Slashdot Mirror

← Back to Stories (view on slashdot.org)

HTTP GZIP Compression Leaks Data On the Location of Tor Web Servers

Posted by timothy on from the they're-around-here-somewhere dept.

An anonymous reader writes: The GZIP compression format includes a field in its header that shows the Web server's local date, at which the data was gzipped. Almost all Web servers use "zeros" to pad this field by default, citing performance issues. Around 10% of Tor site operators have removed this feature and are printing the packet's compression date. Unknown to them, this "server local date" leaks the Tor site's timezone which law enforcement can then narrow down to a specific geographical area. Coupled with other Tor protocol leaks, this could help deanonymize .onion sites.

1 of 79 comments (clear)

  1. It leaks the server's location by AmiMoJo · · Score: 5, Funny

    For very large values of location.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC