[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Possible attack method?? Question..
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Possible attack method?? Question..
- From: "Ringo Kamens" <2600denver@xxxxxxxxx>
- Date: Fri, 11 Jan 2008 16:22:24 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 11 Jan 2008 16:22:34 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=7fv4fyJ6RVO0yEYujqq4TTWjIp6YoXmtbZg7mHni474=; b=VHwYlvk+coYFAEknlb/BemafeP+mKwMNg4hsiAPxZWtbbKtkWgVJlMh30zru8nfVN7lqPt16+pYz01kpDO0lKy/DiOhsp7yptRuMzzK9jDkG7ZJq23aNgOb+pO2ctbK7suyohA6BwmPJ+7Nr4uWfTv9F31MGPFzeF7hEtR25HOc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=E/koMH+4zcckxtqwIRtYmkUl/CrKo/OrXsnoKbmIvuJCTIio1cc3ETgdyhcbiqJ7+NeOgasi+RWEjvQqnGLxEILFFUg2l/ZZmwfrZbLjXrvw6xsLBUKC3c0W0TUKkVMxfz1vVD26OPvZnOoMl5DUZheZMPc0NWb1+pbntnB3raY=
- In-reply-to: <593627.39301.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- References: <593627.39301.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
This kind of attack is only effective over vsst amounts of time and can only conclusively prove who you are if they are able to view all the nodes your data travelled through.
Comrade Ringo Kamens
On Jan 11, 2008 12:44 PM, Anon Mus <a_green_lantern@xxxxxxxxx
This question is for those with the knowhow.
A while back I got a number of emails from the same source where the
emails were sent in "pairs" a minute or less apart.
The first of each of the "email pair" were large (over 700characters),
the second were small (under 50 characters). On the face of it the
"email pairs" appeared to be a genuine error ("oh yes I forgot to
mention" kind of thing) by the sender, so I took no notice at the time.
It was not until this week when re-reading these emails that I realized
the sender had all along been trying to locate me (I was an anonymous
informant). My guess is that my contact was in fact an intelligence
(probably British with the help of the USA) plant out there pretending
to be a (British) activist with a grievance.
My question is, is this "email pair" (of vastly differing sizes) a
possible attack method on a Tor user, by somehow watching and counting
(to estimate the size of) a packet stream?
Never miss a thing. Make Yahoo your home page.