Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Browser-based Tor proxies

Steve Weis steveweis at
Thu Jan 3 20:02:50 PST 2013

Yes, the system is vulnerable to client enumeration if there are few
facilitators and proxies. If there are many facilitators and proxies, then
the adversary needs to discover facilitators, constantly poll them, and
compete with legitimate proxies to learn client IPs.

They won't discover every facilitator and cannot poll too aggressively
without detection, but will certainly learn some client IPs. This may or
may not be an acceptable risk. As the authors discussed, the adversary can
already conduct traffic analysis, so it might be no worse than the status

On Thu, Jan 3, 2013 at 5:57 PM, Daniel Colascione <dancol at> wrote:

> I'm extremely worried by the client enumeration problem. Nothing
> could paint a brighter target on dissidents. Normalization is no
> defense here, since it applies to any scheme for circumventing a
> censorship system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list