Their solution was to re-route traffic to a package management device which clamps on a stain. Ipv6 makes this easy, if the traffic is Ipv4 they tunnel it inside Ipv6 with the stain header in Destination Option header.
Not sure how you would prevent this, besides the obvious answer (dont visit terrorist forums). Jondonym routing traffic through 3 mix servers might help so long as they don't stain your traffic at source by compromising your system. Making your own Tor bridge node is another solution to at least have some sort of safe entrance into the network. Seems they are unwilling to exploit relay nodes and bridges in the leaked slides.
Some slides on a way to do this: http://prezi.com/p5et9yawg2c6/ip-packet-staining/
Their solution was to re-route traffic to a package management device which clamps on a stain. Ipv6 makes this easy, if the traffic is Ipv4 they tunnel it inside Ipv6 with the stain header in Destination Option header.
Not sure how you would prevent this, besides the obvious answer (dont visit terrorist forums). Jondonym routing traffic through 3 mix servers might help so long as they don't stain your traffic at source by compromising your system. Making your own Tor bridge node is another solution to at least have some sort of safe entrance into the network. Seems they are unwilling to exploit relay nodes and bridges in the leaked slides.