[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] FBI cracked Tor security

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] FBI cracked Tor security
From: Jon Tullett <jon.tullett@xxxxxxxxx>
Date: Thu, 14 Jul 2016 09:38:01 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 14 Jul 2016 03:38:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=jJynlEBn2Ul3wyVhjQDu8lBIFIUpvtp3LMlu691N7CE=; b=AWJLZkdSRyodKDFQT/L8hHA6n0LMeHl/68e4ZwydibphN80XcnRMvWEIUN0o/aotyr ezcMuWKjiENcoX7A23ZDRadngE5yDMjDOclkOWNIRgPzCC/SlVEZfdoy/euBIBpzapwQ Dq1677KsGy2ZO+VIuquskYhhSXf+4S1GuwWSjBLLijoiDNt3SPk2w08UjeQSOyQFlfzS jhDNWw5jpT/XjDyd1BKvV5wlJjBEt+ogmAz6quqbUoCFg35Q3rnXUNvYXHgJeFbBT4UT 3NwPPXphUmplXYkFHLfTz1+iZRbaPsP4+ol1d1Z3uRpBkWhetWbNPp8Dl0+U0bDG9x8D 2Ubw==
In-reply-to: <5787332E.5000708@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <652210562.2768097.1468453881242.JavaMail.yahoo.ref@mail.yahoo.com> <652210562.2768097.1468453881242.JavaMail.yahoo@mail.yahoo.com> <CAPkfgVYU_T9w0SJ9QsqSo8EXHgbJx68hROb6E8ELsrS2J6W6kg@mail.gmail.com> <5787332E.5000708@riseup.net>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 14 July 2016 at 08:37, Mirimir <mirimir@xxxxxxxxxx> wrote:

> On 07/14/2016 12:23 AM, Jon Tullett wrote:

>> Having pwned the server, a malware component is then injected to
>> visiting computers. Ie: when the criminal visits the infected
>> site, his PC is infected (over that encrypted, secure, etc)
>> connection. Now infected, his PC will be under the control of the
>> FBI, and the investigation will proceed from there. As soon as it's
>> connected to the regular internet, that connection will be traced,
>> but that connection is not necessary - data on the PC can be
>> exfiltrated by the feds over Tor and used to identify the user.
>
> Tor Project ought to inform users about this risk, and recommend
> countermeasures. It's not like this is new. I see nothing at
> <https://www.torproject.org/download/download.html.en#warning>.

I agree - a warning of the dangers of visiting infected onion sites
could be useful (even though the problem is not specifically a Tor
one). There's the risk of feature creep - security is a big space and
it isn't really Tor's job to educate people on every risk online.
Perhaps a clarification that just as TBB is not all you need to
maintain privacy, it's also not all you need to stay secure, with a
pointer to some external tips?

For onion site operators, there's this:
https://www.torproject.org/docs/tor-hidden-service.html.en

Which does include this: 'Hidden services operators need to practice
proper operational security and system administration to maintain
security. For some security suggestions please make sure you read over
Riseup's "Tor hidden services best practices" document.'

Which in turn links here:
https://help.riseup.net/en/security/network-security/tor/onionservices-best-practices

That's more specifically about Tor config though - it could usefully
include pointers on basic webserver opsec too, though again it may be
out of scope to say much more than "bad people may attack your web
server, onion or not. Educate yourself on keeping it secure".

-J
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] FBI cracked Tor security
  - From: Mirimir

References:
- [tor-talk] FBI cracked Tor security
  - From: Nick Levinson
- Re: [tor-talk] FBI cracked Tor security
  - From: Jon Tullett
- Re: [tor-talk] FBI cracked Tor security
  - From: Mirimir

Prev by Author: Re: [tor-talk] FBI cracked Tor security
Next by Author: Re: [tor-talk] FBI cracked Tor security
Previous by thread: Re: [tor-talk] FBI cracked Tor security
Next by thread: Re: [tor-talk] FBI cracked Tor security
Index(es):
- Author
- Thread