Princeton boffins sniff Tor users' IDs from TCP ACKs and server sweat Tor is regularly recommended as a vital privacy protection technology, and just as regularly, researchers discover ways to de-anonymise users, and the latest of these has just hit Arxiv. The research, led by boffins from Princeton, demonstrates ways to de-anonymise Tor users with access to just one end of a communication path …
Hasn't this technique been known 'in theory' for a while? If I remember correctly, a mitigation method would be for the Tor server to buffer data packets and then 'stutter' the timing in a random way, even allowing a recent packet to be relayed on before a previous packet. (I might be getting this mixed up with something else).
"Stutter" doesn't help much, simple techniques like analysing moving averages of packet flows could still be used to correlate the traffic flowing in and out of the network. The kind of latency that would need to be introduced to counter this would render Tor pretty well unusable for browsing.
Not as exciting a headline maybe, but really this is just a specific set of examples of a traffic analysis attack that Tor doesn't claim to defend against - that where the attacker has access to traffic at both ends of the connection. Tor is quite upfront about this on their website, blog etc.
TOR is a rather better VPN than most VPNs! A 2009 study compared various anonymity systems. VPNs in general came up short. Presumably you are envisaging using a commercial VPN to connect to the entry node to obfuscate things further - then it depends on assumptions - the most significant being that those wishing to deanonymise users haven't already backdoored or are actively monitoring the VPN.
Using a VPN with TOR is a bit like putting a layer of 64bit encryption on something already encrypted with 4096 bit encryption. It's better, but the effort to deanonymise the VPN traffic will be a lot less than the effort to deanonymise TOR traffic.
This can only be used if the Tor user is accessing the clearnet through Tor.
How does this affect people accessing onion sites.
Obviously if someone has been led to a honeypot site with a clearnet image in it this applies, but if everything is contained within the Tor network exit nodes become a moot point.
Any sane person needing hard security would most likely use two layers of protection at least surely. I.e. a free SSH tunnel through the Tor network?
Actually, is this really news?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
