[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Threats to anonymity set at and above the application layer; HTTP headers



Seth David Schoen <schoen@xxxxxxx> wrote:

> Nick Mathewson writes:
> 
> > But from a technical anonymity perspective, choosing an unusual user
> > agent probably isn't a good idea: if 100K Tor users appear to be
> > using user agent X, and you use a less popular user agent Y, it's
> > easier for websites and observers to build a pseudonymous profile
> > for your actions.
> > 
> > This is why I'd really like this discussion to arrive at an improved
> > privoxy configuration to ship with Tor: even if you, personally,
> > know a better configuration than the default, you might still be
> > better off using the default configuration in order to blend in
> > with a larger crowd.
> > 
> > See the "Anonymity loves company" paper for more discussion.
> 
> That is the kind of idea that I have in mind.  If we assume that all
> web sites can tell which connections are from Tor users (for example,
> by consulting a blacklist of Tor exit node IP addresses), then Tor
> users can't increase the size of the anonymity set by using different
> user-agent (etc.) from other Tor users.

They very well can, as long as they never revisit any website
with the same User-Agent.

Additionally regenerating the User-Agent frequently creates
noise in the server log files where other users of less often
used operating systems can hide in, even if they neither use Tor
nor know how to modify their own settings.

> It is also true that Tor users who are afraid of being accused of
> being responsible for other Tor users' activities might want to do
> things that they believe would let them make the case that they were
> _not_ a particular oher user.  Do we need to discuss how common these
> different motives are among different Tor users?

Can you be more specific, how one Tor users could be accused of being responsible for another one? Unless the Tor user is running an exit node
that's very unlikely. Am I missing something?

Fabian
-- 
http://www.fabiankeil.de/

Attachment: signature.asc
Description: PGP signature