[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] SocksPort: Circuit isolation is not Exit isolation
On Tue, Sep 11, 2012 at 12:21 AM, grarpamp <grarpamp@xxxxxxxxx> wrote:
>>> The typical use case is wanting to use multiple accounts on the
>>> same site at once, with a guarantee that you're not appearing to
>>> be from the same exit and thus are not as easily linked.
>> This doesn't make sense to me. If you've got two requests open from
>> the same exit to the same site, using different accounts, then all the
>> site can tell is that two Tor users (or maybe one) are connecting to
>> it. That's also the same conclusion it could reach if the two
>> requests were coming from the same exit.
> Sentence 2 and 3 appear to be the same?
>> Is there a better use case here?
> I think that if I was watching the site logs and userA and userB
> continually logged in daily at about the same times from the same
> exit, I might infer them to be the same user. I might not even be
> aware IP's in logs are multiuser tor/proxy nets. Now add in similar
> client app versions, handshakes, account names, headers, settings,
> etc... and parameter by parameter the linkage gets stronger, even
> without infringing upon content. Keep the exits different and it's
Actually, it's stronger!
Let's say that there are 50 accounts that all log in to my site over Tor.
Let's say that there are N tor exits, and let's pretend that each exit
is chosen with probability 1/N.
If anonAccountA and anonAccountB are run by different users, I'd
expect them to use the same exit 1/N of the times that they both log
But if, over time, I see that anonAccountA and anonAccountB both
sometimes use some of the same exits, but they never use the same exit
at the same time, I can conclude that they are run by the same user,
and that user has enabled some kind of exit isolation option.
tor-talk mailing list