Sep 11 2007
By Jim Reavis
Ok, summer vacation was great, I was really goofing off, but RB has been neglected and I have a lot to get caught up on. I have a lot in my inbox I am processing about BlackHat, it was still too crowded, but they fixed the registrations problems so at least I didn’t miss any sessions this year.
I wanted to post a quick one about the one session that is having the biggest impact on me. Jon Callas at PGP organized a session called Traffic Analysis: The Most Powerful and Least Understood Attack Method. Jon assembled a team of experts from industry an academia who basically said that we don’t need to read your files, we can count packets, measure gaps, analyze the traffic patterns and tell you what are in your files anyway. Ok, that is a gross simplification, but the mathematics of traffic analysis is real, and the amount of information that can be gleaned through inference is breathtaking. From voice fingerprinting and cracking SSH passwords to identifying redacted text and anonymous Internet postings, the applications of this technology are mind boggling.
Traffic analysis is clearly something that can be used for good and evil, and intensive research into the topic is needed (hopefully by the good guys). I believe that traffic analysis holds great potential for shedding light on my white whale, click fraud (no, I am not off this topic, it is a big problem - unfortunately everyone is making money off this topic and do not want to “solve” it). This year’s presentation was very primordial, I look forward to seeing how much we have learned next year. Thanks Jon, for putting this together. Articles about the presentation:
Related posts:
Posted by Jim.Reavis on Tuesday, September 11th, 2007, at 7:07 pm, and filed under Articles.
Follow any responses to this entry with the RSS 2.0 feed.
You can post a comment, or trackback from your site.
Post a Comment