Tor Browser connecting to 3 Guard relays simultaneously

Support Tor Browser Desktop
,
1

Hello,

I investigated the network behavior of the tor browser a little bit with resmon on Windows. I discovered that, when connecting to tor via the tor-browser, tor.exe connects to 3 guard relays simultaneously. Visiting a webpage, I saw traffic coming through all 3 of them, although not equally loaded. I watched a video on YouTube to confirm that.

When I start tor.exe manually and using it with another browser via SOCKS-Proxy, this behavior does not occur: There is only 1 connection to a guard relay, through which all traffic comes through.

Tor-Browser version is 13.0.

My Questions:

  1. Is this normal?
  2. Can this increase the risk of compromising anonymity?
  3. If yes, where can I disable it?

Thanks for your help.

2

Yeah, there have been issues with Tor creating extra guard connections for years.

I had assumed it was directory guards, so we lowered that param: Set guard-n-primary-dir-guards-to-use=2 (#325) · Issues · The Tor Project / Network Health / Team · GitLab

Apparently it is something else, because I also see 4 guard connections in my Tor.

I have filed Tor has extra guard connections (#40876) · Issues · The Tor Project / Core / Tor · GitLab.

2 Likes
3

So can this damage anonymity or does it not matter? Presumably not otherwise they would have probably fixed it by now.

4

Here is a 10 year old article about anonymity and guards: Improving Tor's anonymity by changing guard parameters | The Tor Project

1 Like
5

I have looked at the article but it is too complex and in depth for my level of understanding. In a simple yes or no - is it something we should be worried about?

I personally have noticed that I tend to get the same relays when I connect to tor lately and I only get different relays if I wipe all cached data and restart the browser, which is kind of concerning but I’ve seen plenty of people on Reddit mention the same thing so I know its not just me.

6

I’ve configured a few hundred guards and bridges that I trust. Then it doesn’t matter whether the connection is established to 1 or 4.

1 Like
7

But doesn’t excluding guards and relays create a less random and less anonymous connection? I remember people being advised against excluding countries so the same logic probably applies to guards too.

Update: Upon further digging it appears that the current guard behaviour is indeed dangerous.

“the use of 3 directory guards is a highly unique fingerprint that can be used to track Tor users as they move from network to network”

From: Set guard-n-primary-dir-guards-to-use=2 (#325) · Issues · The Tor Project / Network Health / Team · GitLab

8
  • I wrote entry guards (first hop), =! middle and exit. This is the same as the config of a handful of bridges. Currently, every client picks 3 guard nodes uses 2 of them¹, and keeps them for 4-8 weeks before rotating them.
    ¹Current #consensusparams = guard-n-primary-dir-guards-to-use=2 guard-n-primary-guards-to-use=2
  • Excluding countries is a bad idea. The providers’ geofeeds are not always up to date or are incorrect. As an example: servers in Luxembourg were listed on metrics in the USA.
  • Your linked Github issue concerns directory guards =! entry guards. A directory guard is a relay that your Tor client picked to download directory information from.