Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-07-01 17:56:59 -04:00
Code Issues Projects Releases Packages Wiki Activity

tails correlation attacks

Browse source
This commit is contained in:
anarsec 2023-11-16 01:04:53 +00:00
parent de0117c351
commit 7b712d1da1
No known key found for this signature in database
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
content/posts/tails/index.md
View file

@ -288,7 +288,11 @@ It is possible to send a document through an .onion link thanks to [OnionShare](
### Make Correlation Attacks More Difficult
When you request a web page through a web browser, the site's server sends it to you in small "packets" that have a specific size and timing (among other characteristics). When using the Tor Browser, the sequence of packets can also be analyzed to look for patterns that can be matched to those of websites. To make this ["correlation attack"](/glossary/#correlation-attack) more difficult, before connecting to a sensitive site you can open various other pages that need to load (such as streaming video on a privacy-friendly site like kolektiva.media) in additional tabs of your browser. This is officially recommended by Tor - see [Do multiple things at once with your Tor client](https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations/). This will generate a lot of additional traffic, making it harder to analyze your pattern.
When you request a web page through a web browser, the site's server sends it to you in small "packets" that have a specific size and timing (among other characteristics). When using the Tor Browser, the sequence of packets can also be analyzed to look for patterns that can be matched to those of websites. To learn more, see ["1.3.3. Passive Application-Layer Traffic Patterns"](https://spec.torproject.org/proposals/344-protocol-info-leaks.html). Tor [plans to fix this issue in the future](https://gitlab.torproject.org/tpo/team/-/wikis/Sponsor-112).
To make this ["correlation attack"](/glossary/#correlation-attack) more difficult, disable JavaScript by using Tor Browser on the **Safest** setting.
Additionally, you can create concurrent traffic by using [Noisy](https://0xacab.org/anarsec/noisy) from the command line, which will make website traffic fingerprinting more difficult. [Doing multiple things at once with your Tor client](https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations/) is recommended by the Tor team.
## Included Software