Threats to anonymity set at and above the application layer; HTTP headers

Ringo Kamens 2600denver at
Mon May 22 12:23:37 UTC 2006

If you are up an adversary such as the government, then you will
always end up on the "it could be this person list". If you are
referring to a situation where the person runs the first node and end
site it probably wouldn't help.

On 5/22/06, Helge Preuss <scout at> wrote:
> Seth David Schoen wrote:
> > * timing of access (what time zone are you in, when do you usually do
> > something?) -- for communications with non-randomized latency < 1 day
> >
> > * typing patterns (cf. Cliff Stoll's _Cuckoo's Egg_ and the Song et al.
> paper)
> >
> > * typing speed
> A question crept up to me and this thread seems the right place to ask
> it (although it certainly has been asked before).
> If I cause a lot of meaningless traffic over tor, couldn't I hide
> meaningful traffic in this noise and thus be secure against timing
> attacks? Say, I start a large download and visit a website while it
> runs. Wouldn't a global observer only see the net traffic coming from
> my node? Wouldn't this make it impossible for them to correlate this
> traffic with the traffic at the website I visited?

More information about the tor-talk mailing list