digininja Posted November 17, 2014 Share Posted November 17, 2014 For all of you who are saying or hoping that simple network source obfuscation can help anonymise you online, this study show that it can't. Research undertaken between 2008 and 2014 suggests that more than 81%of Tor clients can be "de-anonymised" - their originating IP addressesrevealed - by exploiting the ?Netflow? technology that Cisco has builtinto its router protocols, and similar traffic analysis softwarerunning by default in the hardware of other manufacturers. http://thestack.com/chakravarty-tor-traffic-analysis-141114 Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 18, 2014 Share Posted November 18, 2014 Saw a similar article a few days ago. Makes perfect sense. As well as all the other methods used. Quote Link to comment Share on other sites More sharing options...
digininja Posted November 18, 2014 Author Share Posted November 18, 2014 Someone told me there was a presentation about this at 29c3 so this isn't a new attack, wonder how much its been used by various agencies. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 19, 2014 Share Posted November 19, 2014 For example: The NSA has basically a global look of internet usage, so that alone they could probably do some analysis and figure most of it out anyways. Quote Link to comment Share on other sites More sharing options...
whitenoise Posted December 6, 2014 Share Posted December 6, 2014 Everyone who is interested in that topic should read this paper: https://panopticlick.eff.org/browser-uniqueness.pdf It gives a good overview about what kind of traces you leave while surfing. Quote Link to comment Share on other sites More sharing options...
bytedeez Posted January 9, 2015 Share Posted January 9, 2015 I see a market for Anonymization Hardware w/ corresponding firmware. But then again this would have to start at the ISP. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 9, 2015 Share Posted January 9, 2015 There will always be a market for "Can I just give you some money for a device that makes the pain go away?" where in this case the pain is the having to constantly be aware of what others can discover about you through your actions. It's no different from "Why don't they make a pill that will let me lose all this excess weight so I don't have to go to the gym anymore?" Some problems just don't go away by throwing money at it because the problem is YOU. You need to make the conscious decision to change your behaviour and stop doing things that you're doing now. Examples: - You can't use your current Facebook account anymore. If you create a new one *NOTHING* you put on there can link back to you (so you can't become friends with your real-life friends anymore regardless). - You can't use your current gmail account anymore. And, like with Facebook, if you create a new one, those that get your email address must not associate that with your real name to prevent "RealFirstName RealLastname <supersecret@gmail.com>" from showing up in the mail header. - You can't use your current twitter account anymore, and when you create a new one you must again not link to the same set of people you used to and be super careful about what you tweet. The list goes on. Most people stop reading after "You can't". A large chunk of the rest stop at "You can't use your current Facebook account anymore". It's just too much of a hassle to start over. I believe the only way to do anonimity for the general public is for someone to create a unique persona for one thing only. Give your personal details to everybody at Facebook like you do now (yes, you do. You're just not aware that you do) but for everything related to X you use a custom VM with TOR and whatever other anonimizing tools there are. When you're in that VM, you don't do ANYTHING ELSE. This is why a hardware anonimization solution won't work. When you can't stop doing all those other things (because god forbid you can't tell people what you ate where yesterday) you fundamentally can not be anonymous. Quote Link to comment Share on other sites More sharing options...
digininja Posted January 9, 2015 Author Share Posted January 9, 2015 Well said. Way to many people attribute hiding their IP address with anonymity and forget all the layer 7 stuff that they deliberately publish every day. The best device for protecting your online anonymity with an off the shelf box - take a match box, disconnect the cable between your modem to the wall and plug it into the match box. You'll lose all connectivity but it will keep you fairly safe. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.