挂上前置代理的墙内Tor用户点击墙内链接有多大概率可能暴露自己是Tor用户?
引用自:https://www.whonix.org/wiki/Warning#Confirmation_Attacks
The Tor design doesn’t try to protect against an attacker who can see or measure both traffic going into the Tor network and also traffic coming out of the Tor network. That’s because if you can see both flows, some simple statistics let you decide whether they match up.
That could also be the case if your ISP (or your local network administrator) and the ISP of the destination server (or the destination server itself) cooperate to attack you.
Tor tries to protect against traffic analysis, where an attacker tries to learn whom to investigate, but Tor can’t protect against traffic confirmation (also known as end-to-end correlation), where an attacker tries to confirm a hypothesis by monitoring the right locations in the network and then doing the math.
可能性1.(比如政府的类似本站一类的文本或图文之类的轻量网站/网页)一个网页没加载完就能立刻发现是谁在墙内通过Tor访问墙内网站?
可能性2.访问多次才能发现是谁在墙内用Tor访问?
可能性3.此方法仅限理论有效, 实际上不可能发现?
你觉得哪种可能性更高或者真实情况是什么?
traffic confirmation can indeed be considered perfect and instantaneous in practice.
https://www.freehaven.net/anonbib/cache/dropping-pets2018.pdf
翻译成中文:在实践中,流量确认确实可以被视为完美和即时的。
根据这篇论文,在实践中“可能性1”的概率最大,即“一个网页没加载完就能立刻发现是谁在墙内通过Tor访问墙内网站”。
非特殊情况不建议使用任何前置代理进行Tor联网,webtunnel网桥的速度很快,超过多数免费代理软件。
多了一个前置代理,也就增加了复杂度,出错的概率也更高了。如果这个代理软件是中共蜜罐呢?如果代理软件的作者被捕,软件控制权落入中共手中呢?