[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

Andrew wrote:
> Jan Reister schrieb:
>> Il 14/02/2008 13:36, Anon Mus ha scritto:
>>> A. Attacker obtains genuine private keys by,
>>> 1. Attacker sets up  a number of genuine tor servers
>>> 2. Attacker infects genuine tor nodes with  spyware
>> Setting up rogue (or compromised) nodes won't work for getting the 
>> directory authority private keys. That makes the rest of your 
>> assumption empty. As Roger pointed out:
> Plus, it is well known that tor has only limited usefulness against
> attacker of the size you just invented.
> Such an attacker would have much easier ways to break tor's security.

> Those were noted and discussed, but frankly, it's just like a safe: 
> you can reinforce it all you want, but in the end, if someone with an

> (almost) unlimited budget wants to break it, it can be done.
> The point of the reinforcement (-> tor) is to make breaking it 
> *harder*, not impossible.
> Andrew
Hello Andrew,

Well actually - I didn't invent this attacker, I just filled in the
of how this attacker works his magic.

As for the size of this so called attacker.

1. All western nato nations have the capability and the cost is in the
region of 10's of thousands of dollars.
2. Most ISP's/telco's could afford to launch this attack.
3. Any large criminal/political/religious/racial/social group could
most likely afford to organize this attack.
4. A group of dedicated hackers most likely could also

Some of these attackers would have to illegally divert the targets
telco connection but thats not a big deal. You only need a friendly
telco engineer for that.

I remember back in 2001 a telco engineer telling me just how much porn
traffic he saw coming through his telco servers when he was on duty!

The reason for the low cost of this attack, is that the tor source code
is out there for all to use.
The attacker only has to run a small tor servers (modified as required)
instance array and "Glue" it all together with a network simulation
engine. The rest of the network connection would be allowed to genuine
tor nodes (but would time-out/fail so you are only able to use the fake
network). You could run it on a single core-duo with ease.

Cheap as chips!

So most nato governments could do this as a small, low budget, research
project. And its truely frightening how many others could afford to as

Why did you exaggerate over the cost?


Never miss a thing.  Make Yahoo your home page.