[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
From: "Sebastian G. <bastik.tor>" <bastik.tor@xxxxxxxxxxxxxx>
Date: Mon, 15 Jul 2013 12:44:07 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 15 Jul 2013 06:44:26 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; bh=j7IKjSLYF/FBCnZ5MTInZktrTb6rZq8SdttlLPSOMKg=; b=x2Pi7udbGODnE6wEeLVCet+F9veTWsskh4UfmP67959pyN+VMwlqXGzIOQAV8peaHt xK4Hn0s6LWgumUG/B78KaLmzmyP7VA6mRn1PFHs0PaA3yBjFEI1c9/2ih2YcziGVMaty kOYKM4IH+zmWm3tOThGwip8EyvUgNJmy8hQ121Ow60ZkUpLJFiGn5VDlytnULZno4O8l okxrVLmgOGl3KCOqURQvButsqD/aFDHYHe6msCdDu6MXOa0s8R1KRdzjNQXNAZulOgt7 EVgn4YcX9bNNfHu22Vb4gymxB+n2zbWr1k4ji08rFNbtkyMA3g7gXIx54vX+C2uYOKyJ 9QhA==
In-reply-to: <8D04F58D0385366-1900-DE585@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <8D04DB7230ED416-4EC-DB18C@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <CACMm6qAZsL5A3O5GBUYvrFhrTmqzaKQ4BE_GE=zPAcj1VzyH9g@xxxxxxxxxxxxxx> <F4DA9ED6-B7D5-42D7-B30B-982F1EFD6500@xxxxxxxxx> <20130713163925.GB26138@xxxxxxxxxxxxxxxxxx> <CAH+=uuJmL6Kac6uQ58zyVCMr=L1v2FTMJxxV40sx7T0S5b_7Dw@xxxxxxxxxxxxxx> <51E1B848.8050302@xxxxxxxxx> <CAKy-ybVD0tmfOVd5aM83O12tbeTr8C1spc+W6wAPMffDXE4emw@xxxxxxxxxxxxxx> <20130713215328.GH31806@xxxxxxxxxxxxxx> <8D04E3D7C4D52CE-85C-8EACE@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20130714003914.GI31806@xxxxxxxxxxxxxx> <20130714042537.GJ31806@xxxxxxxxxxxxxx> <8D04E7453A6D517-130C-93E5B@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <51E29550.7050105@xxxxxxxxxx> <8D04F3D25D7EC67-1900-DD886@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <51E3A9EB.50700@xxxxxxxxxxxxxx> <8D04F58D0385366-1900-DE585@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

15.07.2013 11:57, Gabrielle DiFonzo:
> 
> Aha. This message explained a lot to me. Thank you for the detail on PDFs. It was very clear to me.
> 
> As for, say, iTunes, so what you're saying is that it's not a good idea to have programs like that running at the exact same time that you're online with Tor?
> 

I don't know what iTunes provides, beside browsing for music and
listening to it. 'Steam', (iTunes for video games :) ) for example has a
friends list so they see when you are Online. (Don't know if that is
optional)

Best avoid are programs and actions that are observable by the general
public or an adversary depending on your threat model.

Bittorrent for example is something where anybody can potentially learn
your IP address if he/she downloads files you have available (regardless
of the files).

Public forums where people see that you are Online or you post there
while not using Tor, for example using IE to post at
forum.cats.example.com (A) and you use Tor (TBB) to participate in
forum.dogs.catssuck.com (B) at the same time. Users of A could be
interested in what their enemies do and visit B. Being low volume
forums, they may notice that you make posts at A and posts at B, where
they only know for sure that you have contributed to A, but due to the
fact that an (to them) anonymous user always posted something to B while
you where Online at A, they could correlate those identities.

iTunes might not have been a great example, but something that runs in
the background and connects to the Internet can be potential harmful.

Best,
bastik

> -----Original Message-----
> From: Sebastian G. <bastik.tor> <bastik.tor@xxxxxxxxxxxxxx>
> To: tor-talk <tor-talk@xxxxxxxxxxxxxxxxxxxx>
> Sent: Mon, Jul 15, 2013 3:55 am
> Subject: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
> 
> 
> 15.07.2013 08:39, Gabrielle DiFonzo:
>>
>> What do you mean by "phone home"?
> 
> When you download a PDF document over Tor you get the properties you
> expect from Tor (e.g. being anonymous to the server hosting the PDF). If
> you then open the PDF document, while still being Online, with Adobe
> Acrobat Reader (or any other reader), while not having the reader
> configured to use Tor it could be the case that the PDF document
> contains a resource that is located on a server (maybe the server you
> downloaded it from, maybe another) and Tor gets bypassed.
> 
> The server logs show someone downloads 'cryptonite.pdf' and the IP
> address tells the server operator that it belongs to a Tor Exit (public
> information). Ten seconds later the server logs show a request for a
> picture embedded in above PDF document, this time with another IP
> address, which is ultimately yours. The server operator can tell that
> the IP address does not belong to Tor and conclude it is yours.
> 
> This broke your anonymity.
> 
> This can affect a lot of files. I can affect PDFs, but you can't tell if
> it is safe or not. Word documents can contain external resources as
> well. WMA and WMV (WindowsMediaAudio) (WindowsMediaVideo) can contain
> DRM information which are checked against a server. I'm not sure if this
> applies to MP3s, but I guess that this is possible.
> 
> For whatever you download over Tor and open while being Online you face
> the risk of your anonymity being broken.
> 
> 
>> All I really save to disk is my photos (from my phone), some PDFs,
>> some MP3s (iTunes) and stuff I write offline in MS Word. Is that a
>> bad idea? If so, why?
> 
> Files that are present because you create them or downloaded them
> without Tor are not safe to upload somewhere as they could contain
> information about you.
> 
> For opening them while using Tor you could face identity correlations.
> 
> Let's say you like music and think it's cool to listen to while blogging
> anonymously with TBB. If iTunes checks license information during
> playback without routing it through the Tor network and you create a new
> blog post during that time over Tor, someone might be able to correlate
> the identities. (Or assume a forum you participate in pseudonymous, as
> it allows more fine grained timing information)
> 
> Your ISP for instance would know that you are connected to the Tor
> network, but not what you do there, and he knows about the connection to
> iTunes.
> 
> Best,
> bastik
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 
>  
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo

References:
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Buck Calabro
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Jake.tarren@xxxxxxxxx
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: andrew
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Charlie Belmer
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Blibbet
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Scott MacLeod
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Roger Dingledine
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: mirimir
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Sebastian G. <bastik.tor>
- Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
  - From: Gabrielle DiFonzo

Prev by Author: Re: [tor-talk] Using Mumble with Tor
Next by Author: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
Previous by thread: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
Next by thread: Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)
Index(es):
- Author
- Thread