[tor-dev] Paper on how DNS affects Tor's anonymity
Jesse V
kernelcorn at torproject.org
Wed Sep 28 23:31:54 UTC 2016
On 09/28/2016 11:35 AM, Philipp Winter wrote:
> My colleagues and I published a (not yet peer-reviewed) research paper
> on how DNS affects Tor's anonymity. The key parts of our work are:
>
> - We measure the DNS setup of exit relays over time, showing that at
> times Google got to see almost 40% of DNS requests coming out of Tor.
>
> - We show how website fingerprinting attacks can be augmented with
> observed DNS requests, resulting in precise attacks for unpopular
> websites.
>
> - Similar to the "Users Get Routed" work, we simulate the impact of our
> attack at Internet-scale using the TorPS simulator.
>
> The PDF is available online:
> <https://nymity.ch/tor-dns/tor-dns.pdf>
>
> Our project page has code, data, and replication instructions:
> <https://nymity.ch/tor-dns/>
> _______________________________________________
Excellent work, this is really neat!
It reminds me a bit of
https://www.cse.buffalo.edu/~mohaisen/doc/14-wpes.pdf, which describes
the prevalence accidental .onion lookups on DNS root servers.
The issue with 8.8.8.8 is significant. It's easy to point
/etc/resolv.conf at Google's DNS because it just works, without
realizing the implications. https://xkcd.com/1361/
--
Jesse
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 709 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160928/61334cae/attachment.sig>
More information about the tor-dev
mailing list