[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

fingerprinting



As many of you have probably seen, some CAIDA folks have come up 
with a method for fingerprinting machines on the 'net by 
calculating the box's clock skew.

Since the express purpose of tor is to allow people to use the 
Internet anonymously, this could be a direct "attack" on tor.

Thinking about it a bit, it appears to me that tor is not vuln 
to this as the "fingerprintee" would only be susceptible during 
it's first hop to the tor entry server. The middle & exit 
servers would then change the timestamp to their /own/ 
timestamp and then send that to the final web server.

Am I looking at this correctly? Does tor mitigate these 
fingerprint attacks?

That said, are their any other suggestions for preventing these 
types of fingerprinting?

http://www.caida.org/outreach/papers/2005/fingerprinting/
http://www.zdnet.com.au/news/security/0,2000061744,39183346,00.htm
http://it.slashdot.org/article.pl?sid=05/03/04/1355253 ok, i'm a 
bit embarassed to be linking to slashdot... ;)

-Jeff