Opened 7 years ago

Closed 2 years ago

#5753 closed defect (wontfix)

When we isolate streams by domain, can a local observer guess how many domains we visit?

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Metrics/Analysis Version:
Severity: Normal Keywords:
Cc: g.koppen@…, arthuredelstein Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In Mike's future world where we allocate streams to different circuits based on their referer header (#3455), that means the number of circuits we make will be a function of our browsing behavior (e.g. number of tabs we interact with).

How much can a local observer learn about the number of circuits we make based on seeing network traffic, and how much can that attacker deduce about our browsing activity based on number of circuits?

Do the answers change when we consider an entry guard instead?

Child Tickets

Change History (5)

comment:1 Changed 7 years ago by gk

Cc: g.koppen@… added

comment:2 Changed 7 years ago by mikeperry

This might be an interesting math problem to academics, but when compared to the linkability at the exit node that can be used to totally deanonymize you (for example, by issuing a subpoena to mail.google.com and/or the equivalent iranian state run email provider to find out who runs a twitter account accessed on the same circuit), it pales in comparison.

Also, remember there's a 33% chance you'll use the same guard, even if you don't use the same circuit. So 1/3 of your website visits will be no different than the status quo anyways.

Further, the status quo is that local observers can probably simply observe network activity vs silence to determine your domain visits, since most humans navigate web pages relatively slowly compared to 3rd party content sourcing rates.

comment:3 Changed 6 years ago by mikeperry

Parent ID: #5752

In addition to my above concerns, I also get the feeling that if we ask academia this question the answer will inevitably be "Yes. Very Yes. Also my attack is so good that all defenses are broken forever! Write a news article about me please."

I mean, most of them say that anyway right now with three randomly selected Guards and 10 minute circuits. I don't see any reason why this study would turn out any different, with the way they're currently studying this stuff.

While it may be amusing to see how they decide to cook up the stats on this specific angle, I don't think this study blocks #5752.

comment:4 Changed 4 years ago by arthuredelstein

Cc: arthuredelstein added
Severity: Normal

comment:5 Changed 2 years ago by karsten

Resolution: wontfix
Status: newclosed

Closing tickets in Metrics/Analysis that have been created 5+ years ago and not seen progress recently, except for the ones that "nickm-cares" about.

Note: See TracTickets for help on using tickets.