Forgot your password?
typodupeerror
Privacy Security The Internet

Scientists Detect Two Dozen Computers Trying To Sabotage Tor Privacy Network 94

Posted by Soulskill
from the a-few-bad-onions-spoil-it-for-the-rest-of-us dept.
New submitter fynbar writes "Computer scientists have identified almost two dozen computers that were actively working to sabotage the Tor privacy network by carrying out attacks that can degrade encrypted connections between end users and the websites or servers they visit (PDF). 'Two of the 25 servers appeared to redirect traffic when end users attempted to visit pornography sites, leading the researchers to suspect they were carrying out censorship regimes required by the countries in which they operated. A third server suffered from what researchers said was a configuration error in the OpenDNS server. The remainder carried out so-called man-in-the-middle (MitM) attacks designed to degrade encrypted Web or SSH traffic to plaintext traffic. The servers did this by using the well-known sslstrip attack designed by researcher Moxie Marlinspike or another common MitM technique that converts unreadable HTTPS traffic into plaintext HTTP.'"
This discussion has been archived. No new comments can be posted.

Scientists Detect Two Dozen Computers Trying To Sabotage Tor Privacy Network

Comments Filter:
  • Only 24? (Score:4, Insightful)

    by Anonymous Coward on Wednesday January 22, 2014 @03:23AM (#46033457)

    If only 24 "bad" computers can cause that big of an issue then the TOR network clearly has bigger problems.
    I'm surprised that there was so few detected doing it.

  • Re:scientists? (Score:5, Insightful)

    by alzoron (210577) on Wednesday January 22, 2014 @04:11AM (#46033599) Journal

    Every time you see a headline in the form of "Scientists discover new foo" you can pretty much stop reading right there. The author is most likely the sort of person that confuses science with wizardry and isn't very likely to produce an article of any real substance. You could actually just replace every instance of scientist with wizard and impart the same level of information.

  • by Boltronics (180064) on Wednesday January 22, 2014 @05:46AM (#46033851) Homepage

    Slashdot does this automatically

    $ echo QUIT | openssl s_client -connect slashdot.org:443 | openssl x509 -text

    Yeah, that's just sad. You'd think a popular technology news website such as Slashdot, of all places, would be on the ball and at least support TLS traffic... but it's actually worse than that. They're not lazy (they have a GeoTrust wildcard certificate issued back in April last year) but deliberately don't want people securing their connections, hence the 302 redirection the have in place. :(

  • by AHuxley (892839) on Wednesday January 22, 2014 @09:49AM (#46034817) Homepage Journal
    Yes the NSA, GCHQ and friends have to low count of optical from nation to nation to thank for their easy global surveillance.
    Even if you get a great TOR connection, sent that message around the world, your message in and out can always be re joined no matter the entry or exit point.
    The low count of all exit nodes per month as an average is telling, chilling and unexpected.

Make sure your code does nothing gracefully.

Working...