[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Identify requests made by the same user
Il 20.06.2013 23:19 krishna e bera ha scritto:
Some of your question is answered here:
I've read the entire FAQ page! :)
1) By design, you cannot know whether aaa.onion and bbb.onion are
running on the same machine or are run by the same operator.
Yes, I know that. What i'd like to know, is if it's the same from the
client point of view.
2) If either .onion site requires registration, you must be careful to
use different email userid and password on each, and those must also be
different from anything you use in non-Tor contexts.
3) If you check the tests at
you will see how much browser fingerprinting is possible. So you
must be careful not to change any settings that will make your browsing
session look different from any other person using TBB.
Yes yes yes. That's clear. Tor encrypts my connections, but I have to be
careful on what I (and my browser) send over the internet. This is
application and physical transport level. What makes me think is the tor
transport level (the payload of tcp/udp packets tor sends over the
My question wasn't actually related to a specific application. This is
my reasoning: in order to get the server response back to me, the
encrypted packet Tor sends over the network, should contain and
identifier of my Tor client. This way the .onion service can read the
request, prepare a response and send it back to me. Just like a TCP
packet that contains the sender's IP address (Tor's TCP packet will
contain the IP of the last node on the tunnel, but at an higher level
there should be my client ID).
I'm speaking about a kind of "internal ip", some internal identifier in
the Tor network. Let's put aaa.onion is an IRC chat and ccc.onion is a
bulletin board. And that from the same client come 2 different requests
for aaa.onion and ccc.onion. From the application layer, knowing that
they come from the same client, is impossible. But, Tor should someway
know that both responses will be forwarded to the same client, thus
making possible to "group" them and know that behind them there is the
I've read much technical documentation, but looks like this point is not
properly described. I should read Tor's code, but I can't manage to do
tor-talk mailing list