|
@@ -1012,7 +1012,7 @@ Exit abuse is a serious barrier to wide-scale Tor deployment. Anonymity
|
|
|
presents would-be vandals and abusers with an opportunity to hide
|
|
presents would-be vandals and abusers with an opportunity to hide
|
|
|
the origins of their activities. Attackers can harm the Tor network by
|
|
the origins of their activities. Attackers can harm the Tor network by
|
|
|
implicating exit servers for their abuse. Also, applications that commonly
|
|
implicating exit servers for their abuse. Also, applications that commonly
|
|
|
-use IP-based authentication (such as institutional mail or web servers)
|
|
|
|
|
|
|
+use IP-based authentication (such as institutional mail or webservers)
|
|
|
can be fooled by the fact that anonymous connections appear to originate
|
|
can be fooled by the fact that anonymous connections appear to originate
|
|
|
at the exit OR.
|
|
at the exit OR.
|
|
|
|
|
|
|
@@ -1482,7 +1482,7 @@ need for this approach, when
|
|
|
the German government successfully ordered them to add a backdoor to
|
|
the German government successfully ordered them to add a backdoor to
|
|
|
all of their nodes \cite{jap-backdoor}.
|
|
all of their nodes \cite{jap-backdoor}.
|
|
|
|
|
|
|
|
-\emph{Run a recipient.} By running a Web server, an adversary
|
|
|
|
|
|
|
+\emph{Run a recipient.} By running a webserver, an adversary
|
|
|
trivially learns the timing patterns of users connecting to it, and
|
|
trivially learns the timing patterns of users connecting to it, and
|
|
|
can introduce arbitrary patterns in its responses. This can greatly
|
|
can introduce arbitrary patterns in its responses. This can greatly
|
|
|
facilitate end-to-end attacks: If the adversary can induce
|
|
facilitate end-to-end attacks: If the adversary can induce
|
Nick Mathewson