On 01/16/2014 04:16 AM, Jim Rucker wrote: > There was a story in the news recently of a Harvard student who used Tor > to send a bomb threat to Harvard in order to cancel classes so he > wouldn't have to take a test. He was apprehended within a day, which > puts into question the anonymity of Tor.
The way I understand it is that they did not exploit a weakness in any system, they just (more or less) performed regular police work. See https://www.schneier.com/crypto-gram-1401.html#3 > From my understanding (please correct me if I'm wrong) Tor has a > weakness in that if someone can monitor data going into the relays and > going out of the exit nodes then they can defeat the anonymity of tor by > correlating the size and number of packets being sent to relays and > comparing those that the packets leaving the exit nodes. It is not that simple, but in principle you are correct. A good paper to read about this is http://freehaven.net/anonbib/#ccs2013-usersrouted See anonbib also for mitigations that were suggested and investigated over time (which are not that easy either). -- Moritz Bartl https://www.torservers.net/ _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev