How to Avoid De-anonymisation When Using Tor and the Darknet

The darknet (or dark web) is a fascinating place and Tor is a fantastic way to stay anonymous and safe online. However there are some pitfalls that can be easily avoided if you know what to look for.

Don't accidentally reveal personal information

This sounds like an obvious one but it’s amazing how even a small amount of information can be used to identify a person, or at least massively decrease the number of possible identities.

  • Don't use any login that's tied to your real identity
  • Don't reveal any details about your past (previous schools, intimate knowledge of places or past events should not be revealed)
  • Don't reveal any details about your current location (local weather/events, street names, etc)

Carefully maintain separate accounts

It's easy to do, but accidentally logging into a personal account while using Tor can easily surrender your identity to anyone monitoring an exit node. It's important to carefully separate identities, preferably on different machines. Using a Darknet Key or Darknet Box helps to make this easy.

Use Tor consistently

People can get lazy and access sites and accounts using the clearnet or a non-secured machine. If you care about maintaining your anonymity then you must consistently use a secure Tor connection. The second you cut corners, your identity could be compromised.

Keep your software updated

Tor Browser, Tails and the Tor software itself are pretty good about releasing timely updates. Whenever a new vulnerability surfaces they will release new versions of the software. If you fail to update in a timely fashion then you're opening yourself up to attack. If you see a popup asking you to update your software then it's best not to ignore it.

Timing can be used against you

It's important to remember that the fact that you’re using Tor is not a secret. Your ISP, and therefore the government, along with whoever they choose to share their data with (seriously, if you're in the UK read about The Snoopers Charter) knows when you’re accessing Tor.

If they know the exact time that a Tor connection was made, as well as the exact time that someone was sending/receiving data over the Tor network then this can be used against you. The data itself will still be encrypted, but the time Tor was accessed can be used to build up an idea of who might be involved.

There have been cases of Tor-users being identified by matching timestamps back to Tor requests. If the times match exactly, it's a good indicator where the user is coming from.

Further reading: DeepDotWeb's Overview of Modern Tor Deanonymization Attacks

Further watching: How Tor Users Got Caught


Leave a comment

Please note, comments must be approved before they are published