If you’re worried about time correlation attacks, to deanonymize traffic, they are things you can do:
Leave the connection on all the time, so there’s no time to correlate.
Comingle different streams of traffic over the link, to make it harder to to traffic pattern analysis. Stream a video game, run an exit note, watch a movie, proxy variety of low intensity sporadic traffic.
Leave the connection up for a random amount of time before and after whatever activity you’re considering sensitive. That way there’s not very clean brackets on time logs.
Just like in military radio operations, keep your sensitive activity short, low density, and very fast.
( Identifying the origin of two IP packets it’s much harder than identifying who is watching a video stream).
Depending on how technical you want to get you can use reverse traffic shaping. You can generate false traffic to always ensure that your traffic over your first link looks uniform.
Use a multi hop onion network, so different data streams take different paths, making it much harder to identify a single stream through the entire network. I.e. different Tor circuits or safing, or multihop Mullvad with different routes for different streams.
Don’t use a static connection to connect to the internet. Use open wi-fi, use coffee table wi-fi, use library wi-fi, use a burner phone with an esim loaded on it. Use a shotgun Pringles can Wi-Fi adapter to connect to a distant access point. You can do many things to change the origin of your traffic.
If your threat model seriously considers time correlation attacks, don’t have a repeatable set pattern. Break up your schedule. Don’t be predictable. Make it harder to gather more intelligence from your activity. Don’t do the same thing at the same time
All of this being said, don’t let perfect be the enemy of good. Do whatever you can to mitigate, don’t make things easy for your adversary. There’s no reason to give up just because you’re not perfect
If you’re worried about time correlation attacks, to deanonymize traffic, they are things you can do:
Leave the connection on all the time, so there’s no time to correlate.
Comingle different streams of traffic over the link, to make it harder to to traffic pattern analysis. Stream a video game, run an exit note, watch a movie, proxy variety of low intensity sporadic traffic.
Leave the connection up for a random amount of time before and after whatever activity you’re considering sensitive. That way there’s not very clean brackets on time logs.
Just like in military radio operations, keep your sensitive activity short, low density, and very fast. ( Identifying the origin of two IP packets it’s much harder than identifying who is watching a video stream).
Depending on how technical you want to get you can use reverse traffic shaping. You can generate false traffic to always ensure that your traffic over your first link looks uniform.
Use a multi hop onion network, so different data streams take different paths, making it much harder to identify a single stream through the entire network. I.e. different Tor circuits or safing, or multihop Mullvad with different routes for different streams.
Don’t use a static connection to connect to the internet. Use open wi-fi, use coffee table wi-fi, use library wi-fi, use a burner phone with an esim loaded on it. Use a shotgun Pringles can Wi-Fi adapter to connect to a distant access point. You can do many things to change the origin of your traffic.
If your threat model seriously considers time correlation attacks, don’t have a repeatable set pattern. Break up your schedule. Don’t be predictable. Make it harder to gather more intelligence from your activity. Don’t do the same thing at the same time
All of this being said, don’t let perfect be the enemy of good. Do whatever you can to mitigate, don’t make things easy for your adversary. There’s no reason to give up just because you’re not perfect