You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _posts/2026-01-22-Mitigate-Correlation.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,13 +1,13 @@
1
1
---
2
2
layout: post
3
-
title: "Mitigating User Tracking Caused By Correlation Attack"
3
+
title: "Privacy: Mitigating User Tracking By Third Parties"
4
4
lang: "en"
5
5
author: "rdica"
6
-
heading: "Mitigating User Tracking Caused By Correlation Attack"
6
+
heading: "Privacy: Mitigating User Tracking By Third Parties"
7
7
---
8
8
9
9
By default the Jamulus protocol does not map usernames to IP addresses in any publicly available data.
10
-
However it is possible to execute a correlation attack to achieve user<‐>IP mapping.
10
+
However it is possible to correlate connections to servers to achieve user<‐>IP mapping.
11
11
This was first reported to Jamulus developers here: [https://github.com/orgs/jamulussoftware/discussions/3545](https://github.com/orgs/jamulussoftware/discussions/3545)
12
12
13
13
<!--more-->
@@ -33,12 +33,12 @@ Each genre has a directory server. The purpose of the directory server is to pro
33
33
34
34
Anyone can run an explorer instance. An explorer queries each genres directory server to get a list of servers, then queries each server directly to get a list of connected users. This is public data. **There is no IP address information on users, just the user profile data**. Again this is by design to prevent IP<‐>username mapping. This data can also be saved for later processing.
35
35
36
-
### Correlation Attack
36
+
### Correlation
37
37
38
38
Anyone can run servers **and** explorer instances.
39
39
Using IPs captured by a server, one can correlate **when an IP address stops pinging**(ie; just connected to a server) and **when a new client joined a server**(username data from explorer query directly to a jamulus server) to produce an IP<‐>username mapping. The IP address can then be processed to provide geolocation data. From this one can determine the location of a specific user.
40
40
41
-
## The Current Correlation Attack (as of 20260122)
41
+
## Current Correlation (as of 20260202)
42
42
43
43
### Listeners
44
44
@@ -70,14 +70,14 @@ IP addresses of users collected from the listeners are being correlated with joi
70
70
71
71
When you open the Connect dialog window your client starts sending pings to every server in the list. **`24.199.107.192`** is the IP address of one of those servers. A server using **`24.199.107.192`** exists on each genre, their names are ***Duet***.
72
72
73
-
Blocking outgoing **UDP** traffic on your DAW or router to **`24.199.107.192`** will prevent the listeners from collecting your IP address and break the correlation attack. This will help prevent you from being tracked.
73
+
Blocking outgoing **UDP** traffic on your DAW or router to **`24.199.107.192`** will prevent the listeners from collecting your IP address and breaks correlation. This will help prevent you from being tracked.
74
74
75
75
### Server Admins
76
76
77
77
Server admins can contribute to helping prevent user tracking by blocking the explorer probe.
78
78
If you run a server on the jamulus public network, it is currently being indexed by the explorer instance on **`137.184.43.255`**
79
79
80
-
Blocking incoming **UDP** traffic from **`137.184.43.255`** will prevent the explorer from indexing your server and breaks the correlation attack. This will protect users on your server from being tracked while they use it.
80
+
Blocking incoming **UDP** traffic from **`137.184.43.255`** will prevent the explorer from indexing your server and breaks correlation. This will protect users on your server from being tracked while they use it.
0 commit comments