Forgot your password?
typodupeerror
Encryption Privacy Security

Tor Blacklisting Exit Nodes Vulnerable To Heartbleed 56

Posted by timothy
from the all-tor-up dept.
msm1267 (2804139) writes "The Tor Project has published a list of 380 exit relays vulnerable to the Heartbleed OpenSSL vulnerability that it will reject. This comes on the heels of news that researcher Collin Mulliner of Northeastern University in Boston found more than 1,000 nodes vulnerable to Heartbleed where he was able to retrieve plaintext user traffic. Mulliner said he used a random list of 5,000 Tor nodes from the Dan.me.uk website for his research; of the 1,045 vulnerable nodes he discovered, he recovered plaintext traffic that included Tor plaintext announcements, but a significant number of nodes leaked user traffic in the clear."
This discussion has been archived. No new comments can be posted.

Tor Blacklisting Exit Nodes Vulnerable To Heartbleed

Comments Filter:
  • by Anonymous Coward

    I'm under the impression the higher-end folks are encrypting their traffic before the routing layer and anyone else is an idiot, is that about right?

    • by Anonymous Coward

      people using it for privacy/secret stuff = yes.

      people using it simply as a proxy to avoid censorship = maybe not

    • That's not really the point though, since you can always encrypt traffic using TLS. The point of Tor is to hide the end point you are communicating with from someone who controls the network that your computer is on, like a decentralized VPN. You could always gather traffic on both ends (client side and end point/exit node, called an intersection attack), but it is very unlikely that one party will have control of two separate networks like that. With this attack, you don't actually need control of the o
  • ... to what Tor already leaks, is the previous hop from which the exit traffic came, and possibly meta data on other tunnels relayed by (but not terminated at) the node. If the relayed connection is SSL/TLS encrypted, that encryption is end-to-end from the original client to the server; sniffing some exit-node memory does not help you there. If the related connection is in the plain, then, well, then sniffing the exit node's memory does not tell you any more than you already knew by looking at its plain-text traffic.

    Now, Heartbleed is not completely harmless here: You may, if you're very lucky, be able to sniff the previous node name, but as Tor tunnels are longer than that, that does not help you much. Plus, tunnels endpoints tend to change every couple of minutes, making the cross section even smaller. Also, you may now be in a position to sniff data from nodes whose ISP network you do not control, allowing you to do network-wide attacks. That may in fact be the biggest problem.

    • by cryptizard (2629853) on Thursday April 17, 2014 @11:59AM (#46780383) Homepage
      The point is that, if you know the IP address of the exit node, you can use the heartbleed bug to examine it's outgoing traffic even if you don't have control of the network the exit node is on. This makes intersection attacks much easier because you only need to have data from one end. If I control a network where I see some Tor users, all I have to do is use this exploit on exit nodes until I see outgoing traffic that matches the traffic I see on my own network. I can then link that data to clients on my network and Tor is defeated. This attack is always possible if you control both the client's network and the end point they are communicating with (or some piece of the network between the exit node and the end point), but with this attack you don't need to actually control any part of the network on the exit side because you can just query the exit nodes directly and they will tell you themselves.
  • It'd be neat if tor exit nodes enforced a complete no-plaintext policy (and the tor network, in turn, blacklisted exit nodes that didn't do this). Any plain http connection you try to tunnel through tor should be blocked as soon as it reaches the exit node, just as a precaution.

    • What does that have to do with anything? You could still learn the destination address, which is what Tor is trying to hide.
  • by Anonymous Coward

    As they keep taking more and more nodes down with these policy changes, Tor becomes even slower and less reliable. These continued attacks will destroy Tor if we allow them to continue. We should fight against this attempt to shut-down nodes.

What this country needs is a dime that will buy a good five-cent bagel.

Working...