[tor-talk] Better Privacy for Tor Node Operators

tagnaq tagnaq at gmail.com
Mon Apr 25 00:24:07 UTC 2011


On 04/25/2011 01:11 AM, andrew at torproject.org wrote:
> On Sun, Apr 24, 2011 at 03:55:59PM -0400, grarpamp at gmail.com wrote 1.4K bytes in 25 lines about:
> : > If you run a Tor node at your home IP address you will loose the
> : > positive side effect of a dynamic IP address and your IP layer anonymity
> : > decreases to that of a static IP address because your node identity
> : > links all your public IP addresses.
> 
> I don't understand this statement.  Why does a running a tor relay on
> your home IP address give you less anonymity?

I'll try to explain what I mean with an example:

Alice runs an non-exit Tor node at home. The Tor node at home is always
running. Her ISP assigns her a new IP address every day.

On 2011-01-29 Alice decides to create a new example.com account
(alice at example.com) using her home IP address - the same as her Tor node
is using [86.59.30.36] . (Alice is not using Tor for browsing the web
but she uses Torbutton in Transparent mode - I'm just mentioning this to
make clear that beside the IP address there is not much identifying
information)

On 2011-03-13 (and several IP's) later Alice (now browsing with
[38.229.70.37]) wants another example.com account and again visits their
website. The Tor node is still running. example.com would like to know
if Alice did already create an account in the past.

example.com performs the following steps to answer its question:
1. IP address to Tor node fingerprint lookup
2. fetch all IP addresses that the Tor node (gathered in step 1) ever had
(one of the obtained records is: 2011-01-29 86.59.30.36)
3. look for matching IP addresses (comparing list gathered in step 2
with their own database)
MATCH: 2011-01-29 86.59.30.36 => created: alice at example.com

Now example.com will kindly ask Alice if she lost her password for
alice at example.com ;)

How would one implement such a "feature" if Alice was not running a Tor
node at her IP?

best regards,
tagnaq









More information about the tor-talk mailing list