[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Threats to anonymity set at and above the application layer; HTTP headers



Seth David Schoen wrote:
> * timing of access (what time zone are you in, when do you usually do
> something?) -- for communications with non-randomized latency < 1 day
>
> * typing patterns (cf. Cliff Stoll's _Cuckoo's Egg_ and the Song et al. paper)
>
> * typing speed

A question crept up to me and this thread seems the right place to ask
it (although it certainly has been asked before).
If I cause a lot of meaningless traffic over tor, couldn't I hide
meaningful traffic in this noise and thus be secure against timing
attacks? Say, I start a large download and visit a website while it
runs. Wouldn't a global observer only see the net traffic coming from
my node? Wouldn't this make it impossible for them to correlate this
traffic with the traffic at the website I visited?