[tor-talk] Can Tor users be tracked?

Seth David Schoen schoen at eff.org
Wed Nov 7 18:20:23 UTC 2012 

Nam Su writes:

> 2012. 11. 8. AM 1:31 adrelanos <adrelanos at riseup.net> wrote:
> 
> > Nam Su:
> >> Hello. I saw a blog post in Internet. It says the government
> > 
> > Not only government.
> Does ISP can track Tor users?

ISPs can tell which users are using Tor (unless the users use
particular technologies that prevent this).  They can't usually
tell easily what the users are doing with Tor.  If an ISP or
government forbids the use of Tor, there is a risk that Tor
users could be recognized as Tor users and punished, although
I don't know of any particular case where this has happened.

The reason that ISPs can identify Tor users in the basic Tor
usage situation is that Tor users must connect to Tor entry
nodes, and a list of all the public entry nodes' IP addresses
is easily available from the directory servers.  The same way
that your Tor client chooses relays to connect to would allow
someone else (like an ISP) to learn that those IP addresses
are operating as Tor relays.

This is one reason that the Tor project is interested in making
sure that Tor is interesting and useful for many different
kinds of users in many different situations, so that lots of
people will use Tor for lots of different purposes.  If this
continues to happen, an ISP that notices that a user is using
Tor won't be able to know for sure _why_ the user wanted to use
Tor.

However, the Tor project is also working on ways to let people
connect to Tor without making it obvious to an ISP or government
that the service being used is Tor.  This is mostly being done
for blocking-resistance purposes, because determining which
network connections are related to Tor is a necessary step for
blocking Tor (and makes blocking Tor quite easy).

> >> can track Tor user with plugin like active-x and javascript. Is it true?
> > 
> > Active-X / Flash:
> > - Unless special setups are used, yes. It can establish direct
> > connections and circumvent the proxy.
> So, shouldn't I use active-x and flash?

There is a risk when using them that a web site (or someone who
can take over a web site) can figure out a Tor user's real IP
address.  Normally this is not supposed to be possible, but
using ActiveX or Flash creates opportunities for sites to do so.

> > Javascript:
> > - Can not be directly used for deanonymization. Can be used for browser
> > fingerprinting, linking all sessions to the same pseudonym and to
> > collect loads of other data, see ip-check.info for example.
> > - Risk for browser exploits and therefore leak the IP.
> 
> Sorry. I have a poor English so I understand this JavaScript can't track my ip but can track other information like timezone, macaddress, and windows user name. I think there are some misunderstanding. Am I understand right?

I don't think Javascript running inside the browser is supposed to be
able to access MAC address or Windows user name.  (This isn't a
limitation of the Javascript language itself, but just a detail of
the security sandbox policies that are supposed to be applied by
browsers to restrict what web pages can do.)  The time zone is
normally available, although the Tor Browser in particular might
apply extra restrictions to prevent sites from accessing information
like this.

> >> And what should I do not to be tracked?
> > 
> > Use The Tor Browser Bundle and never stop learning.
> 
> And I have one more question. Sometimes, I can't load Torcheck page *with tor*. Can my government and my ISP can block torcheck page if I use Tor?

They might be able to block Tor completely, but they should not be
able to block particular pages or sites while allowing others.  If
you're able to use Tor at all, you should be able to access every
web site via Tor.

I'd like to recommend again a resource that I worked on with some
of my colleagues:

https://www.eff.org/pages/tor-and-https

The original goal of this page is to help people understand why
using both Tor and HTTPS is important (each one protects you
against some things that the other doesn't).  In particular, the
graphic shows what information eavesdroppers at different
locations within the network could see.  The diagram might also
help with some questions that have to do with the structure of
the Internet or the design of Tor.

One example is that our diagram shows that in all the cases we
examine, the user's ISP recognizes that the user is using Tor,
and the web site that the user connects to also recognizes that
the user is using Tor.  The particular value of Tor in this
case is that the ISP doesn't know where the user is going, and
the site doesn't know where the user is coming from.  Instead
of learning specific locations, both of these parties basically
end up learning only "this person is using Tor"!

Our diagram doesn't really address client-side tracking threats,
like some of the threats you mentioned above in which a web site
attempts to get your browser to turn over identifying information.
In this diagram, we basically assume that your browser cannot
be made to disclose information about your identity or location.
A big concern for the Tor developers is that sometimes real
browsers might be made to do this.

Most of the work that has been done to address this kind of
threat is described in the very detailed document by Mike Perry

https://www.torproject.org/torbutton/en/design/

where he talks about particular details about ways that Firefox
might reveal identifying or unique information about users or
their locations, and ways that TorButton (now the Tor Browser)
prevents those information flows.  Since that document is a
year and a half old, there might be several other information
flows that Mike has managed to squash since then. :-)

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107

More information about the tor-talk mailing list