[tor-talk] Tor DNS Deanonymization
Nick Mathewson
nickm at torproject.org
Sun Oct 16 05:15:32 UTC 2016
On Fri, Oct 14, 2016 at 11:09 AM, Philipp Winter <phw at nymity.ch> wrote:
[...]
> There are two ways to mitigate the issue. First, we need better
> defences against website fingerprinting, so an attacker learns less by
> observing the connection to your guard relay. Second, we need to
> improve the DNS setup of exit relays. I would like to see less relays
> use Google's resolver, and we need to move towards encrypted DNS.
Thanks, Philipp!
Could you comment at all about whether our current exit side dns
caching approach makes the attack harder, easier, or doesn't matter?
Best wishes,
--
Nick
More information about the tor-talk
mailing list