Possible attack method?? Question..

Anon Mus a_green_lantern at yahoo.com
Fri Jan 11 17:44:39 UTC 2008

This question is for those with the knowhow.

A while back I got a number of emails from the same source where the 
emails were sent in "pairs" a minute or less apart.

The first of each of the "email pair" were large (over 700characters), 
the second were small (under 50 characters). On the face of it the 
"email pairs"  appeared to be a genuine error ("oh yes I forgot to 
mention" kind of thing) by the sender, so I took no notice at the time.

It was not until this week when re-reading these emails that I realized

the sender had all along been trying to locate me (I was an anonymous 
informant). My guess is that my contact was in fact an intelligence 
(probably British with the help of the USA) plant out there pretending 
to be a (British) activist with a grievance.

My question is, is this "email pair" (of vastly differing sizes) a 
possible attack method on a  Tor user, by somehow watching and counting

(to estimate the size of) a packet stream?


Never miss a thing.  Make Yahoo your home page. 

More information about the tor-talk mailing list