[tor-bugs] #16824 [Tor]: coexistence of client and relay processing on same thread poses traffic confirmation risk
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 1 01:19:23 UTC 2015
#16824: coexistence of client and relay processing on same thread poses traffic
confirmation risk
---------------------------+--------------------------------
Reporter: starlight | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.6.10
Resolution: | Keywords: PostFreeze027
Actual Points: | Parent ID:
Points: |
---------------------------+--------------------------------
Comment (by mikeperry):
While serious, the side channel in #16585 doesn't fully differentiate all
client and relay traffic. It only lets you know that a client circuit
setup is happening, not if or when an existing circuit is being used for
client traffic. As far as I can tell, it also doesn't directly disclose
the volume of client traffic relative to relay traffic, either. Nor does
it expose when client circuits are actually closed.
This means that significantly less information is available to an
adversary who is monitoring a relay (that is also used as a client) than
is available to an adversary who is watching a machine that has a separate
relay tor instance and a client tor instance, even with the side channel.
I do believe that #16585 is serious and should be fixed, especially since
it seems like it could also be a vector for other side channels as well,
and potentially even in client-only scenarios. However, shouting
confusing, nuanced, and/or partially correct information at users in our
loglines isn't the right stopgap in the meantime, IMO.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16824#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list