[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: following on from today's discussion

To: or-talk@xxxxxxxxxxxxx
Subject: Re: following on from today's discussion
From: Matej Kovacic <matej.kovacic@xxxxxxxxx>
Date: Sat, 19 Aug 2006 08:33:41 +0200
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sat, 19 Aug 2006 02:35:52 -0400
In-reply-to: <20060819001958.GB17299@fscked.org>
Organization: owca.info
References: <200608182214.29398.robert@roberthogan.net> <20060818214703.GB3008@moria.seul.org> <20060818224718.GC3008@moria.seul.org> <20060819001958.GB17299@fscked.org>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.6 (Windows/20040502)

A simple example of modifying traffic: http://www.schneier.com/blog/archives/2006/08/stealing_free_w.html http://www.ex-parrot.com/~pete/upside-down-ternet.html

Could be easily applied to Tor exit point too.

However, sniffing is not a problem if you are visiting only public webistes (do not exchange any personal information), But traffic injection could be.

Remember Penet remailer? They were accused to help distribute child pornography. It was not true, and it was proved so later. But Penet admin decided to shut down the service anyway because of public preasure. I am a little worried, that "someone" will try to destroy Tor network by sniffing, injecting, downloading child pornography/hacking through Tor and doing other nasty things...

I was thinking about a solution to prevent traffic injection in non-encrypted public websites. What about having TWO conection open and do some kind of checking if the content is the same (maybe access the content from two different locations and do some MD5 check). I know the idea is hard to implement, since website can serve different content for each location or every second, and this could also mean double load of Tor network. But maybe someone will develop my idea into the usable form... If not, feel free to drop it away.

bye, Matej

Follow-Ups:
- Re: following on from today's discussion
  - From: Mike Perry

References:
- following on from today's discussion
  - From: Robert Hogan
- Re: following on from today's discussion
  - From: Roger Dingledine
- Re: following on from today's discussion
  - From: Roger Dingledine
- Re: following on from today's discussion
  - From: Mike Perry

Prev by Author: Re: what data transmission with tor is a security risk ?
Next by Author: Re: following on from today's discussion
Previous by thread: Re: following on from today's discussion
Next by thread: Re: following on from today's discussion
Index(es):
- Author
- Thread