[tor-talk] SocksPort: Circuit isolation is not Exit isolation

Nick Mathewson nickm at alum.mit.edu
Tue Sep 11 05:41:28 UTC 2012


On Tue, Sep 11, 2012 at 1:36 AM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> Nick Mathewson:
>> On Mon, Sep 10, 2012 at 10:28 PM, grarpamp <grarpamp at gmail.com> wrote:
>>> The typical use case is wanting to use multiple accounts on the
>>> same site at once, with a guarantee that you're not appearing to
>>> be from the same exit and thus are not as easily linked.
>>>
>>
>> This doesn't make sense to me.  If you've got two requests open from
>> the same exit to the same site, using different accounts, then all the
>> site can tell is that two Tor users (or maybe one) are connecting to
>> it.  That's also the same conclusion it could reach if the two
>> requests were coming from the same exit
>>
>
> The key is that a user alice, only signs on when bob also signs on and
> always from the same IP. Sooner or later, one might guess that alice is
> bob. Obviously, one could easily draw the same conclusion with an
> intersection of logged in users or similar data, regardless of IP address.

But circuit isolation should solve that?  If the circuits for the two
accounts are isolated, then account alice will use the same exit as
account bob the same amount of the time as they would if they were run
by two different users, right?

-- 
Nick


More information about the tor-talk mailing list