[tor-talk] Awareness for identity correlation through circuit sharing is almost zero.
proper at secure-mail.biz
proper at secure-mail.biz
Tue Mar 6 00:20:23 UTC 2012
Thanks for your answer. It's immensely helpful.
<snip>
> Everyone who suggests using BitTorrent over Tor is pointed
> to
> https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea ,
>
> which mentions that issue. It should be more visible. Perhaps you
> could
> send a patch to add it to the list of warnings on the download
> page (see
> https://svn.torproject.org/svn/website/trunk/download/en/
> for the source
> files).
I'll look into it.
<snip>
> The torsocks command
> supports a user-specified configuration file
> (read the man page). The usewithtor
> command does not.
>
> I agree that someone should make configuring torsocks
> easier.
I'll look into it and might request a feature.
> (Note
> that usernames and/or passwords can be used to separate streams,
> too.)
Is this documented somewhere?
>
> > [0] If you redirect your (for anonymous use) browser, your mail
> client, your
> > irc client, etc. to a single SocksPort (standard 127.0.0.1:9050)
> everything
> > may be routed through the same circuit and exit node. Your
> real IP remains
> > hidden but (most of) your activity can be correlated
> to the same pseudonym.
>
> This is the main reason that I'm not a fan of TorBOX.
Please tell me if there are also other reasons. I'll try to fix.
> It provides
> pseudonymity, not anonymity, but most people will think that
> it
> provides anonymity.
What you say is true and I am working on a fix.
I don't want to trivialize TorBOX's weakness, but I made this thread because this fact is unclear for most Tor users (not only TorBOX users).
______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.
More information about the tor-talk
mailing list