At the Chaos Computer Club Congress in Berlin, Germany on Monday, researchers from the University of Regensburg delivered a new warning about the Tor anonymizer network, a system aimed at hiding details of a computer user’s online activity from spying eyes.

The attack doesn’t quite make a surfer’s activity an open book, but offers the ability for someone on the same local network—a Wi-Fi network provider, or an ISP working at law enforcement (or a regime’s) request, for example—to gain a potentially good idea of sites an anonymous surfer is viewing.

“Developers have to be aware of this kind of attack, and develop countermeasures,” said Dominik Herrmann, a Regensburg PhD student studying profiling and fingerprinting attacks. “But that proves to be very difficult.”

The research, performed by a variety of collaborators in Germany working on anonymity measures, represents a warning for privacy-conscious users wary of spying eyes, whether behind Net-unfriendly borders or simply corporate firewalls.

Tor is essentially an online mask, rather than a tool that hides the fact or content of communication itself. The project’s developers are addressing the problem of traffic analysis—essentially the threat that an attacker or observer might be able to tease out a person’s identity, location, profession, social network or other information about the message content by analyzing a message’s unencrypted headers.

To hide this information, the Tor system routes messages around a winding path of volunteer servers across the Net, with each relay point knowing only the address of the previous and next step in the pathway.

Once this circuit has been established, neither an eavesdropper nor a compromised relay will theoretically have the ability to determine both the source and destination of a given piece of communication. According to the Tor project’s latest metrics, the network has drawn between 100,000 and 300,000 users per day over the last several months.

Herrmann and his fellow researchers say there’s a partial flaw in this arrangement, however. A potential eavesdropper on the end user’s own network still has the ability to analyze the patterns of data being returned, and in many cases will be able to develop a reasonable guess about the source of the communication.

An attacker—perhaps an ISP instructed by law enforcement or a government to engage in such surveillance—would first have to develop a list of potential sites that the target might be visiting, or that it was interested in monitoring. It would then run the Tor system itself, testing the way these sites appeared when accessed through Tor, developing a database of “fingerprints” associated with the sites of interest.

Once the target of the surveillance went online, the eavesdropper would capture the packet stream as it crossed the local network and compare the source data with its fingerprint database with the help of pattern recognition software. Any match would be only statistical, giving somewhere between 55 percent and 60 percent certainty, Herrmann said—not enough to provide hard evidence in court, but likely more certainty than many people seeking privacy might be comfortable with.

Different online destinations will carry different susceptibility to fingerprinting, of course. Unusual sites, with characteristics such as very heavy or large graphic use, can be more easily identified, Herrmann said. By the same token, the easiest way for a website to fool such an eavesdropper would be to make its site look as closely as possible like another popular site—mimicking the look of the Google site, for example, one of the most commonly accessed pages on the Web.

Users themselves can guard against this type of fingerprint-based eavesdropping relatively easily, Herrmann noted. Downloading or requesting more than one site at a time through the network will muddy the pattern enough that certainty will be very difficult for the eavesdropper to establish.

The research may not dissuade many from using Tor, which remains one of the most promising approaches for individuals seeking to hide aspects of their identity or online activity. But it may well make them work harder.