Sebastian G. <bastik.tor>: > 04.01.2014 09:05, dhanlin: > It also depends on where and who your adversary is.
The adversary I had in mind was a malicious exit node administrator. If all e-mail accounts are accessed using the same circuit, it seems the exit node would see the near simultaneous connections (assume encrypted) to various e-mail servers, and even with one occurrence suspicion could be developed that the accounts accessed are linked. Suppose I check simultaneously: - john....@yandex.com - jane....@gmail.com - my.actual.n...@my.server.org If the adversary wants to create a database linking many e-mail accounts accessed over Tor using secure connections, they could collect simultaneous e-mail account accesses from their exit node. When the combination of the servers accessed simultaneously is distinct (e.g. yandex.com + gmail.com + my.server.org), the accounts can be linked, even if their account names are unknown. (The actual account names could be found out retrospectively, for example by subpoena of gmail.com accounts accessed at a certain time.) Unless this threat is flawed, it seems like it therefore would be safest if TorBirdy used a separate circuit for each account, or enforced delays between checks of multiple accounts. (Maybe it already does?) dhanlin -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
