[tor-talk] Awareness for identity correlation through circuit sharing is almost zero.
Hggiu Uizzu
torboxdev at yahoo.com
Tue Mar 6 03:54:42 UTC 2012
Robert Ransom wrote:
>Using multiple SocksPorts from the same Tor client only helps if you
>are using Tor 0.2.3.x-alpha, which introduced 'stream isolation'. (I
>don't think 0.2.2.x supports multiple SocksPorts at all.) Read the
>man page.
Multiple socks ports are in stable, we'll make the transition to multi-
Socks in TorBOX in the next days, certainly before before 0.2.3.x
becomes stable. Once the update hits the repository this will be
automatically available in TorBOX.
However: "Tor Browser should set SOCKS username for a request based on referer"
https://trac.torproject.org/projects/tor/ticket/3455
Until that gets fixed the whole feature is pretty pointless.
You worry about apt-get reducing anonymity to pseudonymous
but TBB is just as affected and compared to those implications
apt-get is absolutely negligible. We discussed this at:
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev#IdentitycorrelationthroughcircuitsharingTransPortandDnsPortonlyoptionalOPEN
>(But applications
>running within Tails have much less information to leak about their
>user.)
How so? People can customize and install their own packages in
Tails too. By default neither TorBOX nor tails has a unique "application
fingerprint" and TorBOX doesn't automatically phone anywhere.
In fact due to the VM depended design TorBOX will always be less
leaky by design than a live cd (it can't leak hardware serials).
>More importantly, many applications which you did not intend to torify
>will use that DNS resolver.
DNSPort allows us to fail "openly" (just wrt to the circuit correlation - it's
all still torified) for non-critical/one-off stuff. (I count apt-get to the latter
but this can be easily changed)
>This is the main reason that I'm not a fan of TorBOX. It provides
>pseudonymity, not anonymity, but most people will think that it
>provides anonymity.
I'm interested in your other reasons. This one is none we couldn't solve,
and we will. But we can only do so once 0.2.3 becomes stable.
There is nothing we can do right now about it, or is there?
Also, is there a (technical) reason a single TransPort couldn't be safe?
There's nothing SOCKS specific about IsolateStreamsByPort
and IsolateStreamsByHost.
More information about the tor-talk
mailing list