| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by ObviousScience 4267 days ago

Fundamentally, there is a trade-off between anonymity and temporal correlation.

In order to be relatively fast at web browsing, Tor compromises some of the possible anonymity (by exposing itself to timing attacks and other such correlation attacks by people who own large numbers of nodes). The Tor project admits as much in their threat model.

There have been a number of other attempts (of which the early email mixes come to mind) that take the other stance, and take efforts to break traffic correlation/timing attacks by adding latency and batching to their propagation of messages.

The question of "better" depends on what your threat model is and what tradeoffs you're willing to make.

1 comments

tatterdemalion 4267 days ago

Okay, but I don't think TOR is crowding out projects like that; they aren't really directly comparable and they are used for different purposes.

& how serious of a threat is traffic correlation? If someone's targeting you at both ends, do they really need to deanonymize you? Is the threat limited to NSA monitoring literally all traffic entering and exiting the TOR network and then correlating it all? How effective is that at deanonymizing traffic?

ObviousScience 4267 days ago

Tor is possibly crowding out things like Freenet, which aren't as good for browsing the internet, but may provide better anonymity.

The Tor project gives a good summary of their threat model, and the steps they take to mitigate attacks on anonymity. (See my other comment thread.)

That being said, I would expect only government agencies (US intelligence, Chinese intelligence, etc) have any reasonable chance of breaking Tor, and likely, it would require prolonged targetted attacks.

Generally speaking, it's easier for those same people to attack other links in the chain (such as targeting the Firefox version used to make the Tor browser). In that sense, Tor is "good enough" for most practical use. That being said, if your adversary was truly the NSA and you absolutely couldn't have a message intercepted, I wouldn't use Tor.

I was just commenting on the fact that Tor exists on a certain part of the spectrum of security vs ease of use, in a theoretical sense, and "better" depends partly on your threat model and particular use case.