[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Advanced Deanonymization Attacks

To: tor-talk@xxxxxxxxxxxxxxxxxxxx, liberationtech <liberationtech@xxxxxxxxxxxxxxxxxx>, Whonix-devel <whonix-devel@xxxxxxxxxx>
Subject: [tor-talk] Advanced Deanonymization Attacks
From: Patrick Schleizer <patrick-mailinglists@xxxxxxxxxx>
Date: Mon, 22 Aug 2016 18:59:00 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 22 Aug 2016 14:59:58 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

A number of advanced deanonymization attacks. These do not just apply to
Whonix, but any anonymity system. Some are also general security issues.

Rather than exploiting bugs in the hypervisor to break out, some of
these attacks rely on the design of the underlying hardware to bypass
privilege separation boundaries and extract (or leak) sensitive
information to the network. No need for alarm, there are many
qualifications to this and details in the listed tickets on proposed
countermeasures. We are interested in cooperation to better assess the
performance impact of the planned fixes.

- Keystroke Deanonymization: [1]

- Advanced Attacks Meta ticket: [2]

-- CPU-induced latency Covert Channel: [3]

-- Cross-VM cache attacks countermeasures: [4]

-- DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks: [5]

-- TCP ISNs and Temperature induced clock skews: [6]

Cheers,
Patrick

[1] https://phabricator.whonix.org/T5421
[2] https://phabricator.whonix.org/T5401
[3] https://phabricator.whonix.org/T530
[4] https://phabricator.whonix.org/T539
[5] https://phabricator.whonix.org/T541
[6] https://phabricator.whonix.org/T543
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Advanced Deanonymization Attacks
  - From: Patrick Schleizer

Prev by Author: [tor-talk] Censorship on this list
Next by Author: Re: [tor-talk] Advanced Deanonymization Attacks
Previous by thread: Re: [tor-talk] List messages marked as spam by gmail
Next by thread: Re: [tor-talk] Advanced Deanonymization Attacks
Index(es):
- Author
- Thread