81% de-anonymised article: attack does not work on hidden services. Stop with the FUD.

When you use a hidden service your traffic does not flow through an exit node. The traffic analysis discussed in the recent article does not apply to hidden service users.

Stop with the FUD and start educating each other.


Comments


[10 Points] forgotmysn420:

However, probably important to note that if a site was operated by LE..as some have been rumored... this is probably where users could be recognized


[5 Points] None:

Please explain?


[3 Points] sapiophile:

THIS ISN'T TRUE.

OP, PLEASE edit your post, please please please this is important.

The attack in the 81% paper involves nothing more than a malicious/colluding/hacked server changing its bandwidth limits in a specified pattern. It has no bearing on how that server connects to/interacts with the Tor network. While the researchers' studied examples were not hidden services, there's no reason the mechanism of this attack woulkdn't work for hidden services as well. From the paper:

While the client downloads the file from the server, the server (in collusion with the adversary) injects a repeating traf- fic pattern in the TCP connection, that it observes as originat- ing from the exit node. In our experiments, this was achieved by capping the connection throughput to a particular bandwidth value for several seconds and then switching to another one. We achieved this using Linux Traffic Controller [37], a Linux kernel based traffic shaping and conditioning framework. In our experiments, the adversary injected two different kinds of traffic patterns. The first one involves the server injecting a simple “square wave” like pattern, achieved by repeatedly switching the victim’s traffic pattern between two bandwidth values. The other was a more complex “step” like pattern, that was achieved by the server switching repeatedly between several pre-calculated bandwidth values. For the sake of our experiments we often chose these values after some initial measurements to see what bandwidth values the victim Tor clients achieved.


[2 Points] mqduck:

Still not good for those who need/want to browse the Web anonymously.


[1 Points] None:

[deleted]


[1 Points] noel_105:

So if I understand correctly, it's browsing clearnet sites in Tor that could result in de-anonymization.

If that's the case, and I want to browse clearnet sites while in Tails, would the safe option be to use the "insecure browser" included in Tails as opposed to Tor?