[tor-bugs] #10969 [Tor]: Set of guard nodes can act as a linkability fingerprint

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jan 26 10:20:37 UTC 2016 

#10969: Set of guard nodes can act as a linkability fingerprint
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:
     Type:  defect                               |  mikeperry
 Priority:  Medium                               |         Status:
Component:  Tor                                  |  assigned
 Severity:  Normal                               |      Milestone:  Tor:
 Keywords:  tor-client, tor-guard,               |  0.2.8.x-final
  026-triaged-1, XKEYSCORE                       |        Version:
Parent ID:  #11480                               |     Resolution:
  Sponsor:                                       |  Actual Points:
                                                 |         Points:  large
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 Replying to [comment:20 isis]:
 > It's important because one of the major use cases for Tor is for people
 who have been (or are) in abusive relationships, or people who have
 stalkers.  All such an abuser/stalker would need to do to find the
 person's physical location is wardrive around while running wireshark —
 any relatively unskilled person could do this.

 That assumes that the WIFI network is not properly secured. The WIFI
 network already broadcasts the access point MAC and the potentially unique
 SSID in clear. Those are better identifiers than a set of guard nodes.
 Currently only one guard will be active. Forcing usage of the others will
 require an active attack.

 > A bigger problem is that this allows adversaries with more observational
 capabilities (e.g. NSA, GCHQ, BND, perhaps some ISPs) to track Tor users'
 movements and store that data forever.

 How many users route all traffic through Tor? For those users that do and
 don't have non-Tor traffic leaks, Tor most likely won't be able to detect
 the the network.

 For those users that do have non-Tor network traffic, that traffic most
 likely contains better unique identifiers than the set of guard nodes.
 Normally only one guard node will be used anyway, if there is no active
 attack.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10969#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list