[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ads slow Tor Browser dramatically



On 11/7/2012 11:09 PM, Julian Yon wrote:
It's not specific to AdBlock. If everybody used exactly the same fixed
list it wouldn't be an issue. But not there are a zillion ad networks
out there and incredible as it is some people actually click the damn
things. After all, if they didn't the industry wouldn't exist. Here's a
possible attack I can conceive:

Let's say Alice uses the default list, but chooses to unblock ads from
$ADSERVER because they frequently serve ads that relate to some niche
interest she has. $WEBSITE contains information which it is illegal to
possess in Alice's Orwellian island homeland. It is also one of those
annoying sites that embeds ads all over the place from multiple
networks and makes it impossible for neurodiverse types like her to
focus; exactly the sort of thing she wants the ad blocker to intercept.

Mallory controls one or more exits, and at some point has the ability to
see and tamper with Alice's unencrypted requests both to $WEBSITE and to
at least some of the servers on the block list. Alice's traffic stands
out because requests to $WEBSITE correlate with requests to $ADSERVER,
but not to the rest of the list (because she's not turned the blocker
off altogether). Her other connections can now be isolated from the
others by injecting some extra <img/> tags into all returned pages and
looking for the same correlation (they don't have to be real resources;
Mallory can just send back a pile of 1x1 gifs that nobody will notice).
What happens next to Alice depends on many factors, but she certainly
isn't safe.

Remember that in this situation your anonymity set is restricted to
people currently using Mallory's exit(s), not the entire population of
Tor users. So to my mind, such fingerprinting passes the plausibility
test. I'm quite out of practice at this stuff, and Mike may have had a
different attack in mind.

All that may be true. But you don't have to use any addon to run into same situation. If you're in a small enough sample (say using Spanish TBB) & Win XP on a site where you're the only one w/ those characteristics, it shouldn't be hard to pick you out of a crowd. Anytime sites or ads set image tags - or anything else, that the same (real or "fake") advertisers / adversaries can follow, all bets are off. It's my understanding that TBB prevents sites / advertisers, etc., from tracking users, site to site.

I believe referer.header is enabled by default in TBB. I don't see how there's ever any complete anonymity as long information in the browser header is sent. By no means is everyone's machine / system / TBB exactly the same. Win, Mac, Linux - different ver. #s, different languages. TBB would have to fake everyone's info about OS, language, etc., the same, but then returned page results would often not be correct. If an adversary has the resources & willing to spend the time, I expect they could "identify" many Tor users. But, I'm no expert.


_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk