zlacker

[parent] [thread] 1 comments
1. beermo+(OP)[view] [source] 2021-06-06 07:34:00
I’d imagine it’s part of the process of attribution for something. If you know they accessed the news site during a time frame it may help with attribution or possibly placing them in a certain location at a certain time - both of which might be important and both of which you may know via some out of band method.

It could also be used to de-anonymise someone if they made an OpSec mistake e.g. accessing the news site outside of Tor or a VPN and you happen to know (via some out of band method) that they did this and so could use it to get their actual-IP.

It wouldn’t be a straight forward “if you accessed a news page you are guilty of something”.

replies(1): >>sitkac+Sh
2. sitkac+Sh[view] [source] 2021-06-06 12:00:51
>>beermo+(OP)
Copy-paste deanonimization attacks are thing and have exposed people in this exact manner.

Having only one connection going over Tor is a big risk that forces the user to constantly recalculate the information horizon. Easy mistake to make.

[go to top]