[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] List of ways to attack Tor

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] List of ways to attack Tor
From: windows95@national.shitposting.agency
Date: Thu, 05 Jan 2017 12:25:20 +1030
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 Jan 2017 20:56:59 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=national.shitposting.agency; s=mail; t=1483581321; bh=kfW9Kkb5z9WlLYo1xEaYEjbnS/OuW8JZsi+aN6QL/1A=; h=Date:From:To:Subject:From; b=M/uMw0fxK8Du/+RW6v0Ac66ObckLTE0VQE0iE22yA2trQmyEOssp0/i+3cFo/wdDJ nm5ve0cySxCZBKdMj4qsBN3WQ8aMNkeJ8abOD+X7JZXqkf6dBNBqzkxADrNqGp2opB uZn/o6mF1vbTZL/SADEOw7eChdFA4f2KE2I9bKzLlNHQGpSceHWvyavEIrrEYE6vYV FnSk6UIzMejlEfTIVIvQ+3eHML6hXmQplyC2t97SuKxV66CmmO5wBSu3dDz8ZKB4aC gWLxfaQPDPaF6knCZUKKJzuRwlCZq5PkccusIEhR4T4fSd0Rr2YFWkdg+burYAH09M ciO2v2ZRTVdIw==
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail/1.2.3

Hello

I'm tasked with doing a short report on the ways in which Tor can beattacked.I've brainstormed and done research for few hours and this is the listI've come up with.

Is there anything big that I've missed?
I feel I might be a bit light on more technical attacks.

Your help is greatly appreciated.
Thanks

Realistic attacks against Tor:

-DDoS directory authorities, possibly knocking the entire network downafter a time-DDoS hidden service directories to keep a specific hidden serviceoffline

-DDoSing specific hidden services to keep them offline

-Hacking the directory authorities and spreading false networkinformation, perhaps to direct more people to malicious relays-Repeatedly requesting information about bridges until you've built alist of all of them-Traffic sniffing and analysis at the exits relays, perhaps leading todiscovery of personal identity information-Traffic modification at the exit relays (e.g. JavaScript injection whena client visits a website using HTTP)

-Traffic analysis resulting in end-to-end correlation

-Traffic tagging resulting in end-to-end correlation (are there any waysto do this with current Tor?)-Sniffing for hidden service addresses by becoming a hidden servicedirectory and logging all the onion addresses you observe-Inserting relays strategically so they become hidden servicedirectories of a specific hidden service, then denying access to it-Flooding the network with fake hidden services until the hidden servicedirectories can no longer handle them all and run out of memory-Tracking techniques (e.g. cookies, fingerprinting) being used fordeanonymisation when the same browser is used for Tor and non-Torbrowsing-Tracking clients between exit relays via techniques such asfingerprinting

-Application layer attacks
	-Exploiting underlying browsers and applications
	-Taking advantage of insecure protocols being used such as BitTorrent

-Getting clients to download and open files that call home withapplications that aren't configured to use Tor (e.g. what I heardhappened with the FBI pedo hacks or a trojan)-Embedding yourself in the Tor community then advocating designdecisions or inserting code that weakens Tor-Same as above except for protocols and software that Tor relies uponsuch as encryption standards and libraries-Taking advantage of existing weaknesses or back-doors in software thatTor replies upon (Heartbleed)-Providing unofficial versions of Tor that contain back doors (as Iassume is what is happening on mobile app stores, which are filled withunofficial Tor)-Hacking the official Tor file servers to distribute back-dooredversions of Tor-Finding out what websites (and maybe hidden services) an improperlyconfigured client is looking at by examining the DNS requests they make-Breaking of encryption (in the theoretical situation that you have acomputer powerful enough to do this, such as a quantum computer)-Identifying Tor users and hacking them (isn't this what the FBI intendsto do from now on?)

-Social engineering
	-Ruin the reputation of tor
		-It was invented by and funded by the government, therefore:
			-It's contains back-doors
			-It's a honey-pot

-The FBI arrests paedophiles who use Tor every other day, obviouslyit's not secure-Using it will make you a target. You connect once and you're a personof interest for the rest of eternity; you'll have NSA agents readingyour email and CIA agents going through your trash

		-Only criminals use Tor

-How could something that is free be more secure than something thatcosts money? Use a VPN

	-Ruin the reputation of developers

-Encourage the project to get overly political on unrelated issues,dividing the community-Dictate that certain kinds of research cannot be done about Tor sothat vulnerabilities will never be discovered and fixed

-Government or ISP blocking of Tor (e.g. the Great Firewall)
-Making use of Tor a crime

-Websites blocking Tor exit relays or crippling Tor users' ability touse the site-Have law enforcement and copyright holders harass exit relay ownersuntil they shut down

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] List of ways to attack Tor
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] List of ways to attack Tor
Previous by thread: Re: [tor-talk] [GetTor] Simple way of getting Tor countering TorProject.org and its mirrors censorship using the Internet Archive's Wayback Machine
Next by thread: Re: [tor-talk] List of ways to attack Tor
Index(es):
- Author
- Thread