Tor Open To Attack 109
An anonymous reader writes "A group of researchers have written a paper that lays out an attack against Tor (PDF) in enough detail to cause Roger Dingledine a fair amount of heartburn. The essential avenue of attack is that Tor doesn't verify claims of uptime or bandwidth, allowing an attacker to advertise more than it need deliver, and thus draw traffic. If the attacker controls the entry and exit node and has decent clocks, then the attacker can link these together and trace someone through the network."
Well, not just that. (Score:5, Interesting)
This actually makes me wonder if there is a military/intel datacentre that does this already.
Re:Well, not just that. (Score:5, Interesting)
No, but the Chinese equivalent of the FBI probably cares a lot about what its citizens are doing on the net, and the ability of users living under hostile regimes to get unfettered network access is one of the goals of projects like Tor.
There are people with resources besides the NSA.
Re: (Score:2, Interesting)
Re:Well, not just that. (Score:5, Informative)
If [dailykos.com] only [commondreams.org] that was true [sldn.org]...
Re: (Score:2)
That's true, but there are enough of these stories floating around from different sources that it's safe to just pick some random examples.
I actually think the OP's reasoning is flawed in that he assumed that the government behaves in a rational manner. Just because it doesn't make any sense to a sane person for the NSA to worry about the TOR pr
Re: (Score:2)
Can I have a ride on the flying saucer, then?
(Or, to pick another snarky comment, the plural of anecdote != data).
Re: (Score:1)
I honestly didn't think it was that controversial, more along the lines of common knowledge. Everyone knows the US government has gone insane [slashdot.org], don't they?
Re: (Score:1)
Re: (Score:1)
Re: (Score:3, Insightful)
Of course there are going to be police at protests. Blending in with the crowd just makes it easier to take care of things if an incident occurs. Is this supposed to be surprising, scandalous, conspiratorial? Because it's not. It's perfectly logical to anyone with a lick of sense.
This is from the second link of the GP:
The officers hoist protest signs. They hold flowers with mourners. They ride in bicycle events. At the vigil for the cyclist, an officer in biking gear wore a button that said, "I am a shameless agitator." She also carried a camera and videotaped the roughly 15 people present. Beyond collecting information, some of the undercover officers or their associates are seen on the tape having influence on events. At a demonstration last year during the Republican National Convention, the sham arrest of a man secretly working with the police led to a bruising confrontation between officers in riot gear and bystanders.
Perfectly logical? Really?
Re: (Score:3, Informative)
At which point the client seeks another route. Right?
What I'm saying is that I don't think this would be effective with only one or two nodes.
Though on a larger scale, I agree that this tactic could effectively DOS the network.
Re: (Score:2)
COMSEC, not SIGINT (Score:5, Interesting)
Probably, but not for the reasons you think. Tor is known to be used by the military (how much is anybody's guess) for the same reasons anybody else would use it.
Re:COMSEC, not SIGINT (Score:5, Funny)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Re:I for one.. (Score:4, Funny)
Not quite so oblig SW reference.. (Score:3, Funny)
"I felt a great disturbance in the Internet, as if millions of child-pornographers suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened."
Now now, I know Tor isn't just used for naughty stuff. I just thought it was funny. Sorta.
Re:Not quite so oblig SW reference.. (Score:4, Informative)
"Feb 25 16:16:02.628 [notice] Tor v0.1.1.xx. This is experimental software. Do not rely on it for strong anonymity."
Thus proving, once again, that Tor is only for the Quasi-anonymous group.
Re: (Score:2)
Tor also tells you to not use it for BitTorrent, but clueless Diggers continue to do so.
welcome to the watchlist (Score:3, Funny)
So, ze kiddie porn is on vor mind, eh Social Engineer? Very interesting. Who besides grandstanding politicians, media whores and actual pedophiles actually thinks or talks about kiddie porn? You must be one of the bag guys. The FBI vill be watching everything you do for the next ten years.
Re: (Score:1)
Re: (Score:2)
There are plenty of others and they are easy to identify because they keep saying the same things: M$ rules, free software sucks and Slashdot sucks.
I look forward to you finding where I said any of those things at any point. I'll be waiting, as usual, for any sign of a coherent argument from you.
Re: (Score:1, Flamebait)
Erm, "free software sucks"? I've coded some free software (a tiny useless piece of public domain stuff, but still) before, released it, got it put into the Debian archive (yes, you can apt-get a tiny little piece of jb.hl.com now. Get you paranoid yet?). I use Firefox, OpenOffice.org, Thunderbird and the GIMP almost daily, and up until recently used Linux pretty much full time. What planet are you on? Microsoft don't rule, they do a lot of suspect things, I just find Windows to be the best platf
Love and Hate (Score:2)
What do I, or Joe, or dedazo, or any of the other user names you intentionally misspelled, have to do with your parent comment?
Oh, I know. Hate.
Chinese Dissidents (Score:1)
In Soviet Russia... (Score:2, Funny)
Re: (Score:2)
So you're not far from truth
How Many Nodes Do You Need to Own? (Score:5, Insightful)
3 to 6 servers out of 60 is still 5 to 10 percent. That's fine for small networks, but for a network with hundreds or thousands of nodes, controlling 5 to 10 percent may become infeasible. Does this attack require the number of nodes to scale with network size?
Re: (Score:1)
No amount of surveillance is infeasible for a determined government.
Re: (Score:1)
Re:How Many Nodes Do You Need to Own? (Score:4, Interesting)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2, Interesting)
Herbivore isn't vulnerable to traffic analysis but it's vulnerable to DoS: the attacker's nodes follow the secure entry protocol and get assigned to random cliques. Then they transmit in every round, jamming communication within their cliques. Jamming doesn't require any more bandwidth than normal participation in the protocol, and the source of the jamming can't be detected because communication within a clique
Re: (Score:2, Informative)
Tor scales to a few hundred nodes [noreply.org], but it doesn't scale indefinitely - all the routers are listed in a central directory [seul.org] to ensure that all clients use the same set of routers and the same set of public keys.
Re: (Score:2)
Okay. I understand now. Because Tor can only scale up to a few hundred nodes, you only need ten or twenty compromised nodes to effectively monitor the entire network.
Filtering? (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
It's absolutely a technical possibility, but doing it is discouraged for a few reasons.
First, it's likely to be extremely ineffective. What are you gonna do, keep a list of all IPs, urls, etc that host child porn? Even commercials apps that filter the internet are unable to do this effectively. This is even more so for criminal activity - how do you automatically know whether a bitstream is being used for crim
Anonymity Vs Performance in Multi-Hop Networks... (Score:5, Interesting)
It has been known for some time that anyone with the resources to do so could launch an end-to-end attack on Tor. That someone with relatively few resources could launch the same attack is newsworthy, perhaps, but far more interesting is the observation that optimizing network traffic flow in order to improve performance is the direct cause of this weakness.
Could this be avoided? (Score:4, Informative)
Re: (Score:2)
Re: (Score:1)
Re:Could this be avoided? (Score:4, Interesting)
Probably your best bet would be to use a spoofed MAC address, and change both the AP you connect to, the MAC address you report, and the PC's physical location, on a regular and frequent basis. That would make it difficult to determine whether you were a single location that's moving a lot and using different MAC addresses, or were multiple computers each just using the AP periodically.
Still, there's no foolproof way to avoid discovery against an omnipotent adversary.
Re: (Score:1)
Thanks for ruining my day.
Obviously, I'm not doing anything illegal (otherwise, I'd be posting as an AC), but there's a lot to be said for people being able to be truly anonymous in a public space (such as no fear of retaliation by a potentially hostile/oppressive government).
Oh well. I guess that if somebody has to do something online and be truly anonymous, they can still drive to one of these open networks that
Re: (Score:3, Insightful)
Re: (Score:2)
Based on the time differentials, your position is narrowed down.
your PC can only see one, but that's because the others aren't talking to you.
No, I don't know the detail
Re: (Score:2, Informative)
Unless you purchased your network card on a credit card at a place that scans the MAC address along with the UPC when they ring you up, like CompUSA does. (to make sure you don't return a different network card for a refund)
Re: (Score:2)
Also, try changing [google.com] your MAC address to something like 66-75-6B-6F-66-66.
Re: (Score:2)
Re: (Score:2)
Oh yeah, I should make it clear this is through driver software, and not just via a linux terminal.
On Windows, right click Network [Neighborhood] and click Properties. Vista users need to click "Manage Network Connections" next. Then right click the network connection of the adapter you want to change the MAC address of, then continue past the UAC prompt if you use Vista. Click Configure to get to the network card settings. Go to the Advanced tab. If your card supports it there will be a Network Addr
Re: (Score:1)
Re: (Score:1, Interesting)
The first 6 digits are the manufacturer. (minus a bit or two) Your NIC was made by MSI.
Re: (Score:2)
Re: (Score:2)
There should be some ammendments to some crucial constitutions to guarantee that there should be no laws (and therefore state action) against anonymous and encrypted communication.
I'll bite (Score:1)
Constant data stream (Score:4, Interesting)
Even if you can't become both the entry/exit... (Score:4, Interesting)
No love for Freenet? (Score:5, Funny)
Re: (Score:1)
A casual googling didn't reveal anything, and I'm feeling really curious about how that happened.
Re: (Score:3, Informative)
As the above AC said, a lot of the discussion was on Frost, which doesn't have any publicly-accessible archives. You can find the mailing list thread here [freenetproject.org], though. In particular this [freenetproject.org] and this [freenetproject.org]
Of course, I'm not sure if this really matters that much; last I heard, Freenet was known to be vulnerable to man-in-the-middle attacks [freenetproject.org], and fixing it wasn't considered a priority...
Pffft (Score:1)
Existing Research (Score:1)
Ok so... (Score:1)
wonderful (Score:1)
Official Tor response (Score:2, Informative)
Shava Nerad
executive director
The Tor Project
Re: (Score:1, Funny)
Re: (Score:1)
Re: (Score:3, Insightful)
Re: (Score:2)
Re:WTFITOREH? (Score:4, Insightful)
To anyone not in the know, the fact that the TOR protocol has a weakness means absolutely NOTHING regardless of whether they know what TOR stands for or not.
Granted, there is such a thing as TLA-overload...but I don't think this is it. If you don't know that TOR stands for The Onion Router, then why the hell do you care whether it is vulnerable to attack or not? You obviously aren't using it... You don't care about the technology or implementation... You are apparently not even curious enough to Google it... So why bother clicking through to post such a rant?