Noisy: partial mitigation for correlation attacks, community feedback needed

We recently forked the project Noisy, for a use case of mitigating some correlation attacks on Tor, with an eye towards Tails and Whonix users. You can see the code and README document here:

We need contributions from the community to optimize the script for this use case. Merge requests are welcome, and so is discussion here.

An excerpt from the README:

The Tor Project officially recommends to “do multiple things at once with your Tor client” to counter correlation attacks: “an adversary that externally observes Tor client traffic to a Tor Guard node will have a significantly harder time performing classification if that Tor client is doing multiple things at the same time.” An analysis of how a correlation attack was used in a trial notes “create random internet traffic when using Tor — ideally by running a script.” A “script” is a way of automating computer activity, and it causes far more randomization than manually doing “multiple things”, such as by loading a video in an additional Tor Browser tab.

This fork of Noisy is intended to mitigate against correlation attacks which do not use the latest state-of-the-art techniques developed by researchers (for those we would need another software, which has not been written yet, to our knowledge). We expect Noisy to mitigate against correlation attacks by many powerful adversaries worldwide, but because of the simple techniques it uses - only HTTP/S requests, not taking into account existing Tor traffic to try to blend into it - it is definitely not foolproof.

We intend to write a GUI for Noisy so that users uncomfortable with a CLI can use it, with an opt-in configuration option to start upon boot.

1 Like