[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Lots of tor relays send out sequential IP IDs; please fix that!

On Mon, Mar 31, 2014 at 05:31:31PM -0500, Joe Btfsplk wrote:
> On 3/31/2014 4:12 PM, Jann Horn wrote:
> >Well, the subject line pretty much says it all: Lots of Tor relays send out
> >globally sequential IP IDs, which, as far as I know, allows a remote party to
> >measure how fast the relay is sending out IP packets with high precision,
> >possibly making statistical attacks possible that could e.g. pinpoint the entry
> >guard a user or hidden service uses.
> Why would this be?  By design for some reason?  Oversight?
> Misinterpretation of the data?

It is a known flaw in the network stack of some operating systems â see
<https://en.wikipedia.org/wiki/Idle_Scan> for a related attack.

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to