Anonymität bei Tor: Was man nicht tun kann

[root]

Anonymität bei Tor: Was man nicht tun kann

Besuchen Sie Ihre eigene Website in einem anonymen Modus

"Ich frage mich, wie meine Website aussieht, wenn ich anonym bin?» [1]

Es ist am besten, persönliche Websites zu vermeiden, an die echte Namen oder Aliase angehängt sind, insbesondere wenn sie jemals nicht über Tor / mit einer echten IP-Adresse verbunden wurden. Es ist wahrscheinlich, dass nur sehr wenige Leute Ihre persönliche Website über Tor besuchen. Dies bedeutet, dass der Benutzer der einzige einzigartige Tor-Client sein kann, der dies tut.

Dieses Verhalten führt zu einem Auslaufen der Anonymität, da das gesamte Tor-Schema nach dem Besuch der Website «schmutzig»wird. Wenn eine Website wenig beliebt ist und nicht viel Traffic erhält, können die Tor — Ausgabeknoten fast sicher sein, dass der Besucher dieser Website der Besitzer der Website ist. Von diesem Punkt an ist es vernünftig anzunehmen, dass nachfolgende Verbindungen von diesem Tor-Ausgabeknoten auch vom Computer dieses Benutzers stammen.

Quelle: [2]

Melden Sie sich in sozialen Netzwerken an und denken Sie, dass Sie anonym sind


Melden Sie sich nicht über Tor bei Ihrem persönlichen Facebook-Konto oder einem anderen sozialen Netzwerk an. Auch wenn anstelle eines echten Namens ein Alias verwendet wird, ist das Konto wahrscheinlich mit Freunden verbunden, die Sie kennen. Infolgedessen kann das soziale Netzwerk eine vernünftige Annahme vorbringen, wer der Benutzer wirklich ist.

Kein System der Anonymität ist perfekt. Die Software für Online-Anonymität kann IP-Adressen und Standorte verbergen, aber Facebook und die gleichen Unternehmen brauchen diese Informationen nicht. Soziale Netzwerke kennen bereits den Benutzer, seine Freunde, den Inhalt von «privaten» Nachrichten zwischen ihnen und so weiter. Diese Daten werden mindestens auf den Servern des sozialen Netzwerks gespeichert, und keine Software ist in der Lage, sie zu löschen. Sie können nur von Social-Media-Plattformen oder Hackergruppen selbst gelöscht werden. [3]

Nutzer, die sich bei ihren Facebook-Konten und anderen Konten anmelden, erhalten nur den Standortschutz, nicht aber die Anonymität.

Das verstehen einige Social-Media-Nutzer nicht sehr gut: [4]

Mike, werde ich völlig anonym sein, wenn ich mich in meinem Facebook-Konto anmelde? Ich benutze Firefox 3.6 mit Tor und NoScript auf einem Windows 7-Rechner. Danke.

Melden Sie sich nie bei Konten an, die Sie ohne Tor verwendet haben

Gehen Sie immer davon aus, dass das Serverprotokoll bei jedem Besuch Folgendes speichert: [5]

Client-IP-Adresse/Standort.
Datum und Uhrzeit der Anfrage.
Spezifische Adressen der angeforderten Seiten.
HTTP-Code.
Die Anzahl der Bytes, die an den Benutzer gesendet werden.
Der Browser-Agent des Benutzers.
Verweisende Website (Referrer).

Gehen Sie auch davon aus, dass der Internetdienstanbieter (ISP) mindestens die Online-Zeit und die IP-Adresse/den Standort des Kunden aufzeichnet. Der ISP kann auch die IP-Adressen/Standorte der besuchten Websites aufzeichnen, wie viel Datenverkehr (Daten) übertragen wird und was speziell übertragen und empfangen wurde. Solange der Datenverkehr nicht verschlüsselt ist, kann der ISP sehen, welche spezifischen Aktionen durchgeführt wurden, welche Informationen empfangen und gesendet wurden.

Die folgenden Tabellen geben eine vereinfachte Vorstellung davon, wie diese Protokolle für Administratoren aussehen könnten.

Tabelle: ISP-Protokoll

Name
Die Zeit
IP / Ort
Der Verkehr
John Doe 16: 00 — 17: 00 1.1.1.1 500 MB

Tabelle: Erweitertes ISP-Protokoll [6]

Name
Die Zeit
IP / Ort
Der Verkehr
Die Adresse
Inhalt
John Doe 16: 00 — 17: 00 1.1.1.1 1 MB google.com Suchabfrage 1, Abfrage 2...
John Doe 16: 00 — 17: 00 1.1.1.1 490 MB youtube.com Beobachtete Video 1, Video 2
John Doe 16: 00 — 17: 00 1.1.1.1 9 MB facebook.com Verschlüsselter Datenverkehr

Tabelle: Website-Protokoll

Name
Die Zeit
IP / Ort
Der Verkehr
Inhalt
— 16:00 — 16:10 1.1.1.1 1 MB Suchabfrage 1, Abfrage 2...

Es ist klar, dass die gleiche Art von Protokollierung von Websites und Internet-Provider ermöglicht es Ihnen, die Aktionen des Benutzers leicht zu identifizieren.

Das Konto wird kompromittiert und an den Benutzer gebunden, auch wenn eine einmalige Autorisierung über eine Verbindung, die nicht von Tor geschützt ist, von einer echten IP-Adresse aus erfolgt. Einzelne Fehler sind oft tödlich und führen zur Offenlegung vieler «anonymer» Benutzer.

Melden Sie sich nicht bei Online-Banking oder Zahlungssystemen an, wenn Sie sich der Risiken nicht bewusst sind


Die Autorisierung bei Online-Banking, PayPal, eBay und anderen wichtigen Finanzkonten, die mit Ihrem Benutzernamen registriert sind, wird nicht empfohlen. In Finanzsystemen droht jede Verwendung von Tor aufgrund von «verdächtigen Aktivitäten», die vom Frod Prevention System protokolliert werden, das Einfrieren des Kontos. Der Grund dafür ist, dass Hacker Tor manchmal verwenden, um betrügerische Aktivitäten durchzuführen.

Die Verwendung von Tor mit Online-Banking und Finanzkonten ist aus den oben genannten Gründen nicht anonym. Es ist ein Pseudonym, das nur die IP-Adresse versteckt, oder ein Trick, um auf eine vom ISP blockierte Website zuzugreifen. Der Unterschied zwischen Anonymität und Pseudonymität wird im entsprechenden Kapitel beschrieben.

Wenn ein Benutzer gesperrt wurde, können Sie sich in vielen Fällen an den Support wenden, um das Konto zu entsperren. Einige Dienste erlauben sogar eine Lockerung der Frod-Regeln für Benutzerkonten.

Whonix-Entwickler Patrick Schleiser hat nichts dagegen, Tor zu verwenden, um die Blockierung einer Website zu umgehen oder eine IP-Adresse zu verbergen. Der Benutzer muss jedoch verstehen, dass ein Bankkonto oder ein anderes Zahlungskonto (vorübergehend) eingefroren werden kann. Darüber hinaus sind andere Ergebnisse möglich (dauerhafte Sperrung des Dienstes, Löschung des Kontos usw.), wie in den Warnungen auf dieser Seite und in der Whonix-Dokumentation angegeben. Wenn Benutzer sich der Risiken bewusst sind und sich angemessen fühlen, Tor unter bestimmten persönlichen Umständen zu verwenden, können sie diesen Rat natürlich ignorieren.

Wechseln Sie nicht zwischen Tor und Open Wi-Fi

Einige Benutzer denken fälschlicherweise, dass offenes WLAN eine schnellere und sicherere «Tor-Alternative» ist, da die IP-Adresse nicht an einen echten Namen gebunden werden kann.

Im Folgenden werden die Gründe erklärt, warum es besser ist, offenes Wi-Fi und Tor zu verwenden, aber nicht offenes Wi-Fi oder Tor.

Der ungefähre Standort einer IP-Adresse kann bis zu einer Stadt, einem Bezirk oder sogar einer Straße berechnet werden. Selbst wenn der Benutzer weit von seinem Haus entfernt ist, gibt offenes WLAN immer noch eine Stadt und einen ungefähren Standort aus, da die meisten Menschen nicht über Kontinente reisen.

Die Identität des Besitzers mit offenem WLAN und die Einstellungen des Routers sind ebenfalls unbekannte Variablen. Dort kann ein Protokoll der MAC-Adressen der Benutzer mit der entsprechenden Aktivität dieser Benutzer im Internet geführt werden, die für den Besitzer des Routers offen ist.

Obwohl das Journaling die Anonymität des Benutzers nicht unbedingt verletzt, verengt es den Kreis der Verdächtigen aus der ganzen globalen Bevölkerung der Erde oder des Kontinents oder des Landes — auf einen bestimmten Bezirk. Dieser Effekt verschlechtert die Anonymität stark. Benutzer sollten immer die größtmögliche Menge an Informationen behalten.

Fortsetzung des Artikels in der folgenden Nachricht

 

[root]

Avoid "Tor over Tor" scenarios»

Note: this is a problem specifically with the Whonix service.

When a transparent proxy (such as Whonix) is used, it is possible to run Tor sessions simultaneously on the client side and on the transparent proxy, which creates a "Tor over Tor" scenario.

This happens when you install Tor inside a Whonix-Workstation, or when you use a Tor Browser that is not configured to use SocksPort instead of TransPort. Read more about this in the article Tor Browser.

These actions create uncertainty and are potentially unsafe. In theory, traffic goes through six onion routing nodes instead of three. But there is no guarantee that the three additional nodes are different from the first three; they can be the same nodes, possibly in reverse or mixed order. According to the experts of the Tor Project, this is not safe: [7]

We do not encourage the use of longer paths than the standard ones — this increases the load on the network without (as far as we can tell) improving security. Remember that the most effective way to attack Tor is to attack the exit points and ignore the middle of the path. In addition, using a route longer than three nodes can harm anonymity. First, it simplifies denial-of-service attacks. Secondly, such actions can be perceived as a user ID, if only a few will do so ("Oh, look, again that guy who changed the length of the route").


Users can manually specify an entry or exit point on the Tor network, [8] but from a security point of view, it is best to leave the route selection to Tor's choice. Reinstalling the Tor entry or exit point can degrade anonymity in ways that are not well understood. Therefore, "Tor over Tor" configurations are strongly discouraged.

License of the chapter " Avoid "Tor via Tor "scenarios": [9]

Do not send sensitive data without end-to-end encryption


As already explained on the Warning page, Tor exit nodes can listen in on communications and carry out intermediary attacks (MiTM), even when using HTTPS. Using terminal encryption is the only way to send sensitive data to the recipient, avoiding the risk of interception and disclosure to hostile third parties.

Do not disclose identifying information online


Deanonymization is possible not only with connections and IP addresses, but also in social ways. Here are some recommendations for protecting against deanonymization from Anonymous:

Do not include personal information or personal interests in your nicknames.
Don't discuss personal information such as place of residence, age, family status, etc.Over time, silly conversations like discussing the weather can lead to an accurate calculation of the user's location.
Don't mention gender, tattoos, piercings, physical abilities, or disabilities.
Do not mention a profession, hobby, or participation in activist groups.
Do not use special characters on the keyboard that only exist in your language.
Do not publish information on the regular Internet (Clearnet), being anonymous.
Do not use Twitter, Facebook, or other social networks. You will be easily linked to your profile.
Don't post links to Facebook images. The file name contains your personal ID.
Don't visit the same site at the same time of day or night. Try to vary the time of the sessions.
Remember that IRC, other chat rooms, forums, and mailing lists are all public places.
Don't discuss anything personal at all, even when connecting securely and anonymously to a group of strangers. Recipients in the group represent a potential risk ("known unknowns") and may be forced to work against the user. It only takes one informant to break up the group.
Heroes exist only in comics — and they are actively hunted. There are only young or dead heroes.

If you need to disclose any identifying information, then treat it as confidential information described in the previous section.

License: From the JonDonym documentation (permission).

Use bridges if the Tor network seems dangerous or suspicious in your area


This recommendation comes with an important caveat, as bridges are not an ideal solution: [10]

Bridges are important tools and work well in many cases, but they are not an absolute defense against technological advances that an adversary can use to identify Tor users.



Don't work long under the same digital identity


The longer the same alias is used, the higher the probability of an error that will reveal the user's identity. Once this has happened, the enemy can study the history and all activity under this alias. It will be prudent to regularly create new digital identities and stop using the old ones.

Do not use multiple digital identities at the same time


The use of aliases depending on the context becomes more and more difficult over time and is fraught with errors. Different digital identities are easy to link if they are used at the same time, as Tor may re-use the chains in the same surfing session, or there may be a potential leak of information from the Whonix-Workstation. Whonix cannot magically separate different digital identities depending on the context.

See also the paragraph below.

Don't stay logged in to Twitter, Facebook, Google, etc. for longer than necessary

Reduce the time required for logging in to Twitter, Facebook, Google, and other services with accounts (such as web forums) to an absolutely necessary minimum. Immediately log out of your account as soon as you have read, published information, or completed other necessary tasks. After logging out of your account, it is safe to close Tor Browser, change the Tor chain using Tor Controller, wait 10 seconds before changing the chain — and then restart Tor Browser. For better security, follow the guidelines for using multiple VMs and / or multiple Whonix-Workstations.

This behavior is necessary because many websites host one or more integration buttons, such as Facebook's Like button or Twitter's "Tweet This" button. [11] In reality, of the 200,000 most popular sites rated by Alexa, Facebook and Twitter social widgets are installed at 47% and 24%, respectively. Third-party Google web services are installed on approximately 97% of sites, mainly Google analytics, advertising, and CDN services (googleapis.com). [12] [13] If the user saves authorization in the service, these buttons tell the service owner about visiting the site. [14]

Do not underestimate the threat to privacy from third-party services: [15] [16]

Each time a user's browser accesses a third-party service, this third-party server is able to deliver tracking scripts and binds the original site to the carrier of third-party cookies and the browser fingerprint. This online behavior tracking allows you to add to user profiles, including sensitive information such as the user's political views and medical history.


Users should also read the chapter above.

Continuation of the article, in the following message

 

[root]

Don't mix anonymity modes


Don't mix the anonymity modes! They are set out below.

Mode 1: Anonymous user; any recipient
Scenario: Anonymous posting of messages on the bulletin board, mailing list, comments, forum, etc.
Scenario: informants, activists, bloggers, and similar users.
The user is anonymous.
The real IP address / location of the user is hidden.
Hide location: The user's location remains secret.
Mode 2: The user knows the recipient; both use Tor
Scenario: The sender and receiver know each other and both use Tor.
No third party knows about the fact of communication and does not receive its content.
The user is not anonymous. [17]
The real IP address / location of the user is hidden.
Hide location: The user's location remains secret.
Mode 3: the user is not anonymous and uses Tor; any recipient
Scenario: Log in under your real name to any service like webmail, Twitter, Facebook, and others.
The user is obviously not anonymous. Once the real name is used to log in to the account, the website knows the user's identity. Tor cannot provide anonymity in such circumstances.
The real IP address / location of the user is hidden.
Hide location: The user's location remains secret. [18]
Mode 4: the user is not anonymous; any recipient
Scenario: Normal surfing without Tor.
The user is not anonymous.
The real IP address / location of the user is disclosed.
The user's location is revealed.


Conclusion


It is not the best option to mix modes 1 and 2. For example, if a person uses an IM manager or email account in mode 1, then it is not wise to use the same account in mode 2. The reason is that the user mixes absolute anonymity (mode 1) with selective anonymity (mode 2; since the recipient knows the user).

It is also not the best option to mix two or more modes in the same Tor session, because they can use the same output node, which leads to identity matching.

It is also possible that combinations of different modes will be dangerous and may lead to the leakage of personal information or the physical location of the user.

License

License for the "Do not mix anonymity modes" section: [9]

Do not change the settings if the consequences are unknown


It is usually safe to change the interface settings for applications that do not connect to the Internet. For example, the "Do not show more daily tips" or "Hide this menu bar" checkboxes will not affect anonymity.

Before changing any settings that are of interest, first check the Whonix documentation. If the change is made in the documentation and is not recommended, then try to stick to the default settings. If the change is not included in the documentation, then carefully study the proposed action before implementing it.

Changing the settings for applications that connect to the Internet (even the interface settings) should be carefully studied. For example, removing the menu bar in Tor Browser to enlarge the page viewport is not recommended. This changes the detectable screen size, which degrades the user's fingerprint.

Changing the network settings can be allowed with great caution, and only if the consequences are precisely known. For example, users should avoid any advice that relates to "setting up Firefox". If the settings are considered suboptimal, then the changes should be proposed in the release and applied to all Tor Browser users in the next version.

Don't use a clean web and Tor at the same time


Using both a non-Tor browser and a Tor Browser at the same time, you run the risk of confusing them one day and deanonymizing yourself.

When using the pure Web and Tor at the same time, there are also risks of simultaneous connections to the server through anonymous and non-anonymous channels. This is not recommended for the reasons outlined in the next section. A user can never feel safe visiting the same page at the same time through anonymous and non-anonymous channels, because they only see the URL, but not how many resources are requested in the background. Many different sites are hosted in the same cloud. Services like Google Analytics are present on most sites and therefore see a lot of anonymous and non-anonymous connections.

If this advice is ignored, then the user should have at least two different desktops to prevent confusion between browsers.

Continuation of the article, in the following message

 

[root]

Do not connect to the server anonymously and non-anonymously at the same time


It is strongly discouraged to create Tor and non-Tor connections to the same remote server at the same time. In the event of a break in connection with the Internet (and this will happen over time) all connections will be terminated at the same time. After such an event, the adversary will easily determine which public IP address / location belongs to which Tor IP address / connection, potentially directly identifying the user.

This scenario also makes it possible to conduct another type of attack from the web server. The speed of Tor and non-Tor connections can be increased or decreased to check for correlation. So, if both connections speed up or slow down in unison, then you can establish a relationship between Tor and non-Tor sessions.

License for the section "Do not connect to the server anonymously and non-anonymously at the same time": [9]

Don't confuse anonymity with pseudonymity


This section explains the difference between anonymity and pseudonymity. Defining terms is always difficult, because majority consensus is required.

An anonymous connection is considered to be a connection to the destination server, when this server is not able to either establish the origin (IP address/location) of this connection, or assign it an identifier [19].

An alias connection is considered to be a connection to a destination server when that server is unable to establish the origin (IP address/location) of that connection, but can assign it an identifier [19].

In an ideal world, you can achieve perfect anonymity by using the Tor network, Tor Browser, computer hardware, physical security, operating system, and so on. For example, in such a utopia, a user can visit a news site, and neither the news site nor the site's Internet service provider will have any idea if that user has visited before. [20]

On the other hand, a non-ideal scenario is possible if the software is used incorrectly, for example, when using the standard Firefox browser on the Tor network instead of the secure Tor Browser. An unhappy Firefox user will still protect their original connection (IP address/location) from detection, but you can use identifiers (like cookies)to turn the connection into an alias. For example, the destination server can make a log entry that "user with id 111222333444 watched Video A at Time B on Date C and Video D at Time E on Date F". This information can be used for profiling, which will become more and more comprehensive over time. The degree of anonymity is gradually reduced, and in the worst case, this can lead to deanonymization.

Once a user has logged into an account on a website under their username, such as a webmail account or a forum, the connection is no longer anonymous by definition, but becomes pseudonymous. The origin of the connection (IP address / location) is still hidden, but the connection can be assigned an ID [19]; in this case, it is the account name. Identifiers are used to log various things: the time when the user wrote something, the date and time of entry and exit, what exactly the user wrote and to whom, the IP address used (useless if it is a Tor exit node), the saved browser fingerprint, and so on.

Maxim Kammerer, the developer of Liberté Linux [21], has fundamentally different ideas about anonymity and pseudonymity, which should not be hidden from the reader: [22]

I haven't seen any convincing arguments for anonymity versus pseudonymity. Expanding the degree of anonymity is what Tor developers do to publish new scientific articles and justify funding. Most users only need pseudonymity, where the location is hidden. Having a unique browser does not magically reveal a user's location if that user is not using that browser for non-pseudonymous sessions. Having a good browser header also means a bit for anonymity, because there are many other ways to reveal more information about the client (for example, through differences in Javascript execution).

Don't distribute your link first

Don't be tempted to be one of the first to advertise your anonymous project! For example, it is impractical to distribute links if the user:
Created an anonymous blog or hidden service.
Has a Twitter account with a large number of followers.
Supports a large news page in a clean web or something similar.
The more individuals are separated from each other, the better. Of course, at a certain point, the user may or even should be "aware" of the new project, but this moment should be chosen with extreme caution.

Don't open random files and links

If a user is sent a file of any type or a link to a file (or to a random URL/resource) by email or other means, care must be taken regardless of the file format. [23] The sender, mailbox, account, or key may have been compromised, and the file or link may have been specially prepared to infect the user's system when opened in a standard application.

It is safer not to open the file with the standard tool that the file creator is supposed to use. For example, a PDF cannot be opened by a PDF viewer, or if the file is publicly available, you can use a free online PDF viewer. For greater security, there is an option to sanitize the PDF in Qubes-Whonix or open the file or link in DisposableVM, so that it cannot compromise the user's platform.

Do not use verification by (mobile) phone

Websites like Google, Facebook, and others will ask for a (mobile) phone number as soon as you try to log in via Tor. Unless the user is exceptionally intelligent or has an alternative, this information cannot be provided.

Any phone numbers will be logged. The SIM card is most likely registered in the user's name. Even if this is not the case, receiving an SMS gives out the location. Users can try to anonymously buy a SIM card far from their usual home address, but there is still a risk: the phone itself. Each time you register on the cellular network, the provider saves the SIM card serial number [24] and the phone serial number. [25] If the SIM card is purchased anonymously, but the phone is not, then there will be no anonymity, because the two serial numbers will be linked together.

If the user really wants to pass verification by the mobile phone number, it is recommended to go far away from home, find a fresh phone with a new SIM card. After verification, the phone should be turned off, and immediately after that, the phone and SIM card should be completely destroyed. This is done by incineration or other inventive (reliable) methods of destruction.

Users can try to find an online service that will receive a personalized SMS on their behalf. This will work and ensure anonymity. The problem is that this method is unlikely to work in Google and Facebook, because they actively blacklist such verification numbers. Another option is to find someone who will receive the SMS instead of you, but this will only transfer the risks to another person. [26]

Argumentation


The reader can skip this section.

This article risks stating the obvious. But the question should be asked: "Obvious to whom?" All of the above may just be common sense for developers, hackers, geeks, and other people with technological skills.

But these groups of people tend to lose contact with non-technical users. Sometimes it's useful to read usability guides or feedback from people who never appear on mailing lists or forums.

For example:

To Toggle, or not to Toggle: The End of Torbutton:
Mike, am I completely anonymous if I log in to my Facebook account? I'm using Firefox 3.6 via Tor with NoScript on a Windows 7 machine. Thank you.

[tor-dev] Reviews of those who use Tails/Tor for the first time
"Removing points of obstruction when installing and using anonymous systems: evaluating the usability of the Tor suite"
" North Korea: in the network of the world's most secret nation»:
To make sure that the mobile phone frequencies are not tracked, I fill the sink with water and cover my head with a pot lid during a phone conversation, said one of the interviewees, a 28-year-old man who fled the country in November 2010.

The end of the article, in the following message

 

[root]

Notes (edit)
1. ↑ [tor-dev] First-time tails / tor user feedback
2. ↑ Tor Browser should set a SOCKS username for the request based on the referrer
3. ↑ The former are unlikely to ever delete data, as profiling is the main method of monetizing users with "free" accounts. Profiling is used for targeted advertising and to grow a large user database that can be sold to third parties for profit.
4. ↑ To Toggle, or not to Toggle: The End of Torbutton
5. ↑ Server log - Wikipedia
6. ↑ Deep packet inspection - Wikipedia
7. ↑ Tor Project: FAQ
eight. ↑ Tor Project: FAQ
9. ↑ 9.0 9.1 9.2 This was originally posted by adrelanos (proper) in TorifyHOWTO ( w ). Adrelanos does not protect copyright, so the text can be reused here. It is published under the same license as the DoNot page.
ten. ↑ bridges # If_Tor_Use_is_Dangerous_or_Deemed_Suspicious_in_your_Location
eleven. ↑ Specifically Facebook keeps records of all who views pages with a Facebook Like button.
12. ↑ https://www.securitee.org/files/trackblock_eurosp2017.pdf
13. ↑ 15 largest third-party services: doubleclick.net, google.com, googlesyndication.com, googleapis.com, gstatic.com, admob.com, googleanalytics.com, googleusercontent.com, flurry.com, adobe.com, chartboost.com, unity3d .com, facebook.com, amazonaws.com and tapjoyads.com.
15. ↑ For example, Twitter Tweets, Follows, and Embedded Tweets are used to record the history of visited browser pages ... If you visit a page that contains any of the above, the browser makes a request to the Twitter servers containing the title of the visited page. A unique cookie allows Twitter to build a history of visited pages, even for non-Twitter users (for example, if the Tor Browser is not used).
15. ↑ https://www.securitee.org/files/trackblock_eurosp2017.pdf
16. ↑ For example, advanced adversaries rely on third-party tracking cookies to de-anonymize Tor users and identify targets for hacking.
17. ↑ Because they are known to the recipient.
eighteen. ↑ But this information is easy to establish from the records of the Internet provider, which links the Internet accounts to the registered name and address. Alternatively, this information leaks through the real (clearnet) IP address that was originally used to register with the service, since registration through Tor is usually blocked.
19. ↑ 19.0 19.1 19.2 For example, the identifier could be a (flash) cookie with a unique number.
twenty. ↑ Unfortunately, protection against fingerprinting is not yet ideal in any browser, and there are still open bugs. Cm. tbb-linkability and tbb-fingerprinting ...
21. ↑ Liberté Linux DEₑSU
22. ↑ Quote (w)
23. ↑ For example: PDF, Word document, bitmaps, audio and video files, etc.
24. ↑ IMSI
25. ↑ IMEI
26. ↑ However, the recipient of the SMS is probably only a few handshakes from the end user (at best).

A source

 

[Андрей Захаров]

Nützlich

 

[ArthurLatAm]

Sehr informativ. Vielen Dank! Kann ich auf FB in meiner Gruppe posten?

 

[root]

Sehr informativ. Danke! Kann ich auf FB in meiner Gruppe posten?

Sicher kannst du.

 

[Матушкин Андрей Николаевич]

Sehr informativ. Danke! Kann ich auf FB in meiner Gruppe posten?

Müssen!!!

 

[Николай 37]

Vielen Dank für das sehr interessante und nützliche Material!