Scientists Detect Two Dozen Computers Trying To Sabotage Tor Privacy Network 94
New submitter fynbar writes "Computer scientists have identified almost two dozen computers that were actively working to sabotage the Tor privacy network by carrying out attacks that can degrade encrypted connections between end users and the websites or servers they visit (PDF). 'Two of the 25 servers appeared to redirect traffic when end users attempted to visit pornography sites, leading the researchers to suspect they were carrying out censorship regimes required by the countries in which they operated. A third server suffered from what researchers said was a configuration error in the OpenDNS server. The remainder carried out so-called man-in-the-middle (MitM) attacks designed to degrade encrypted Web or SSH traffic to plaintext traffic. The servers did this by using the well-known sslstrip attack designed by researcher Moxie Marlinspike or another common MitM technique that converts unreadable HTTPS traffic into plaintext HTTP.'"
Only 24? (Score:4, Insightful)
If only 24 "bad" computers can cause that big of an issue then the TOR network clearly has bigger problems.
I'm surprised that there was so few detected doing it.
Re:scientists? (Score:5, Insightful)
Every time you see a headline in the form of "Scientists discover new foo" you can pretty much stop reading right there. The author is most likely the sort of person that confuses science with wizardry and isn't very likely to produce an article of any real substance. You could actually just replace every instance of scientist with wizard and impart the same level of information.
Re:Slashdot does this... (Score:5, Insightful)
Slashdot does this automatically
$ echo QUIT | openssl s_client -connect slashdot.org:443 | openssl x509 -text
Yeah, that's just sad. You'd think a popular technology news website such as Slashdot, of all places, would be on the ball and at least support TLS traffic... but it's actually worse than that. They're not lazy (they have a GeoTrust wildcard certificate issued back in April last year) but deliberately don't want people securing their connections, hence the 302 redirection the have in place. :(
Re:just a thousand exit nodes (Score:4, Insightful)
Even if you get a great TOR connection, sent that message around the world, your message in and out can always be re joined no matter the entry or exit point.
The low count of all exit nodes per month as an average is telling, chilling and unexpected.