[tor-talk] Risk of checking multiple accounts with TorBirdy
Mix+TB Test
mix.tb at yandex.com
Sat Jan 4 22:35:16 UTC 2014
>> The adversary I had in mind was a malicious exit node administrator.
>> If all e-mail accounts are accessed using the same circuit, it seems
>> the exit node would see the near simultaneous connections (assume
>> encrypted) to various e-mail servers, and even with one occurrence
>> suspicion could be developed that the accounts accessed are linked.
>
> SOCKSPort ... IsolateDestAddr?
>
> IsolateDestAddr
> Don’t share circuits with streams targetting a different destination
> address.
Have just tried this and am not getting expected results. Modified the
TBB SocksPort line in Data/Tor/torrc-defaults from:
SocksPort 9150
to:
SocksPort 9150 IsolateDestPort
but I'm still seeing multiple connections to the same port (993) through
the same circuit with multiple accounts from the same Thunderbird
instance. I'm also seeing multiple simultaneous connections to the same
port (80, 443) from TBB as well.
I used IsolateDestPort instead of IsolateDestAddr as we're talking about
separate email providers. I also tried:
SocksPort 9150 IsolateDestAddr IsolateDestPort
and I'm also seeing the same destination ports being used over the same
circuits, as well as the same destination IPs. Maybe I'm doing something
wrong?
More information about the tor-talk
mailing list