Client may be forced to choose a certain guard!?
Hi!
I recently heard a talk about deanonymisation attacks against TOR on the 31C3 Congress of the Chaos Computer Club. After that, a certain question about packets count/timing attacks came to my mind.
What about a situation, in which an attacker already knows who he want's to attack. Maybe he's in the same wireless network or he knows the public IP of the victim. He just wants to find out, on what websites the victim is surfing via TOR.
If the attacker has a way to drop all the packages send by the client when connecting to a guard/entry node, he could do this until the client chooses an evil guard node the attacker is in control of.
Does TOR currently do anything to handle this? Maybe a warning if too many guards are unreachable?
Trac:
Username: mzupzyij