[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Threats to anonymity set at and above the application layer; HTTP headers



If you are up an adversary such as the government, then you will
always end up on the "it could be this person list". If you are
referring to a situation where the person runs the first node and end
site it probably wouldn't help.

On 5/22/06, Helge Preuss <scout@xxxxxxxxxxxxxxxxxxxx> wrote:
Seth David Schoen wrote:
> * timing of access (what time zone are you in, when do you usually do
> something?) -- for communications with non-randomized latency < 1 day
>
> * typing patterns (cf. Cliff Stoll's _Cuckoo's Egg_ and the Song et al.
paper)
>
> * typing speed
A question crept up to me and this thread seems the right place to ask
it (although it certainly has been asked before).
If I cause a lot of meaningless traffic over tor, couldn't I hide
meaningful traffic in this noise and thus be secure against timing
attacks? Say, I start a large download and visit a website while it
runs. Wouldn't a global observer only see the net traffic coming from
my node? Wouldn't this make it impossible for them to correlate this
traffic with the traffic at the website I visited?