[tor-dev] entry guards and linkability

Nick Mathewson nickm at alum.mit.edu
Thu Sep 19 15:25:34 UTC 2013


On Fri, Sep 13, 2013 at 6:54 AM, Leif Ryge <leif at synthesize.us> wrote:
> On Wed, Sep 11, 2013 at 11:20:59AM -0400, Nick Mathewson wrote:
 [...]
>> To avoid confusion, I would phrase that as not as "reveals their
>> location to the adversary" but as "shows the adversary that
>> connections are all coming from the same user."  But yes.
>>
>> (If you want to avoid this, you also need to make sure that your MAC
>> address is randomized whenever you move networks, that you make
>> absolutely no non-Tor connections, and so on.)
>
> Is this tradeoff of using entry guards documented somewhere? I suspect that
> there may be many users changing their MAC address to protect themselves
> against this exact threat while not understanding that their entry guard set
> uniquely identifies them. Perhaps the man page text about UseEntryGuards and
> NumEntryGuards should mention it? A FAQ entry would be nice too.

I think a wiki FAQ entry and/or a documentation patch would be neat;
anybody want to write one?

-- 
Nick


More information about the tor-dev mailing list