HTTP GZIP Compression Leaks Data On the Location of Tor Web Servers

An anonymous reader writes: The GZIP compression format includes a field in its header that shows the Web server's local date, at which the data was gzipped. Almost all Web servers use "zeros" to pad this field by default, citing performance issues. Around 10% of Tor site operators have removed this feature and are printing the packet's compression date. Unknown to them, this "server local date" leaks the Tor site's timezone which law enforcement can then narrow down to a specific geographical area. Coupled with other Tor protocol leaks, this could help deanonymize .onion sites.

Re:Use a single timezone

[The-Ixian]

Or just pad it with zero's like everything else does, apparently.

Better to go with the flow in this case instead of trying to be clever.