mirror of
https://0xacab.org/anarsec/anarsec.guide.git
synced 2025-07-01 17:56:59 -04:00
tails correlation attacks
This commit is contained in:
parent
de0117c351
commit
7b712d1da1
1 changed files with 5 additions and 1 deletions
|
@ -288,7 +288,11 @@ It is possible to send a document through an .onion link thanks to [OnionShare](
|
|||
|
||||
### Make Correlation Attacks More Difficult
|
||||
|
||||
When you request a web page through a web browser, the site's server sends it to you in small "packets" that have a specific size and timing (among other characteristics). When using the Tor Browser, the sequence of packets can also be analyzed to look for patterns that can be matched to those of websites. To make this ["correlation attack"](/glossary/#correlation-attack) more difficult, before connecting to a sensitive site you can open various other pages that need to load (such as streaming video on a privacy-friendly site like kolektiva.media) in additional tabs of your browser. This is officially recommended by Tor - see [Do multiple things at once with your Tor client](https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations/). This will generate a lot of additional traffic, making it harder to analyze your pattern.
|
||||
When you request a web page through a web browser, the site's server sends it to you in small "packets" that have a specific size and timing (among other characteristics). When using the Tor Browser, the sequence of packets can also be analyzed to look for patterns that can be matched to those of websites. To learn more, see ["1.3.3. Passive Application-Layer Traffic Patterns"](https://spec.torproject.org/proposals/344-protocol-info-leaks.html). Tor [plans to fix this issue in the future](https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor-112).
|
||||
|
||||
To make this ["correlation attack"](/glossary/#correlation-attack) more difficult, disable JavaScript by using Tor Browser on the **Safest** setting.
|
||||
|
||||
Additionally, you can create concurrent traffic by using [Noisy](https://0xacab.org/anarsec/noisy) from the command line, which will make website traffic fingerprinting more difficult. [Doing multiple things at once with your Tor client](https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations/) is recommended by the Tor team.
|
||||
|
||||
## Included Software
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue