Does the fake network traffic help?

Discussion in 'privacy technology' started by febainy, May 11, 2014.

Thread Status:
Not open for further replies.
  1. febainy

    febainy Registered Member

    Joined:
    Feb 11, 2014
    Posts:
    48
    If the website and the ISP work together and measuring your network traffic, is it dangrouse for your Tor identity?

    If I fake the network traffic by keeping refreshing the website, is that harder for analyst to detect my real IP address and the website I visit?
     
  2. Splosh

    Splosh Registered Member

    Joined:
    Nov 19, 2012
    Posts:
    18
    Tor traffic is padded so you can't deduce from packets which sites they correlate with. There's so much traffic going on it's unlikely anyone can succeed in timing attacks. I suggest you run tor relay bridge on your computer so other people route traffic through your computer. That way no one can tell if your computer is the origin of packets that end up to certain web page.
     
  3. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
  4. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I'm pretty sure that they did not in fact trace him. They just knew that it was most likely a student who made the threat. And they knew whoever made the threat was using Tor. So they checked the University ISP to see who was using Tor at that time. There was one guy at the University using Tor. So they questioned him and looked at his computer and he confessed. Had he connected to a VPN first, they would not have known that he was using Tor.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    TOR over VPN is a great idea and its so easy to do!!
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Yes :) Or Tor via VPN via SSH, stunnel or obfsproxy (obfs3 or maybe better, scramblesuit).
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That doesn't really hold true for a bridge. Running a bridge will increase traffic from your PC into the Tor network, not to websites. Tor exit nodes make all of the connections to websites.
     
  8. febainy

    febainy Registered Member

    Joined:
    Feb 11, 2014
    Posts:
    48
    How to use scramblesuit bridge? If just copy scamblesuit line to the bridge field in Tor Network Setting of Torbutton , there will be an error saying the bridge line did not parse
     
  9. febainy

    febainy Registered Member

    Joined:
    Feb 11, 2014
    Posts:
    48
    I couldn't run relay at the age of Vidalia because I had to use proxy or bridge to connect to the Tor network

    Government will know the time you using internet, or maybe the time you using computer, or the time you sleep, traffic rate can leak how much you addicted to the internet, if you don't fake the traffic.
     
  10. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm not sure what you mean by "age of Vidalia". Is Tor legal where you're at? How you deal with government monitoring will depend primarily on the country that you're in, and what is and isn't legal there. Here in the US, Tor is legal. Although legal, using it or running a relay/exit could still make you a "person of interest", get you on a watch list, or expose you to harassment and intimidation. You have to weigh the risk vs benefit for yourself.

    I question the concept of fake traffic. It doesn't matter if the traffic you create is to sites that you actually use or if it's automated rechecking of a list of random bookmarks. The traffic is all real and it is all yours. It wouldn't be difficult to determine which ones are automated. As a Tor exit node, my traffic is a tiny percentage of the actual traffic leaving my IP. The government could work through my ISP, comparing the inbound and outbound traffic to determine which is actually mine (and find nothing of value in the process). I don't doubt that they can monitor all of any individuals traffic, but they can't do this with everyone. If 10% of the people started relaying traffic, their surveillance system would be completely swamped. As it stands right now, there's less than 900 exit nodes total, scattered around the globe. All of the traffic on Tor connects through those 900 exits. If you can legally run a relay or exit, you'll see lots of other legitimate traffic and your own will largely disappear into it.
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    If you run a non-exit relay, I totally agree with this. All of your traffic that's using Tor, plus all of the Tor traffic that your relay is forwarding, remain within the Tor network. If you run an exit relay, on the other hand, you also have traffic from others exiting the Tor network to destination sites. And, unless you specify your own exit for your Tor traffic, arguably none of your Tor-using traffic will exit from your Tor relay. Do I have that right?

    If that's so, operating a Tor exit doesn't increase the anonymity of your Tor-using traffic. It just makes you more interesting to the Watchers. And of course, it's a public service, as it helps provide better anonymity to all other Tor users.
     
  12. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I may have misread the question.
    If you're running a non-exit relay and running your own traffic into Tor, your own traffic will largely disappear. An adversary would need to compare inbound and outbound traffic, looking for outbound traffic with no corresponding input traffic. They'd also have to rule out the traffic of Tor itself, the contacting of directory nodes, etc.

    If you're running an exit relay, your own non Tor traffic would blend into the rest of the traffic exiting your system. It would require the same type of inbound vs outbound comparisons to determine which if any is yours. Exit relays can also function as middle and entry nodes. I regularly see connections from mine to to other relays but nowhere near as many.

    In both cases, an adversary has to monitor all of the inbound and outbound traffic, then perform a timing comparison in order to determine which traffic is yours. This comparison is more difficult for exit nodes where a single inbound connection can result in many outbound connections to a site, the ads on the site, etc. As a middle relay, it's usually one to one with the quantity being the main difficulty.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    @noone_particular

    Thanks for the clarification :)

    As much as I love privacy, running a Tor exit at home would be too much of a red flag. I do use VPNs, of course, but a Tor exit might lead to a visit from XYZ. And then there might be questions about passwords etc.

    If there were VPS providers that allowed Tor exits, and also accepted Bitcoins, I might go for it. But it seems that there aren't too many such providers. Indeed, it almost seems like providers that allow Tor exits are more likely to want verified information about customers.
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    For me, the situation is almost completely reversed. My internet usage is primarily for information purposes, technology, alternate news sources, forums, etc. There's very little online activity that I need to conceal. There's no financial or medical data or traffic. No social media save for forums like this one. I never have used a VPN. I very seldom use Tor for myself. Nothing I do requires it. My passwords would gain them nothing unless they wanted to impersonate me for some reason. The possibility of harassment exists but making a charge stick would be much harder. As far as becoming a person of interest, I most likely crossed that line 10 years ago. The way I see it, there is no completely safe way to oppose mass surveillance. Running an exit is something meaningful that I can do that is legal.
     
  15. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I agree. I would touch a Tor exit node with a 10 foot pole. I have heard of stories of LE crashing people's doors down and throwing them on the ground. Screw that!
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I don't deny that it could happen. That said, I also believe that the threat of it is deliberately hyped as a form of intimidation. The more the possibility is presented to people and the more often it's repeated, the more real the risk appears. IMO, they publicize such events to convince people not to run Tor exits.
     
Loading...
Thread Status:
Not open for further replies.