Commit bf214cf1 authored by Rajakavitha Kodhandapani's avatar Rajakavitha Kodhandapani
Browse files

Update warning.mdwn "Incorporated the changes suggested by Sajolida"

parent f5bb8faf
......@@ -159,25 +159,24 @@ collusion</a>.</p>
<h1 id="correlation">End to end time correlation attacks</h1>
A global passive adversary is an organisation or an entity that monitors
the traffic between all computers in a network. For example, National
Security Agency Central Security Service (NSA |CSS ), National Cyber
Coordination Centre (NCCC), and others.
Tor network is designed to prevent traffic analysis, where someone tries
to investigate a user in a network. However, It is not designed to
protect you against someone who can monitor or measure traffic that
enters and exits a Tor network. End to end time correlation attacks are
possible in the following scenarios:
* When a global passive adversary monitors the timings and volume
patterns of the different communications across the network, it would
be statistically possible to identify Tor circuits and match Tor users
and destination servers.
* When the ISP or local network administrator and the ISP of the
destination server or the destination server itself collaborate to
monitor the traffic in the network and match the Tor users.
to investigate a user in the network by observing a particular point in the circuit. A network design that monitors both the ends of a communication network impacts the low-latency communication services such as web browsing, Internet chat, or SSH connections. To ensure that the users do not experience any latency, Tor is designed not to monitor traffic that enters and exits a network. Hence, Tor does not shield you from someone who can observe both the ends of a communication network. End to end time correlation attacks are
possible when you can match Tor users and destination servers. Consider the following scenarios:
* When someone monitors the timings and volume patterns of the different communications across the network, it is statistically possible to identify Tor circuits and match Tor users and destination servers. For example, a <abbr title="A global passive adversary is an organization or an entity that can observe many points of the Internet and is more likely to be in the right place at the right time. For example, National Security Agency Central (NSA). However, it does not have an absolute control of the Internet."> global passive adversary</abbr> might be able to deanonymize you.
* When someone in the first relay and someone at the exit relay monitors the communication in the network to match the Tor users and destination servers. For example, the ISP or local network administrator in the first relay and the ISP of the destination server or the destination server itself collaborate to monitor the traffic in the network; together they might be able to deanonymize you.
However, deanonymizing using end to end time correlation is not simple. For example, to deanonymize Tor users, the FBI used the vulnerabilities in the browser rather than network
attacks that are more complex. For more information, read this article about an attempt at <a
href="https://arstechnica.com/information-technology/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/">deanonymizing Tor users </a>. Tails is an OS with stronger security measures and was not vulnerable to this attack.
For related information about end to end time correlation attacks read:
* <a href="https://blog.torproject.org/blog/one-cell-enough"> One cell is enough to break Tor's anonymity </a>
* <a href="http://www.cse.hut.fi/en/publications/B/11/papers/salo.pdf"> Recent Attacks On Tor </a>
<h1 id="encryption">Tails doesn't encrypt your documents by default</h1>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment