[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
From: Nathan Suchy <theusernameiwantistaken@xxxxxxxxx>
Date: Sun, 25 Aug 2013 20:58:46 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 25 Aug 2013 21:11:10 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=xHetsCO//j5Nim271da9g47Hl5rCz9rFCas/VuqUank=; b=MauVkY8OuX6BfS/BruqTFpjrT4GacIcRXOuaMbY7Ygf5nqL7Gi11ufZwKlqlacqpi/ RMW+eLN02+mK8TWuQb5LKfyj9NIvMNDK7wZhDpBRWI/D/Vg1CR3HSD2ZhygsNcjgN6sR DSSfnDE1Rpt0DShu4YfKXKvbmnflAmmKPqv6+8XoRj+BXr4Fswr7HYVGVMGbBCcP1O04 DKiP23/2O4gQGuEU7a9hgXaT0vR4yE1c6BwrA4zUHOcZtWS4n+s9o0nnv/PHLglBpnFD U4wS+RznX/giOJ5QdapPMYkbyEFIfUCWz2BxY96mvL+ovpOkdOT67qECF/1BV3so5TpP Dcxw==
In-reply-to: <20130825235805.GN31806@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-8JeSCB0Rjx@xxxxxxxxxxxxx> <20130825235805.GN31806@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Tor is very secure software but its time we redesign hidden services to be
faster and more secure. We should bundle a hidden service server which
won't connect to the internet except through Tor and only knows it's Tor IP
address.
On Aug 25, 2013 7:58 PM, "Roger Dingledine" <arma@xxxxxxx> wrote:

> On Sun, Aug 25, 2013 at 05:05:26PM -0400, hikki@xxxxxxxxxxxxx wrote:
> > The US feds did actually take down FH, which was a HIDDEN SERVICE! They
> > found it and arrested the admin! Period!
>
> Reminds me of my response when in 2011 some Dutch police broke into
> a hidden service:
> https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html
>
> "If you have an instant messaging conversation with a Tor user and
> convince her to tell you her address, did you break Tor? Having an
> http conversation with a webserver running over a Tor hidden service,
> and convincing it to tell you its address, is not much different."
>
> We don't know in this case if they did it through exploiting the software
> running on the other end of the hidden service, or by the old "follow
> the money" trick, or by having an insider provide the info, or what.
>
> It could in fact have been by attacking the Tor protocol directly (see
> below). But I think in many cases, even with the various known weaknesses,
> the above "just bypass Tor and attack them in other ways" approaches
> are even easier. (This observation should scare you more, not less.)
>
> The fact that somebody started serving malware on the various hidden
> services:
>
> https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
> makes me think that they got in via the software running the webserver.
> I mean, heck, I heard he let strangers run php scripts in his webserver.
>
> For another case of a hidden service being compromised, see
> https://blog.torproject.org/blog/trip-report-october-fbi-conference
> The summary sentence there is "Way before they switched to a Tor hidden
> service, the two main people used Hushmail to communicate."
>
> > If they can find hidden services, finding regular tor clients would be
> even
> > easier!
>
> This part is unfortunately (well, ok maybe fortunately, but either
> way) false. Hidden services are weaker than normal Tor circuits for two
> reasons: a) they stay in the same place over time, and b) you, the user,
> can choose how often they make circuits. These two properties combine
> to produce a variety of other problems. I described some of them briefly
> in the 29c3 talk this past December, but see
> https://blog.torproject.org/blog/hidden-services-need-some-love for
> many more details, including references to academic papers on the topic.
>
> --Roger
>
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
  - From: mirimir

References:
- [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
  - From: hikki
- Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] Appearing American
Next by Author: Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
Previous by thread: Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
Next by thread: Re: [tor-talk] Isn't it time to ADMIT that Tor is cracked by now??
Index(es):
- Author
- Thread