[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How can I set going more one Tor daemons?



Hi!

On Sat, Aug 15, 2009 at 09:09:52PM -0400, Ringo wrote:
>"Cover traffic is only there if the tor instance(s) also run as relay."

>I was talking about clients, not servers just to clarify. If multiple
>Tor instances are running in client mode (or even in one instance, if
>there's a lot of traffic), it becomes harder to do traffic analysis and
>pin one circuit to one user.

>Am I mistaken in that conclusion?

I think you are indeed.

If you run the instances as client only, there's no cover traffic, just
the traffic of the different users.

If you run separate tor instances, their circuits (first hop) are
necessarily on different TCP connections, so their different usage
patterns will show separately.  If you run one tor instance for all
users, they might use the same entry guard together, multiplexing the
different usages onto one TCP connection to the same entry guard.  That
hides the usage patterns by adding them together, IMO.  The second hop
then might split up or not, depending on needs, and even more so the
third hop (from the second to the exit node, where the dependency on the
exit policies comes to play a role).  I don't know/remember whether tor
relays in turn multiplex traffic "received" from different clients
together for the next hop if possible (i.e. different clients using the
same entry guard and the same second hop, mixing/multiplexing that
traffic onto the same TCP connection).  If so that would yield even more
anonymity, but only if the different users use the same second hop at
the same time (and switching over to different circuits at the same
time).

Kind regards,

Hannah.