>From http://translate.google.com/
On the basis of patterns can be easily identified despite Tor users anonymity than expected. The have Aaron Johnson , Chris Wacek , Micah Sherr and Paul Syverson studied in a scientific study . The authors have investigated here the data that go into the Tor network and compared with those who come out . Especially users of BitTorrent or IRC via gate can be exposed quickly . The problems , however, are known and Tor team has adequately in their FAQs out . Provided that both the attacker can also monitor the incoming and outgoing traffic of at least one or more gateway relays the data can be analyzed and assigned on the basis of comparative patterns of a given IP address . It was only a matter of time , write the authors of the study, at least six months , a user with up to 80 - percent probability 'll identify . For example, since few users abriefen BitTorrent over Tor and a few relays opened the ports for BitTorrent , they also stayed open long , so decreasing the duration of a clearly de-anonymization . Quickly identified by larger attack surface The deanonymisation will accelerate when either the attacker complete control over a portion of the traffic would , for example through an autonomous system (AS ), or even an Internet Exchange Point ( IXP ) . Then the period of identification partly reducing by half. A scenario that classify the scientists in the context of the current discussion of the work of the intelligence services to be realistic. Additional tools that speed up the traffic on Tor network , increase the risk deanonymization also , such as Congestion -Aware Path Selection , identified in the bottle necks and data can be redirected accordingly. The higher the number of guards used by users , the higher the probability to catch a guard, which is overseen by an attacker . countermeasures The four authors of the study but also give hints on how the de-anonymization may be at least delayed , for example by the number of entry guards would be reduced . An increase in the decay time of a Guards could prolong the time until a user is identified. The study indicates that the Tor team this measure have been used in version 0.2.4.12 -alpha. In addition, users could manually reduce the number of entry , exit and exclude nodes. This would indeed sent at the expense of speed more packets of different clients by individual nodes , but they are less likely to be assigned . Although the results of their study are very pessimistic, the authors write . But yet Gate means confidentiality over the Internet for thousands of users . They were optimistic that the Tor team could offer the service and continue to improve . On Thu, Sep 5, 2013 at 10:22 PM, sigi <[email protected]> wrote: > Hi, > > two main german technology news sites are spreading news about the > study: »Users Get Routed: Traffic Correlation on Tor by Realistic > Adversaries« [1] > > They write about 'broken anonymity' for Tor-users: > Tor-Nutzer surfen nicht anonym - Tor users do not surf anonymously > < > http://www.golem.de/news/anonymisierung-tor-nutzer-surfen-nicht-anonym-1309-101417.html > > > > Tor-Benutzer leicht zu enttarnen - Tor users to easily expose > < > http://www.heise.de/security/meldung/Tor-Benutzer-leicht-zu-enttarnen-1949449.html > > > > The articles are german-only - The main point was always stated by the > Tor-devs [2], that anonymity »fails when the attacker can see both ends > of the communications channel« - can anyone out there assess how > serious or new this really is? > > Regards, > sigi > > [1] http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf > [2] https://www.torproject.org/docs/faq.html.en#EntryGuards > -- > tor-talk mailing list - [email protected] > To unsusbscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
