-
Notifications
You must be signed in to change notification settings - Fork 399
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent fingerprinting to improve anonymity & UX #351
Comments
How would one identify Ricochet traffic? Are you talking about traffic analysis in the general case? If so, that's a quite hard problem to solve, and may be impossible depending on the resources of the attacker. |
This is in reference to a private conversation I had with @special. |
The distinguishers I would've been referring to are:
As @JeremyRand says, traffic analysis is a really hard problem to solve, and Tor itself has taken almost no steps towards solving it in a general way. I don't think there's anything meaningful Ricochet could do without some sophisticated research demonstrating where the problems are and what defenses might actually work. My preferred solutions would be for more general research to indicate a direction for tor itself to go towards solving traffic analysis problems, and for more people to use Ricochet for more reasons. |
Is Ricochet becoming more fingerprintable considering on how Tor 0.3.5 defaults to using version 3 for Hidden Services which Ricochet doesn't support (#575)?
|
Apparently it's possible to distinguish Ricochet traffic from other Tor traffic, and that can lead to both anonymity and usability issues for the following reason:
By making Ricochet traffic appear like whatever the "average Tor traffic" is, it would be possible to both improve UX issues and prevent such an attack.
The text was updated successfully, but these errors were encountered: