[tor-talk] SocksPort: Circuit isolation is not Exit isolation
grarpamp
grarpamp at gmail.com
Tue Sep 11 07:42:18 UTC 2012
> If anonAccountA and anonAccountB are run by different users, I'd
> expect them to use the same exit 1/N of the times that they both log
> in.
>
> But if, over time, I see that anonAccountA and anonAccountB both
> sometimes use some of the same exits, but they never use the same exit
> at the same time, I can conclude that they are run by the same user,
Yes I see that analysis clear for the pure anon account, 1/N, situation :)
It seemed that with some non pure anon parameters/patterns that
isolating exit might be better than using the 1/N odds. Currently Tor
exit is also not near to 1/N selection odds.
If I am jane.red1@, jane.red2@, and jane.red3@, all with Mac browser
at 04:00hr via a smaller curve set of exit IP's... it may be an easier guess
than if I am jeff4@ with Mac, greenshoes@ with Win, and sophie@ with
BSD at tea time via 1/N with the "not at the same time" behavior.
*At least for the casual log observer. Which (popular) sites are thought
to be casual vs. statistical observers is also to consider in choice of
defense style.
Also, maybe Tor has cases for fuzzy logic.
More information about the tor-talk
mailing list