Tor org has already signaled that they're not going to glue on some timing attack resistance, for two reasons. First, it's a hard problem to solve, and there's no guarantee however much contortions they put the present tech through that the problem will be solved. Second, solving the problem means degrading service for normies who want to login to Facebook from Tor Browser, and that is something Tor org will never accept because their anonymity model requires a maximum number of casual users thrown into the mix.
From a business perspective, Tor org can blissfully ignore what happens to the untermensch (us), and make only minor adjustments around the edges to keep up the appearance that their technology isn't fundamentally broken. Maybe somewhere down the line, a fix will be made available. After all, the illusion of anonymity is very important to maintain, in the same way that government informants insist upon the secrecy of their meetings: so that people feel comfortable confessing all their sins, not to God but to the Anti-Christ, aka the Ruritanian Empire.
Here is someone in November 2023 wishing for some movement on this issue. He got no replies and only one like.This fork of Noisy is intended to mitigate against correlation attacks which do not use the latest state-of-the-art techniques developed by researchers (for those we would need another software, which has not been written yet, to our knowledge). We expect Noisy to mitigate against correlation attacks by many powerful adversaries worldwide, but because of the simple techniques it uses - only HTTP/S requests, not taking into account existing Tor traffic to try to blend into it - it is definitely not foolproof.
https://forum.torproject.org/t/noisy-partial-mitigation-for-correlation-attacks-community-feedback-needed/9166 (You'll notice that because gitlab site uses Javascript the Noisy page is inaccessible to anyone running a hardened browser. Anarsec, like so many before him, is a fake infosec clown.)
Here is another important post:I was just reading a paper on traffic confirmation attacks over here https://arxiv.org/pdf/1808.07285v1.pdf. This attack runs with the help of deep learning algorithm called DeepCorr. This attack can be run in a Five Eyes country or an authoritarian regime like Russia where companies are compelled to cooperate with the government making this attack plausible. The ISP and the website operators are the two endpoints for this attack. This attack was able to achieve a success rate of over 96% which represents a serious threat to Tor users in these regions. The paper also includes some countermeasures on how to defeat this method of traffic confirmation.This attack looks especially bad for situations where both ends of the connection are controlled by the attacker, so it seems really bad for onionshare, ricochet refresh, Briar, and Quiet, at least when users are communicating with others in the same country. 96% correlation after 900k of data sent! That’s just a few images or files. https://forum.torproject.org/t/tor-dev-critical-deepcorr-traffic-confirmation-attack/6720 That's from Feb 2023, so this news is 1 year old. (You're Marty in Back to the Future looking at the picture of your past slowly disappear!) Someone else in the thread:Again, I believe the paper being discussed substantially improves on [49] in many respects, but the basic idea that correlation at scale is feasible was not only understood but demonstrated sixteen years ago. HTH. So the big take away here, is that the Secret Police finally decided to operationalize a theoretical vulnerability that was already years old at the time. It's been operating for around 6 years continuously which means that pretty much everything you've heard about anything "interesting" in the past 6 years is probably wrong, a fictional parallel construction intended to keep the techniques a secret.
https://en.wikipedia.org/wiki/Parallel_construction
Tor is outdated technology and there is nothing else even close to being market ready.- Freenet => dead && sucks (where is the archive of Freenet posts?)
- I2P => fail to launch && garlic routing as rusty as onion routing
- Nym => next gen mix tech transmuted by CIA into failed crypto-scam
- Freenet (the new one) => no pretense of anonymity
- (The graveyard is much longer, but why go on?)...
That leaves us with Tor, which is now officially broken and unsuitable for anything other than a free VPN while the totalitarian ID infrastructure--like requiring users flash a government ID jerk off--steadily gains ground.
By the way, if the rumors about the technique are true, since the IP of BC is known, KAX17 can deanonymize anyone using Tor to access BC. It's not just about attacking hidden services. It's about neutralizing anonymity of any kind over the Internet.
In all that you do, act as though the era in which our conversations have been possible is coming to an end. Don't listen to people who say there's nothing to worry about. You're doing the important archiving work. Never forget that. PREPARE FOR WHEN THE LIGHTS GO OUT--coming soon to a befuddled minority near you. | |
From his IN BIG NEON LETTERS,
The King of Zembla
(https site) Reddit: How afraid should we be of a Correlation Attack / getting deanonymized on Tor?
[@nonymouse] [Guardster] [Proxify] [Anonymisierungsdienst]
|
