Sadly, that is not a joke...)
Unfortunately, Einstien's results were incomplete, and his groping to
unify these problems was not properly understood by any, except yours
truly. Deep learning was so successful at Website Traffic Fingerprinting
that most researchers did not even bother to provide their deep learning
classifiers with time-based features. They claimed their classifiers
were accurate enough without considering time at all! We now know this
to be false, thanks to the independent discoveries of new defenses by
the teams of Panchenko and Pulls.
As it turns out, quantum mechanics is also fundamentally misguided. We
now know that the universe appears to be made up of fragments of energy
at a fundamental level[27]. In fact, after all these years, raccoons and
their allies (alien or otherwise) seem to be almost as close to unifying
physics as we are to addressing end-to-end correlation in Tor!
Indeed, once time is included as a feature, deep learning based Website
Traffic Fingerprinting attacks will effectively be correlating the
timing and traffic patterns of websites to their representations in its
neural model. This model comparison is extremely similar to how
end-to-end correlation compares the timing and traffic patterns of Tor
entrance traffic to Tor exit traffic. In fact, deep learning classifiers
have already shown success in correlating end-to-end traffic on Tor[28].
Some say that Long Term Statistical Disclosure (LTSD) attacks will still
always win the end-to-end correlation game against anonymity networks,
in the fullness of time[29].
However, LTSD attacks are only a theory. And much like quantum
mechanics, relativity, and LSD, these attacks also warp one's perception
of reality, time, and space. All of these theories are fundamentally
misguided.
LTSD attacks predict that over time, correlation gradually leaks enough
information to fully deanonymize users of anonymity networks. But also
much like quantum mechanics, they fail to fully define the mechanism.
Consider this thought experiment (feel free to use whatever mind
expanding devices you have at hand to assist you): LTSD assumes that an
adversary has complete high resolution information of all traffic that
enters and exits an anonymity network. Additionally, LTSD assumes that
an adversary has identifiers available to properly track traffic streams
on *each* side of the correlation, over the full duration of observation
and long-term correlation.
Several real-world effects undermine these assumptions. Widespread
deployment of HTTPS[30], the trend towards encrypted DNS and SNI, shared
cloud infrastructure, and the practical infeasibility of full
Internet-wide traffic record keeping, all reduce the ability of the
adversary to track repeated connections over time. Additionally,
defenses that multiplex traffic entering the Tor network with traffic
splitting and cover traffic undermine the adversary's ability to fully
determine traffic time and quantity information that pertains to
specific connections.
All of this means that the LTSD adversary, much like Einstien's
light-riding cowboy and Schrodinger's cat, remain an idealized
approximation of reality.
Despite the results of the DeepCorr experiment[28], from this thought
experiment, it is clear that correlation can be mitigated, perhaps even
pushing long-term correlation attacks into time durations that allow for
many practical use cases, even web browsing.
As we know from the historical record[31], aliens need anonymity
too[32]. And when their hyper-dimensional cats join with all of the
raccoons[33] and other creatures who are using Tor on a regular basis,
the quantity of co-incident events (and unmatched pairs due to to
incomplete observation) will rise high enough to cause LTSD to require
larger and larger amounts of observation time, to perform effective
correlation.
This by itself is a huge win. We can now say with certainty that The
Raccoon Effect has thoroughly discromulated correlation attacks.
(Discromulation is my term to describe what this kind of defense does.
Most interestingly, I am forced into winning this crackpot point.
Because deep learning is an opaque machine generated attack, and because
the GA-optimized defense is also machine generated, it is actually
impossible to precisely describe the complete behaviors of either one,
other than with the resulting model definitions themselves! Brave new
world.)
Now, what about alien intervention? Well, assuming we do not consider
the AI that participated in this work to be alien: if aliens did
intervene, none would argue the discromulating conflugruity of The
Raccoon Effect. Unfortunately however, I can neither confirm nor deny
these allegations[34], at this time[35].
But that's not all! Since the circuit padding framework is implemented
in Tor, this means that it is covered by Tor's bug bounty. While
research papers that break padding defenses are not covered by the
bounty (especially if those defenses are not actually deployed), there
*is* in fact prize money for any flaws found in the framework that could
lead to code execution, or deanonymization[36].
In conclusion:
Here I am, setting a world record high score on the crackpot index
(despite many admirable high scores by previous cypherpunks), and I was
RIGHT ALL ALONG. I deserve a Nobel Prize for this work. But I do not
expect to get one. I expect the brownshirts and Nazis embedded in the
scientific establishment to continue to work hard to suppress my TRUTH.
Even the crackpot index itself is involved in this conspiracy of
scientific suppression. John Baez, the creator of the crackpot index,
would surely confirm this, if he was not also part of the conspiracy
against me! I have included him on CC, just in case he would like to
recant his suppression of my original thinking, before his show trial.
Like Galileo, I will cede no ground in this Inquisition!
In fact, much like myself, even Newton struggled through a pandemic[37],
and prevailed. We are more alike than you know. Newton tossed apples to
many a raccoon in his garden. That's how we taught him to poorly
approximate gravity (even though his misguided and simple calculus was
barely up to the task).
In these tough times, it is very satisfying to finally have vindication.
As the Base Rate Fallacy showed all those years ago: The Raccoon Effect
is real. THEY are watching; but WE are Legion[38].
Unfortunately, the reproducibility crisis in science is also real. More
than ten years later, it is *still* often hard to reproduce, confirm,
and compare results across the various papers that end up in my
dumpster. Venues that do not have artifact archival policies are, in
fact, on the verge of becoming shams. I am glad that some venues, and
some researchers, are recanting the old ways[39,40].
The paper is not the only product of good research!
P.S. You'll have to keep this all much more secret than I did. I don't
want anyone to steal these ideas; the aliens might get upset. 2020 is
not over!
P.P.S. This sentence gets me #4. (As a liar's paradox[41]). Some say this
puts me in a superposition of both getting and not getting #4, and I
inherently can't get those points in this way. But I say that should get
me double points! (And thus earn more points for #5). Gotta collect 'em
all.
P.P.P.S. At 1004 points on the crackpot index, I believe this post is
now the highest scoring publication with a valid novel idea that has
been written, to date[2].
P.P.P.P.S. Fucking bored as fuck during this fucking pandemic. Fuck![42]
1. https://math.ucr.edu/home/baez/crackpot.html
2. https://www.reddit.com/r/math/comments/4r05wh/has_anyone_with_a_high_crackpo...
3. https://en.m.wikipedia.org/wiki/Betteridge%27s_law_of_headlines
4. http://www.stinkymeat.net/
5. https://archives.seul.org/or/dev/Mar-2012/msg00019.html - Raccoon23 Post1
6. https://archives.seul.org/or/dev/Sep-2008/msg00016.html - Raccoon23 Post2
7. https://conspicuouschatter.wordpress.com/2008/09/30/the-base-rate-fallacy-an...
8. https://fahrplan.events.ccc.de/congress/2006/Fahrplan/speakers/1242.en.html
9. https://awards.acm.org/award_winners/syverson_5067587
10. https://web.archive.org/web/20121130072122/http://www.foreignpolicy.com/arti...
11. https://lists.torproject.org/pipermail/tor-dev/2008-September/002493.html
12. https://en.wikipedia.org/wiki/Simulation_hypothesis#The_simulation_argument
13. https://en.wikipedia.org/wiki/Alcubierre_drive
14. https://www.bbc.com/news/world-europe-36173247 - Weasel takes down LHC
15. https://www.slashgear.com/elon-musk-has-banned-hot-tub-talks-about-simulated...
16. https://www.forbes.com/sites/janetwburns/2016/10/13/elon-musk-and-friends-ar...
17. https://www.youtube.com/watch?v=qLcma0YyzhY - Elon Musk Flame Thrower
18. https://www.yogonet.com/international/noticias/2020/12/07/55695-boring-compa...
19. https://www.inverse.com/innovation/tesla-electric-jet-3-4-years-away
20. https://blog.torproject.org/critique-website-traffic-fingerprinting-attacks
21. https://github.com/torproject/tor/blob/master/doc/HACKING/CircuitPaddingDeve...
22. https://arxiv.org/pdf/1801.02265.pdf - Deep Fingerprinting Tor
23. https://www.youtube.com/watch?v=TvjMr6DU7C8 - Raccoon call
24. https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-delacadena-traf...
25. https://arxiv.org/abs/2011.13471 - Pulls GA Defense
26. https://abcnews.go.com/blogs/headlines/2014/05/ex-nsa-chief-we-kill-people-b...
27. https://www.full-thesis.net/fragments-of-energy-not-waves-or-particles-may-b...
28. https://people.cs.umass.edu/~amir/papers/CCS18-DeepCorr.pdf
29. https://www.freehaven.net/anonbib/cache/statistical-disclosure.pdf
30. https://transparencyreport.google.com/https/overview?hl=en
31. https://en.wikipedia.org/wiki/Accelerando#Characters
32. https://fahrplan.events.ccc.de/congress/2006/Fahrplan/attachments/1167-Speak...
33. https://www.youtube.com/watch?v=jSRfIMjvtFk - Raccoons and cats <3
34. https://edition.cnn.com/2020/04/27/politics/pentagon-ufo-videos/index.html
35. https://www.nbcnews.com/news/weird-news/former-israeli-space-security-chief-...
36. https://hackerone.com/torproject
37. https://www.msn.com/en-ie/news/coronavirus/during-a-pandemic-isaac-newton-ha...
38. https://www.youtube.com/watch?v=Ofp26_oc4CA - Raccoons are Legion
39. https://www.usenix.org/conference/usenixsecurity21/artifact-evaluation-infor...
40. https://petsymposium.org/artifacts.php
41. https://en.wikipedia.org/wiki/Liar_paradox
42. https://www.youtube.com/watch?v=04_rIuVc_qM - WTF
For Karsten:
https://cs5.livemaster.ru/storage/3a/1f/1449eb23f3c3b318ab4960815fn4--waterc...