You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _posts/2026-01-22-Mitigate-Correlation.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,23 +20,23 @@ This document will attempt to summarize the problem, and provide mitigations for
20
20
21
21
### Pings
22
22
23
-
When a user attempts to connect to a server, they open the Connect dialog window. The client will **start** sending “pings” to every Server listed in that genre to report delay latency (basically network distance) to those Servers.
23
+
When a user attempts to connect to a Server, they open the Connect dialog window. The client will **start** sending “pings” to every Server listed in that genre to report delay latency (basically network distance) to those Servers.
24
24
25
25
Anyone running a Server can capture those “pings” using tools like `tcpdump` or `tshark/wireshark` and view the IP addresses of the clients that are sending them.
26
26
**No username data is sent.** This is part of the Jamulus protocol, by design, to maintain a level of privacy and prevent others from finding the IP addresses of specific users.
27
27
28
28
### Join Events
29
29
30
-
A user will either select a Server from the list, or type in a Server address:port, click Connect or hit Enter, and the client will then attempt to connect to the server. At this point the client **stops** sending the “pings” and the client typically completes the connection to the server.
30
+
A user will either select a Server from the list, or type in a Server address:port, click Connect or hit Enter, and the client will then attempt to connect to the Server. At this point the client **stops** sending the “pings” and the client typically completes the connection to the Server.
31
31
32
-
Each genre has a directory server. The purpose of the directory Server is to provide clients with a listing of Servers registered to it, and the users connected to each server. This is public data, and viewed in the Connect dialog window, and available through a number of websites, like [explorer.jamulus.io](https://explorer.jamulus.io) or [jamulusjams.com](https://jamulusjams.com).
32
+
Each genre has a directory Server. The purpose of the directory Server is to provide clients with a listing of Servers registered to it, and the users connected to each Server. This is public data, and viewed in the Connect dialog window, and available through a number of websites, like [explorer.jamulus.io](https://explorer.jamulus.io), [jamulusjams.com](https://jamulusjams.com), or [jamscout.de](https://jamscout.de).
33
33
34
34
Anyone can run an explorer instance. An explorer queries each genres directory Server to get a list of Servers, then queries each Server directly to get a list of connected users. This is public data. **There is no IP address information on users, just the user profile data**. Again this is by design to prevent IP<‐>username mapping. This data can also be saved for later processing.
35
35
36
36
### Correlation
37
37
38
38
Anyone can run Servers **and** explorer instances.
39
-
Using IPs captured by a server, one can correlate **when an IP address stops pinging**(ie; just connected to a server) and **when a new client joined a server**(username data from explorer query directly to a jamulus server) to produce an IP<‐>username mapping. The IP address can then be processed to provide geolocation data. From this one can determine the approximate location of a specific user even if no location was set in the users' profile.
39
+
Using IPs captured by a Server, one can correlate **when an IP address stops pinging**(ie; just connected to a Server) and **when a new client joined a Server**(username data from explorer query directly to a Jamulus Server) to produce an IP<‐>username mapping. The IP address can then be processed to provide geolocation data. From this one can determine the approximate location of a specific user even if no location was set in the users' profile.
40
40
41
41
## Current Correlation (as of 2026-02-02)
42
42
@@ -75,7 +75,7 @@ Blocking outgoing **UDP** traffic on your DAW or router to **`24.199.107.192`**
75
75
### Server Admins
76
76
77
77
Server admins can decide to prevent user tracking by blocking the explorer probe.
78
-
If you run a Server on the jamulus public network, it is currently being indexed by the explorer instance on **`137.184.43.255`**
78
+
If you run a Server on the Jamulus public network, it is currently being indexed by the explorer instance on **`137.184.43.255`**
79
79
80
80
Blocking incoming **UDP** traffic from **`137.184.43.255`** will prevent the explorer from indexing your Server and breaks correlation. This will disable user tracking on your Server from the blocked Server.
0 commit comments