Are there any talks about these papers on youtube or somewhere? I think I find it easier to listen and watch then read or maybe I'm just lazy, not sure.
most papers have slides with audio, and some, including the awards ones will have short frontal talks. this will be released at some point after the conference, but right now looks like you'd have to be registered to see it.
Whenever I search for the title a new machine learning paper, there are a bunch of YouTube videos about it which are just NotebookLM slop. It's straight up environmental pollution.
I don't believe these solutions protect against flow correlation observations. If a global adversary is monitoring the entry and exit points, they can identify the user without needing to decrypt the traffic. There are research papers that demonstrate attacks on both these models.
Onion endpoint sites use encrypted traffic and the padding strategy, too and are still susceptible to the correlation attack.
There's a security blog that publishes research papers on different attack models. It's a total PITA to find but I'll see if I can locate it.
There's some subtlety here so my apologies for the long reply.
Nym/Loopix (and I405, though it's so experimental I feel bad even talking about it) completely defeat end-to-end correlation attacks, where an attacker tries to find statistical similarities between the encrypted traffic on the first hop (from the user's home network to some proxy), and the final hop (from some proxy to the final destination clearnet site).
Tor is trivially vulnerable to end-to-end correlation attacks. In addition to the paper you posted, my favorite is http://petworkshop.org/2007/papers/PET2007_preproc_Sampled_t... , which describes how an adversary monitoring just a small fraction (<0.1%) of traffic at key internet exchanges could deanonymize many Tor users.
Nym/Loopix and I405 defeat end-to-end correlation attacks with the same basic idea: Send fixed-rate traffic on the first hop, regardless of whether the user is actually trying to send any tunneled traffic. Both sample from a statistical distribution to decide when to send the next packet, and they send an empty packet if there is no actual data to send. In this way, the traffic being sent on the first hop does not depend at all on the inner cleartext data the user is sending/receiving.
The Mixmatch paper, which AFAIK is the only published attack against Nym/Loopix, is NOT an end-to-end correlation attack. It relies on the attacker controlling one or more Nym "gateways" (equivalent of guard nodes in Tor) and therefore being able to decrypt traffic from users whose first hop goes through that gateway. Further, I believe that the attack described in this paper becomes increasingly difficult as the number of users increases, and the authors of the paper include Nym developers who are actively making changes to make this attack harder. It's not a fundamental weakness in Nym/Loopix, the way that E2E correlations are for Tor.
Why for Linux images only? I use it with everything. You do not even need to use the GUI, there is transmission-cli. There is transmission-daemon as well, controlled by transmission-remote (or Transmission's web interface), meaning that you can use it on a seedbox.
It's pretty easy to combine docker containers for torrenting and a VPN so that the torrenting doesn't get any network access until the VPN successfully connects. However, I use qbittorrent myself (containerised of course).
