[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Operation Onymous Technical Explanation?

> Seeking technical information on how hidden services were de anonymized
> and what updates to HS protocol was applied as a mitigation.
> Thanks,

A protocol flaw allowed Guard-node and Exit-node (or that thing that
does rendezvous, forgot the name) to talk to each other over a "hidden
information line" on one Tor circuit. Guard-node knows the real IP,
Exit-node knows traffic + destination IP or in the case of hidden
services, the destination onion.
If both nodes were attacker-controlled, they talked to each other via
that information line, using some weird Tor control messages which were
somehow transparently transported on the whole circuit.
Torproject disabled that weird control message and included a detection,
if any Tor client notices someone still using it, it creates a log
message with the instruction to notify Torproject.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to