Black Hat Presentation On Tor Cancelled, Developers Working on Bug Fix 52
alphadogg writes A presentation on a low-budget method to unmask users of a popular online privacy tool Tor will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon's Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference's website.
Tor project leader Roger Dingledine said, "I think I have a handle on what they did, and how to fix it. ... Based on our current plans, we'll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn't the end of the world." Tor's developers were "informally" shown materials about the bug, but never saw any details about what would be presented in the talk.
Re:What? (Score:5, Informative)
An NSL is a directive to disclose info that may include the requirement not to reveal the disclosure occurred. An NSL is not a way to simply order someone to be quiet.
Re:TOR is actually sponsored by Uncle Sam (Score:5, Informative)
The origins where for open source intelligence gathering by the US mil and the US gov support of "freedom fighters" spreading democracy.
The main issue early on was any user of the tech would be seen as a tool of the US gov. Not good if emerging human intelligence stands out on any telco system.
How was this set back to be fixed? By flooding the network with diverse users globally and offering free bandwidth, better speed and pushing the an open source grassroots technology front.
The press, dissidents and whistleblowers, all kinds of sites started to spread news about wanting to help people the in repressive countries.
ie a large group of users had to be created allow gov users to hide and help with the node/relay.
Carefully crafted news dropped the military and intelligence origins and pushed the press, First Amendment, dissidents, protected speech side.
Follow the early grants back ie "Pass-Through" funding.
Terms like '“Basic and Applied Research and Development in Areas Relating to the Navy Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance.”" seems to be floating around.
Finally we got to Snowden and the Stinks page. "Critical mass" - the users are all on the same network, and we are back to the fast exit relays question.
Follow the few law enforcement stories, if you have all data moving out of a network, around the world a few times and then back into the same network?
Its simple to find the in ip, back from the message sent. We also now know that the "internet" in some countries is a known network Tempora https://en.wikipedia.org/wiki/... [wikipedia.org] and XKeyscore http://daserste.ndr.de/panoram... [daserste.ndr.de]