[tor-dev] Improving Private Browsing Mode/Tor Browser

[Mike Perry]

Thus spake Georg Koppen (g.koppen at jondos.de):

> > If you maintain two long sessions within the same Tor Browser Bundle
> > instance, you're screwed -- not because the exit nodes might be
> > watching you, but because the web sites' logs can be correlated, and
> > the *sequence* of exit nodes that your Tor client chose is very likely
> > to be unique.

I'm actually not sure I get what Robert meant by this statement. In
the absence of linked identifiers, the sequence of exit nodes should
not be visible to the adversary. It may be unique, but what allows the
adversary to link it to actually track the user? Reducing the
linkability that allows the adversary to track this sequence is what
the blog post is about...

Or are we assuming that the predominant use case is for a user to
continually navigate only by following links for the duration of their
session (thus being tracked by referer across circuits and exits), as
opposed to entering new urls frequently?

I rarely follow a chain of links for very long. I'd say my mean
link-following browsing session lifetime is waay, waay below the Tor
circuit lifetime of 10min. Unless I fall into a wikipedia hole and
don't stop until I hit philosophy... But that is all the same site,
which can link me with temporary cache or session cookies.

Are my browsing habits atypical?

> Ah, okay, I did not know that. Thanks for that information. I was just
> wondering how the proposed changes to the private browsing mode would
> avoid being tracked by exit mixes (as the blog post claimed).

See my other reply for a response to this question.



-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110623/bdab4e9c/attachment.pgp>