[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Lots of tor relays send out sequential IP IDs; please fix that!



On Mon, Mar 31, 2014 at 11:12:05PM +0200, Jann Horn wrote:
> Well, the subject line pretty much says it all: Lots of Tor relays send out
> globally sequential IP IDs, which, as far as I know, allows a remote party to
> measure how fast the relay is sending out IP packets with high precision,
> possibly making statistical attacks possible that could e.g. pinpoint the entry
> guard a user or hidden service uses.

[Please don't cross-post on multiple lists -- you will splinter the
responses.]

For extra fun, check out this paper that turns this issue into a potential
anonymity attack:
http://freehaven.net/anonbib/#tcp-tor-pets12

Their suggestion for a fix iirc was that the Linux kernel should get
fixed.

--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays