[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
From: "Sebastian G. <bastik.tor>" <bastik.tor@xxxxxxxxxxxxxx>
Date: Mon, 15 Jul 2013 09:51:07 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 15 Jul 2013 03:51:24 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; bh=+oZ2hjnmsGxR4fgQi9WvXvC5cCWWB5o0kGf5oMeyihc=; b=Oy5QoA++UAHZQkTP8cgE0btgcguT2a+FLWAu77rleQeYDwoWx7Fl0ZlOvjHfg14Viv lQCQ7g7cgEC7IUR6mw5dz/hCzbPaAVnwju8EGs78l88DdN5e1XSt5yToSbbi6pFfvd7U dVSkp1a1QMbYXLDUXIociVCGwypIWtne6QSEoNHUJbu2kYIVerU9EVDZEQqOZ5zaphU+ JHfM1jqTv43OyL7UWysY/dq7xDLBsM1kF300Y1M5LV1VtVHynMEV4TufrnhLRltlEXJ+ Uv6ARyKvE3nT3bwXPoDAr7n5YvJZYQX56QnBVBLo8BvkkXirxCJF2EJoqBCD/bwRlia8 NH9Q==
In-reply-to: <8D04F3D25D7EC67-1900-DD886@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <8D04DB7230ED416-4EC-DB18C@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <CACMm6qAZsL5A3O5GBUYvrFhrTmqzaKQ4BE_GE=zPAcj1VzyH9g@xxxxxxxxxxxxxx> <F4DA9ED6-B7D5-42D7-B30B-982F1EFD6500@xxxxxxxxx> <20130713163925.GB26138@xxxxxxxxxxxxxxxxxx> <CAH+=uuJmL6Kac6uQ58zyVCMr=L1v2FTMJxxV40sx7T0S5b_7Dw@xxxxxxxxxxxxxx> <51E1B848.8050302@xxxxxxxxx> <CAKy-ybVD0tmfOVd5aM83O12tbeTr8C1spc+W6wAPMffDXE4emw@xxxxxxxxxxxxxx> <20130713215328.GH31806@xxxxxxxxxxxxxx> <8D04E3D7C4D52CE-85C-8EACE@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20130714003914.GI31806@xxxxxxxxxxxxxx> <20130714042537.GJ31806@xxxxxxxxxxxxxx> <8D04E7453A6D517-130C-93E5B@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <51E29550.7050105@xxxxxxxxxx> <8D04F3D25D7EC67-1900-DD886@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

15.07.2013 08:39, Gabrielle DiFonzo:
> 
> What do you mean by "phone home"?

When you download a PDF document over Tor you get the properties you
expect from Tor (e.g. being anonymous to the server hosting the PDF). If
you then open the PDF document, while still being Online, with Adobe
Acrobat Reader (or any other reader), while not having the reader
configured to use Tor it could be the case that the PDF document
contains a resource that is located on a server (maybe the server you
downloaded it from, maybe another) and Tor gets bypassed.

The server logs show someone downloads 'cryptonite.pdf' and the IP
address tells the server operator that it belongs to a Tor Exit (public
information). Ten seconds later the server logs show a request for a
picture embedded in above PDF document, this time with another IP
address, which is ultimately yours. The server operator can tell that
the IP address does not belong to Tor and conclude it is yours.

This broke your anonymity.

This can affect a lot of files. I can affect PDFs, but you can't tell if
it is safe or not. Word documents can contain external resources as
well. WMA and WMV (WindowsMediaAudio) (WindowsMediaVideo) can contain
DRM information which are checked against a server. I'm not sure if this
applies to MP3s, but I guess that this is possible.

For whatever you download over Tor and open while being Online you face
the risk of your anonymity being broken.


> All I really save to disk is my photos (from my phone), some PDFs,
> some MP3s (iTunes) and stuff I write offline in MS Word. Is that a
> bad idea? If so, why?

Files that are present because you create them or downloaded them
without Tor are not safe to upload somewhere as they could contain
information about you.

For opening them while using Tor you could face identity correlations.

Let's say you like music and think it's cool to listen to while blogging
anonymously with TBB. If iTunes checks license information during
playback without routing it through the Tor network and you create a new
blog post during that time over Tor, someone might be able to correlate
the identities. (Or assume a forum you participate in pseudonymous, as
it allows more fine grained timing information)

Your ISP for instance would know that you are connected to the Tor
network, but not what you do there, and he knows about the connection to
iTunes.

Best,
bastik
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo

References:
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Buck Calabro
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Jake.tarren@xxxxxxxxx
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: andrew
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Charlie Belmer
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Blibbet
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Scott MacLeod
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: mirimir
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo

Prev by Author: Re: [tor-talk] Measure Bridges (Was: Would Conflux have a positive effect against website fingerprinting?)
Next by Author: Re: [tor-talk] Mozilla Persona and Tor
Previous by thread: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
Next by thread: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
Index(es):
- Author
- Thread