On 09/28/2016 11:35 AM, Philipp Winter wrote: > My colleagues and I published a (not yet peer-reviewed) research paper > on how DNS affects Tor's anonymity. The key parts of our work are: > > - We measure the DNS setup of exit relays over time, showing that at > times Google got to see almost 40% of DNS requests coming out of Tor. > > - We show how website fingerprinting attacks can be augmented with > observed DNS requests, resulting in precise attacks for unpopular > websites. > > - Similar to the "Users Get Routed" work, we simulate the impact of our > attack at Internet-scale using the TorPS simulator. > > The PDF is available online: > <https://nymity.ch/tor-dns/tor-dns.pdf> > > Our project page has code, data, and replication instructions: > <https://nymity.ch/tor-dns/> > _______________________________________________ Excellent work, this is really neat! It reminds me a bit of https://www.cse.buffalo.edu/~mohaisen/doc/14-wpes.pdf, which describes the prevalence accidental .onion lookups on DNS root servers. The issue with 8.8.8.8 is significant. It's easy to point /etc/resolv.conf at Google's DNS because it just works, without realizing the implications. https://xkcd.com/1361/ -- Jesse
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev