Silk Road forums

Discussion => Silk Road discussion => Topic started by: strange on June 24, 2011, 06:40 am

Title: Strange behavior of SR's Tor configuration
Post by: strange on June 24, 2011, 06:40 am
When you come here, look at your open circuits. Loading dkn255hz262ypmii also opens a circuit to the other hidden services .onion
I can not think of any reason why this should be taking place, at all. Can you explain why this happens SR? I think that it may increase
the risk of local passive fingerprinting attacks somewhat.
Title: Re: Strange behavior of SR's Tor configuration
Post by: rake on June 24, 2011, 06:49 am
Could you please list what other onion addresses the site appears to connect to?
Title: Re: Strange behavior of SR's Tor configuration
Post by: techlord on June 24, 2011, 10:57 am
It sounds like you're describing normal Tor behavior. Tor circuits change roughly every 10 minutes unless you're using IRC or streaming/downloading.

Please elaborate or provide terminal output.
Title: Re: Strange behavior of SR's Tor configuration
Post by: names on June 24, 2011, 12:59 pm
Did you guys fail reading comprehension? Loading dkn255hz262ypmii also causes a circuit to open to ian whatever-the-fuck.onion and this is not normal Tor behavior and there are no hotlinked images from there or any other things I can see that should cause this. And since this is like the only .onion that automatically opens two circuits when you load a page, it will make it a lot easier for your ISP to tell you are going here.  Actually, I take that back, if a site allows hotlinking the same pattern would be observable at the ISP if a single other server has hotlinked images in the main page. Maybe some statistical attacks could still differentiate it though. At best it effectively double the speed with which circuits are formed though. I just wonder why it is happening mostly I don't see what causes it or what exactly is being sent to or from the ian server.
Title: Re: Strange behavior of SR's Tor configuration
Post by: pfft on June 24, 2011, 01:24 pm
> Loading dkn255hz262ypmii also causes a circuit to open to ian whatever-the-fuck.onion

This is a misconfiguration of the webserver running this forum. The forum probably tries to embed an image which doesn't exist on the webserver, which redirects your browser to "ian whatever-the-fuck.onion" then. Try yourself with some non-existing file like:

http://dkn255hz262ypmii.onion/a

Title: Re: Strange behavior of SR's Tor configuration
Post by: names on June 24, 2011, 01:31 pm
Ah thanks. Yeah I checked the source for hotlinking but I didn't consider it was a redirect from a missing image. Thanks for pointing it out. This should be taken care of, it probably isn't that bad but it is certainly not good either. At best it doubles the speed of circuit formation, at worst it creates a distinguishable pattern in circuit formation that could be fingerprinted by the ISP.