81% of Tor users can be de-anonymised

[digininja]

For all of you who are saying or hoping that simple network source obfuscation can help anonymise you online, this study show that it can't.

Research undertaken between 2008 and 2014 suggests that more than 81%
of Tor clients can be "de-anonymised" - their originating IP addresses
revealed - by exploiting the ?Netflow? technology that Cisco has built
into its router protocols, and similar traffic analysis software
running by default in the hardware of other manufacturers.

http://thestack.com/chakravarty-tor-traffic-analysis-141114

[Mr-Protocol]

Saw a similar article a few days ago. Makes perfect sense. As well as all the other methods used.

[digininja]

Someone told me there was a presentation about this at 29c3 so this isn't a new attack, wonder how much its been used by various agencies.

[Mr-Protocol]

For example: The NSA has basically a global look of internet usage, so that alone they could probably do some analysis and figure most of it out anyways.

[whitenoise]

Everyone who is interested in that topic should read this paper:

https://panopticlick.eff.org/browser-uniqueness.pdf

It gives a good overview about what kind of traces you leave while surfing.

[bytedeez]

I see a market for Anonymization Hardware w/ corresponding firmware.

But then again this would have to start at the ISP.

[cooper]

There will always be a market for "Can I just give you some money for a device that makes the pain go away?" where in this case the pain is the having to constantly be aware of what others can discover about you through your actions. It's no different from "Why don't they make a pill that will let me lose all this excess weight so I don't have to go to the gym anymore?"

Some problems just don't go away by throwing money at it because the problem is YOU. You need to make the conscious decision to change your behaviour and stop doing things that you're doing now. Examples:

- You can't use your current Facebook account anymore. If you create a new one *NOTHING* you put on there can link back to you (so you can't become friends with your real-life friends anymore regardless).

- You can't use your current gmail account anymore. And, like with Facebook, if you create a new one, those that get your email address must not associate that with your real name to prevent "RealFirstName RealLastname <supersecret@gmail.com>" from showing up in the mail header.

- You can't use your current twitter account anymore, and when you create a new one you must again not link to the same set of people you used to and be super careful about what you tweet.

The list goes on. Most people stop reading after "You can't". A large chunk of the rest stop at "You can't use your current Facebook account anymore". It's just too much of a hassle to start over.

I believe the only way to do anonimity for the general public is for someone to create a unique persona for one thing only. Give your personal details to everybody at Facebook like you do now (yes, you do. You're just not aware that you do) but for everything related to X you use a custom VM with TOR and whatever other anonimizing tools there are. When you're in that VM, you don't do ANYTHING ELSE.

This is why a hardware anonimization solution won't work. When you can't stop doing all those other things (because god forbid you can't tell people what you ate where yesterday) you fundamentally can not be anonymous.

[digininja]

Well said. Way to many people attribute hiding their IP address with anonymity and forget all the layer 7 stuff that they deliberately publish every day.

The best device for protecting your online anonymity with an off the shelf box - take a match box, disconnect the cable between your modem to the wall and plug it into the match box. You'll lose all connectivity but it will keep you fairly safe.