[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Wired Story on Uncovering Users of Hidden Services.



On 2014-08-14 00:18, Roger Dingledine wrote:
On Wed, Aug 13, 2014 at 10:06:00AM +0000, blobby@xxxxxxxxxxxxxxx wrote:
If it's possible for the owner of a hidden service (whether the FBI
or a regular person) to install malware which grabs visitors' IPs,
then what is stopping any hidden service owner from doing this?

See
https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html
and
https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
plus all the discussion under it.

Browser security is a big issue because there's so much surface area
to secure.

The defense is to stay up to date on your browser. It's not perfect
but it sure does help (and it was sufficient in this case).

How, in this case, was it possible for the FBI to learn the IP
addresses of visitors to this hidden service? The Tor hidden server
page states that "In general, the complete connection between client
and hidden service consists of 6 relays: 3 of them were picked by
the client with the third being the rendezvous point and the other 3
were picked by the hidden service."

Can someone knowledgeable please explain how visitors to a Tor
hidden service can have their real IPs detected?

In addition to the above links, you might also like
https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-august-7th-2013
https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-august-14th-2013
https://blog.torproject.org/blog/hidden-services-current-events-and-freedom-hosting

--Roger

Thanks for these links. Illuminating reading.

However, the story I referred to has nothing to do with Freedom Hosting.

It refers to "Operation Torpedo" (get the joke: "tor" + "pedo").

Wired did a follow up to the original story on 26 August: http://www.wired.com/2014/08/federal-cybersecurity-director-guilty-child-porn-charges/

Original story (5 August): http://www.wired.com/2014/08/operation_torpedo/

As I mentioned, the original story has a link to the affidavit which contains information about the FBI malware.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk