Tor Open To Attack 109
An anonymous reader writes "A group of researchers have written a paper that lays out an attack against Tor (PDF) in enough detail to cause Roger Dingledine a fair amount of heartburn. The essential avenue of attack is that Tor doesn't verify claims of uptime or bandwidth, allowing an attacker to advertise more than it need deliver, and thus draw traffic. If the attacker controls the entry and exit node and has decent clocks, then the attacker can link these together and trace someone through the network."
Well, not just that. (Score:5, Interesting)
This actually makes me wonder if there is a military/intel datacentre that does this already.
Anonymity Vs Performance in Multi-Hop Networks... (Score:5, Interesting)
It has been known for some time that anyone with the resources to do so could launch an end-to-end attack on Tor. That someone with relatively few resources could launch the same attack is newsworthy, perhaps, but far more interesting is the observation that optimizing network traffic flow in order to improve performance is the direct cause of this weakness.
Re:How Many Nodes Do You Need to Own? (Score:4, Interesting)
Re:Well, not just that. (Score:5, Interesting)
No, but the Chinese equivalent of the FBI probably cares a lot about what its citizens are doing on the net, and the ability of users living under hostile regimes to get unfettered network access is one of the goals of projects like Tor.
There are people with resources besides the NSA.
Re:Could this be avoided? (Score:4, Interesting)
Probably your best bet would be to use a spoofed MAC address, and change both the AP you connect to, the MAC address you report, and the PC's physical location, on a regular and frequent basis. That would make it difficult to determine whether you were a single location that's moving a lot and using different MAC addresses, or were multiple computers each just using the AP periodically.
Still, there's no foolproof way to avoid discovery against an omnipotent adversary.
COMSEC, not SIGINT (Score:5, Interesting)
Probably, but not for the reasons you think. Tor is known to be used by the military (how much is anybody's guess) for the same reasons anybody else would use it.
Constant data stream (Score:4, Interesting)
Even if you can't become both the entry/exit... (Score:4, Interesting)
Re:Could this be avoided? (Score:1, Interesting)
The first 6 digits are the manufacturer. (minus a bit or two) Your NIC was made by MSI.
Re:Well, not just that. (Score:2, Interesting)
Re:How Many Nodes Do You Need to Own? (Score:2, Interesting)
Herbivore isn't vulnerable to traffic analysis but it's vulnerable to DoS: the attacker's nodes follow the secure entry protocol and get assigned to random cliques. Then they transmit in every round, jamming communication within their cliques. Jamming doesn't require any more bandwidth than normal participation in the protocol, and the source of the jamming can't be detected because communication within a clique is completely anonymous. With cliques of 128 nodes, an attacker who controls 1% of the nodes can jam 72% of the cliques at any given time. If the innocent nodes move to different cliques to escape the jamming, the attackers can move too.