[tor-bugs] #29782 [Core Tor]: Multiple SocksPort is broken, connects to entry node multiple times. Tor = NSA?

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 23 22:35:44 UTC 2019 

#29782: Multiple SocksPort is broken, connects to entry node multiple times. Tor =
NSA?
---------------------------+-------------------------------
 Reporter:  cypherpunks    |          Owner:  (none)
     Type:  defect         |         Status:  new
 Priority:  Immediate      |      Milestone:
Component:  Core Tor       |        Version:
 Severity:  Blocker        |     Resolution:
 Keywords:  CIA, FBI, NSA  |  Actual Points:
Parent ID:                 |         Points:
 Reviewer:  hiro           |        Sponsor:  SponsorR-must
---------------------------+-------------------------------

Comment (by randomname213324):

 > If I use multiple SocksPort, it connects to entry node multiple times,
 instead of one time.

 Yes, that's the point of it. It uses different Tor circuits so activities
 can't be correlated together.

 > So CIA and NSA can analyze my traffic more easily.

 No, if anything it's harder as they have multiple connections to analyze
 rather than a single one.

 > They also know how many applications I use with Tor.

 No, TBB uses a different circuit per tab. You could just have multiple
 tabs open.

 > That's huge bug.

 No, it's a feature.

 > There should be one connection to entry node, but then each socksport
 should use different middle and exit node. (or maybe use same middle node
 too?)

 Then activities would be more easily correlated.

 > You are just helping NSA. Do they own torproject?

 No they don't.

 > It lowers privacy and gives zero benefits.

 It increases privacy and gives plenty of benefits.

 > NSA, CIA, can isolate each TCP connection and try to make analysis and
 correlation.

 And they can isolate a single TCP connection and try to analyze it. The
 only difference is is that multiple connections means they have more work
 to do.

 > If everything was transmitted on single TCP connection they would need
 to own entry node to do same thing. If everything was transmitted on
 single Entry and Middle node (but different Exit node) they would need to
 own entry and middle node to make this analysis.

 If the connections all shared the same entry node then they'd only need
 one entry node for your traffic to pass through to perform analysis
 attacks rather than with multiple entry nodes.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29782#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list