[tor-bugs] #6102 [Website]: Add warning related to Identity correlation through circuit sharing
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Jun 7 21:17:10 UTC 2012
#6102: Add warning related to Identity correlation through circuit sharing
-------------------------+--------------------------------------------------
Reporter: proper | Owner: phobos
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Website | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
As long as #3455 and Tor 0.2.3 isn't ready, I recommend to add on
https://www.torproject.org/download/download-easy.html.en a warning about
Identity correlation through circuit sharing. Reference with problem
description. [1] [2] [3] [4] [5]
I don't think many people are aware of the issue.
When you google you'll see, that people recommend, in order to torify
various applications, to socksify using port 9050. Stream isolation,
multiple SocksPorts and identity correlation are discussed nowhere.
And if those people mix different goals (let's say, hide location from
chat server, registered with real name; and anonymous posting) or use
multiple applications at once, they don't only theoretically risk their
anonymity.
[1]
https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#Whatattacksremainagainstonionrouting
[2] http://archives.seul.org/or/talk/Dec-2004/msg00086.html
[3] https://trac.torproject.org/projects/tor/wiki/doc/Modes_Of_Anonymity
[4] https://lists.torproject.org/pipermail/tor-talk/2012-March/023535.html
[5]
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/ApplicationWarningsAndNotes#Identitycorrelationthroughcircuitsharing
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6102>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list