Skip to comments.Boffins follow TOR breadcrumbs to identify users
Posted on 09/02/2013 2:05:27 PM PDT by ShadowAce
It's easier to identify TOR users than they believe, according to research published by a group of researchers from Georgetown University and the US Naval Research Laboratory (USNRL).
Their paper, Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries, is to be presented in November at November's Conference on Computer and Communications Security (CCS) in Berlin. While it's been published at the personal page of lead author Aaron Johnson of the NRL, it remained under the radar until someone posted a copy to Cryptome.
The paper states simply that Tor users are far more susceptible to compromise than indicated by prior work. That prior work provided the framework for what Johnson's group has accomplished: using traffic correlation in the live TOR network to compromise users' anonymity.
To quantify the anonymity offered by Tor, we examine path compromise rates and how quickly extended use of the anonymity network results in compromised paths, they write. In some cases, they found that for the patient attacker, some users can be identified with 95 percent certainty.
The compromise isn't something available to the trivial attacker. The models that Johnson developed assume that an adversary has access either to Internet exchange ports, or controls a number of Autonomous Systems (for example an ISP). However, it's probably reasonable to assume that the instruments of the state could deploy sufficient resources to replicate Johnson's work.
At the core of Johnson's work is a Tor path simulator that he's published at github. The TorPS simulator helps provide accurate AS path inference from TOR traffic.
An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50 percent probability and within six months with over 80 percent probability. We observe that use of BitTorrent is particularly unsafe, and we show that long-lived ports bear a large security cost for their performance needs. We also observe that the Congestion-Aware Tor proposal exacerbates these vulnerabilities, the paper states.
If the adversary controls an AS or has access to Internet exchange point (IXP) traffic, things are even worse. While the results of their tests depended on factors such as AS or IXP location, some users experience over 95 percent chance of compromise within three months against a single AS or IXP.
The researchers also note that different user behaviours change the risk of compromise. Sorry, BitTorrent fans, your traffic is extremely vulnerable over time. ®
So no more anonymity? What do we have to do to get some real privacy? Launch and use some microsats as relays?
For best security you should run a TOR node.
You have to put up with annoying emails from various copyright holders as they all seem to think the TOR traffic is yours. Once informed that the ip is a TOR node they cease their pestering ways.
Yup, there’s no such thing as privacy on the internet. And that’s just regular attackers, when the government (you know the guys that constructed ARPA that is the backbone of the internet) gets involved it’s even easier.
Don’t use the internet.
Given the volume of prying being done by such fascist maggots as referenced above, at the behest of their Stasi overlords, the day will come when the 'little guy' may just decide it's not worth it.
The paranoid Soviet government required the registration of typewriters.
The new paranoid state overlords are doing the same with the Internet.
You will have to wardrive.
Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I dont add you to the list...
Carrier pigeons, anyone?
You have to add me to your ping list or I’ll report you to the mods.
would anyone like a solution to this problem?
how to monetize an anonymous communications system?
The bottom line is that nothing electronic can be trusted. About the only communication that can be relied on for privacy are hand written notes, hand delivered.
The sad thing is how many government and private organizations are obsessed with such minutiae. Truly, it accomplishes nothing, and comes across as a mental illness.
For all of us dinosaurs (like me!) on FR who are clueless as to what TOR is:
“Tor (originally short for The Onion Router) is free software for enabling online anonymity.
Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis.
Using Tor makes it more difficult to trace Internet activity, including “visits to Web sites, online posts, instant messages and other communication forms”, back to the user and is intended to protect users’ personal privacy, freedom, and ability to conduct confidential business by keeping their internet activities from being monitored.”
Encryption, however is not the same as anonymity. I guarantee using that level of encryption you can send the data over the net with little chance of anyone deciphering it. No, what I am concerned with is the ability for unwanted others to track us over the internet.
Perfect! Welcome aboard!
Back to carrier pigeons? Since the Libs hate guns and won’t have them around (so they say), we don’t have to worry about them shooting the pigeons down. /S
Daggone ... should have read all the comments before I posted. :-)
So do you use a TOR with a VPN? Or is a VPN all you need to provide anonymity? If so do you have any recommendations on VPNs?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.