[tor-bugs] #14101 [Tor]: Client may be forced to choose a certain guard!?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 5 15:37:26 UTC 2015
#14101: Client may be forced to choose a certain guard!?
-------------------------+---------------------
Reporter: mzupzyij | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: guard | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
Hi!
I recently heard a talk about deanonymisation attacks against TOR on the
31C3
Congress of the Chaos Computer Club.
After that, a certain question about packets count/timing attacks came to
my
mind.
What about a situation, in which an attacker already knows who he want's
to
attack. Maybe he's in the same wireless network or he knows the public IP
of
the victim. He just wants to find out, on what websites the victim is
surfing
via TOR.
If the attacker has a way to drop all the packages send by the client when
connecting to a guard/entry node, he could do this until the client
chooses an
evil guard node the attacker is in control of.
Does TOR currently do anything to handle this?
Maybe a warning if too many guards are unreachable?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14101>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list