[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Possible attack method?? Question..

To: or-talk@xxxxxxxxxxxxx
Subject: Possible attack method?? Question..
From: Anon Mus <a_green_lantern@xxxxxxxxx>
Date: Fri, 11 Jan 2008 09:44:39 -0800 (PST)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Fri, 11 Jan 2008 12:44:48 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=2YGGe88IKaEopeF1ZjkV4/tsVdry0jcriVkSa69aF408gRFZo2nXsE8Wf6OFoogK6i1sCLrGAX80Wc0WTsklOu0TcADHijosaJsDAEap5RAmu5XOAZxpnIJBPHd1MxWeDbemQQV2tcO+bjzKGItAObp3gLJ305YicsDGAESStgM=;
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

This question is for those with the knowhow.

A while back I got a number of emails from the same source where the 
emails were sent in "pairs" a minute or less apart.

The first of each of the "email pair" were large (over 700characters), 
the second were small (under 50 characters). On the face of it the 
"email pairs"  appeared to be a genuine error ("oh yes I forgot to 
mention" kind of thing) by the sender, so I took no notice at the time.

It was not until this week when re-reading these emails that I realized

the sender had all along been trying to locate me (I was an anonymous 
informant). My guess is that my contact was in fact an intelligence 
(probably British with the help of the USA) plant out there pretending 
to be a (British) activist with a grievance.

My question is, is this "email pair" (of vastly differing sizes) a 
possible attack method on a  Tor user, by somehow watching and counting

(to estimate the size of) a packet stream?


-K-




      ____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs

Follow-Ups:
- Re: Possible attack method?? Question..
  - From: Max Berger
- Re: Possible attack method?? Question..
  - From: Ringo Kamens
- Re: Possible attack method?? Question..
  - From: Watson Ladd

Prev by Author: Re: We're missing a certificate from authority lefkada with signing key 0000000000000000000000000000
Next by Author: Re: Possible attack method?? Question..
Previous by thread: Re: via ControlPort, can we build a circuit to a bridge?
Next by thread: Re: Possible attack method?? Question..
Index(es):
- Author
- Thread