[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

27C3 on Tor

To: or-talk@xxxxxxxxxxxxx
Subject: 27C3 on Tor
From: Eugen Leitl <eugen@xxxxxxxxx>
Date: Tue, 28 Dec 2010 20:07:54 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 28 Dec 2010 14:08:04 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

(via arsetechnica)

http://arstechnica.com/tech-policy/news/2010/12/flaws-in-tor-anonymity-network-spotlighted.ars

Flaws in Tor anonymity network spotlighted

By John Borland, wired.com | Last updated about 4 hours ago

At the Chaos Computer Club Congress in Berlin, Germany on Monday, researchers
from the University of Regensburg delivered a new warning about the Tor
anonymizer network, a system aimed at hiding details of a computer userâs
online activity from spying eyes.

The attack doesnât quite make a surferâs activity an open book, but offers
the ability for someone on the same local networkâa Wi-Fi network provider,
or an ISP working at law enforcement (or a regimeâs) request, for exampleâto
gain a potentially good idea of sites an anonymous surfer is viewing.

âDevelopers have to be aware of this kind of attack, and develop
countermeasures,â said Dominik Herrmann, a Regensburg PhD student studying
profiling and fingerprinting attacks. âBut that proves to be very difficult.â

The research, performed by a variety of collaborators in Germany working on
anonymity measures, represents a warning for privacy-conscious users wary of
spying eyes, whether behind Net-unfriendly borders or simply corporate
firewalls.

Tor is essentially an online mask, rather than a tool that hides the fact or
content of communication itself. The projectâs developers are addressing the
problem of traffic analysisâessentially the threat that an attacker or
observer might be able to tease out a personâs identity, location,
profession, social network or other information about the message content by
analyzing a messageâs unencrypted headers.

To hide this information, the Tor system routes messages around a winding
path of volunteer servers across the Net, with each relay point knowing only
the address of the previous and next step in the pathway.

Once this circuit has been established, neither an eavesdropper nor a
compromised relay will theoretically have the ability to determine both the
source and destination of a given piece of communication. According to the
Tor projectâs latest metrics, the network has drawn between 100,000 and
300,000 users per day over the last several months.

Herrmann and his fellow researchers say thereâs a partial flaw in this
arrangement, however. A potential eavesdropper on the end userâs own network
still has the ability to analyze the patterns of data being returned, and in
many cases will be able to develop a reasonable guess about the source of the
communication.

An attackerâperhaps an ISP instructed by law enforcement or a government to
engage in such surveillanceâwould first have to develop a list of potential
sites that the target might be visiting, or that it was interested in
monitoring. It would then run the Tor system itself, testing the way these
sites appeared when accessed through Tor, developing a database of
âfingerprintsâ associated with the sites of interest.

Once the target of the surveillance went online, the eavesdropper would
capture the packet stream as it crossed the local network and compare the
source data with its fingerprint database with the help of pattern
recognition software. Any match would be only statistical, giving somewhere
between 55 percent and 60 percent certainty, Herrmann saidânot enough to
provide hard evidence in court, but likely more certainty than many people
seeking privacy might be comfortable with.

Different online destinations will carry different susceptibility to
fingerprinting, of course. Unusual sites, with characteristics such as very
heavy or large graphic use, can be more easily identified, Herrmann said. By
the same token, the easiest way for a website to fool such an eavesdropper
would be to make its site look as closely as possible like another popular
siteâmimicking the look of the Google site, for example, one of the most
commonly accessed pages on the Web.

Users themselves can guard against this type of fingerprint-based
eavesdropping relatively easily, Herrmann noted. Downloading or requesting
more than one site at a time through the network will muddy the pattern
enough that certainty will be very difficult for the eavesdropper to
establish.

The research many not dissuade many from using Tor, which remains one of the
most promising approaches for individuals seeking to hide aspects of their
identity or online activity. But it may well make them work harder.

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: 27C3 on Tor
  - From: Roc Admin
- Re: 27C3 on Tor
  - From: Sebastian Lechte

Prev by Author: Home Internet with Anonymity Built In
Next by Author: Re: Arm Release 1.4.0
Previous by thread: The new translation portal
Next by thread: Re: 27C3 on Tor
Index(es):
- Author
- Thread