Mirimir writes: > Tor is vulnerable to two general sorts of attacks. One involves the use > of malicious relays in various ways to deanonymize circuits. The other > involves the use of traffic analysis to correlate traffic captured at > edges of the Tor network (to users and the websites that they access). > > With ISPs, there's the risk that some organization can monitor traffic > on both ends. It's common to characterize such organizations as "global > passive adversaries". However, a single ISP (or a firm owning multiple > ISPs) could do that, if it provides service to both users and websites. > Also, users who access websites in their own nation via Tor are > similarly vulnerable to their government.
To expand on this theme, there are several traffic attacks that don't require an adversary to be truly "global". Creating a popular relay in the hope that users who are interesting to you will route through it is a pretty cheap and powerful attack (and one that motivated the creation of guard nodes). And there can be timing attacks just based on (sometimes rather coarse-grained) knowledge of when a particular anonymous user was active, which might even come from chat or server logs rather than from monitoring live network traffic, so long as the attacker does have the ability to monitor the first hop. I've taken to saying "someone who can observe both ends" most of the time instead of "the global adversary". (I think the Tor developers often say this too; the global adversary is just someone who can _almost always_ observe both ends.) A kind of challenging wrinkle is that there are a lot of conceivable ways that someone could "observe" one end of the connection. One sometimes underappreciated way is that someone else who was observing it at the time of the communication, including a party to the communication or a server operator, could tell the adversary about it later. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
