[Whonix-devel] [tor-talk] Advanced Deanonymization Attacks

Patrick Schleizer patrick-mailinglists at whonix.org
Tue Aug 23 18:17:00 CEST 2016


Patrick Schleizer:
> A number of advanced deanonymization attacks. These do not just apply to
> Whonix, but any anonymity system. Some are also general security issues.
> 
> Rather than exploiting bugs in the hypervisor to break out, some of
> these attacks rely on the design of the underlying hardware to bypass
> privilege separation boundaries and extract (or leak) sensitive
> information to the network. No need for alarm, there are many
> qualifications to this and details in the listed tickets on proposed
> countermeasures. We are interested in cooperation to better assess the
> performance impact of the planned fixes.
> 
> - Keystroke Deanonymization: [1]
> 
> - Advanced Attacks Meta ticket: [2]
> 
> -- CPU-induced latency Covert Channel: [3]
> 
> -- Cross-VM cache attacks countermeasures: [4]
> 
> -- DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks: [5]
> 
> -- TCP ISNs and Temperature induced clock skews: [6]
> 
> Cheers,
> Patrick
> 
> [1] https://phabricator.whonix.org/T5421
> [2] https://phabricator.whonix.org/T5401

Link correction:

https://phabricator.whonix.org/T542
https://phabricator.whonix.org/T540

> [3] https://phabricator.whonix.org/T530
> [4] https://phabricator.whonix.org/T539
> [5] https://phabricator.whonix.org/T541
> [6] https://phabricator.whonix.org/T543
> 



More information about the Whonix-devel mailing list