The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay.
Tor has written about this.
Hacker News thread.

  • unexposedhazard@discuss.tchncs.de
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    25 days ago

    Bad post.

    A: old news

    B: massively misleading headline missing important context

    C: Most likely partially fabricated by law enforcement according to many experts and the tor project. They didnt execute a full timing attack because they are not capable of doing that.

    From the limited information The Tor Project has, we believe that one user of the long-retired application Ricochet was fully de-anonymized through a guard discovery attack. This was possible, at the time, because the user was using a version of the software that neither had Vanguards-lite, nor the vanguards addon, which were introduced to protect users from this type of attack. This protection exists in Ricochet-Refresh, a maintained fork of the long-retired project Ricochet, since version 3.0.12 released in June of 2022.