Comment by alphan0n

This: https://www.sciencedirect.com/science/article/pii/S266729522...

Uses a dataset created from aggregation of logs from all nodes in a simulated Tor environment to train a model that can identify the onion server's IP based on fingerprints created from that model.

>We ran the modified Tor software in the Shadow simulation environment to obtain a large amount of circuits for analysis. Shadow is a discrete-event network simulator developed specifically for Tor network simulation experiments and can run Tor software directly. Therefore, Shadow follows all logic related to Tor circuits. In the simulation environment provided by Shadow, we can build servers, clients, directory authorities, onion services and relays, and can control all nodes. Therefore, we can get circuit data in Shadow without the real Tor network.

This is: a) Not a real world example b) Not an example of interception of unencrypted traffic between a client and an onion site c) Not de-anonymization of a client

This: https://www.usenix.org/system/files/raid2019-iacovazzi.pdf

Is super interesting, it's a real world example of using collusion of an entry node that inserts "watermarked" data to identify an onion service.

It does not: a) Intercept or break encryption between client and onion service b) De-anonymize a client

This: https://www.ndss-symposium.org/ndss-paper/flow-correlation-a...

Is the same data watermarking scheme to use entry collusion to identify onion services.

None of your examples show that a connection to an onion server is insecure insofar as data integrity or client anonymity is concerned.

dumbo-octopus a day ago

Hook, line, and sinker.

https://www.sciencedirect.com/science/article/pii/S266729522...

https://www.usenix.org/system/files/raid2019-iacovazzi.pdf

https://www.ndss-symposium.org/ndss-paper/flow-correlation-a...

Reply View 3 replies

alphan0n 7 hours ago

This: https://www.sciencedirect.com/science/article/pii/S266729522...
Uses a dataset created from aggregation of logs from all nodes in a simulated Tor environment to train a model that can identify the onion server's IP based on fingerprints created from that model.
>We ran the modified Tor software in the Shadow simulation environment to obtain a large amount of circuits for analysis. Shadow is a discrete-event network simulator developed specifically for Tor network simulation experiments and can run Tor software directly. Therefore, Shadow follows all logic related to Tor circuits. In the simulation environment provided by Shadow, we can build servers, clients, directory authorities, onion services and relays, and can control all nodes. Therefore, we can get circuit data in Shadow without the real Tor network.
This is: a) Not a real world example b) Not an example of interception of unencrypted traffic between a client and an onion site c) Not de-anonymization of a client
This: https://www.usenix.org/system/files/raid2019-iacovazzi.pdf
Is super interesting, it's a real world example of using collusion of an entry node that inserts "watermarked" data to identify an onion service.
It does not: a) Intercept or break encryption between client and onion service b) De-anonymize a client
This: https://www.ndss-symposium.org/ndss-paper/flow-correlation-a...
Is the same data watermarking scheme to use entry collusion to identify onion services.
None of your examples show that a connection to an onion server is insecure insofar as data integrity or client anonymity is concerned.

Reply View | 2 replies
- dumbo-octopus 5 hours ago
  
  Ok so you admit we can identify onion services, and it’s common knowledge that the NSA knows your personal traffic patterns. If you think they can’t correlate the two, I have a bridge to sell you.
  
  Reply View | 1 reply
  
  alphan0n 3 hours ago
  
  [flagged]
  
  Reply View | 0 replies