On Tue, Nov 27, 2018 at 12:13 PM David Fifield <da...@bamsoftware.com> wrote: > > On Tue, Nov 27, 2018 at 08:23:21AM -0500, Nick Mathewson wrote: > > ### Traffic Fingerprinting of TCP-like systems [...] > > This class of attacks is solvable, especially if the exact same > > TCP-like implementation is used by all clients, but it also requires > > careful consideration and additional constraints to be placed on the > > TCP stack(s) in use that are not usually considered by TCP > > implementations -- particularly to ensure that they do not depend on > > OS-specific features or try to learn things about their environment > > over time, across different connections. > > Thanks, this is nice and thoughtful analysis. > > Does the word "clients" in the last paragraph meant to exclude servers? > Or should I understand something like "peers" that includes clients and > servers? I'm trying to think of how fingerprinting a server could be > useful to an attacker. An onion service doesn't count as a server--at > the layer of the TCP-like protocol, it's a client, with the RP as > server.
Right. I *think* that only parties that need anonymity need to avoid TCP fingerprinting. cheers, -- Nick _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
