[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
From: Matthew Kaufman <mkfmncom@xxxxxxxxx>
Date: Thu, 3 Jul 2014 15:28:11 -0400
Cc: cypherpunks@xxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 03 Jul 2014 15:42:15 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mZab4hgHUAw3gXikZU7x/AZIt/R63/MDywx1Y7qNCKE=; b=QHaEhDIDqK/opYcYsngiBn0lH1ZMNf7/MSfIO9l5E1mIB0fLSa7DU3RuPQmrC3ASM0 pZhuSfm661yhxEJjL7/F7SOwN0DZEMBO7T6s/8BNsQrUKjsdb7jtHN42m3J3VpEQ/Fd5 lkugbRt6M/yC5xdZ9G9PticBXlxtXdZtTbWtlM7OvErU8TJV+oO9ioYcXYvfaeVbden8 JMLh51o4qMahS4mqegta4UOXgO79NzOr66Vp5auPl/065ooOqIKnekffw2UulOhloq28 ++cPLQkjG69GXwqe8nWdnq8c2dN7voBq/RczUG7slH6OPrXN+Y2Gqw/WCCx3d3rJ2s/t tc6A==
In-reply-to: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

https://www.blackhat.com/us-14/briefings.html#you-dont-have-to-be-the-nsa-to-break-tor-deanonymizing-users-on-a-budget


On Thu, Jul 3, 2014 at 2:05 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:

> You Don't Have to be the NSA to Break Tor: Deanonymizing Users on a Budget
> Alexander Volynkin / Michael McCord
>
> [...]
> Looking for the IP address of a Tor user? Not a problem. Trying to
> uncover the location of a Hidden Service? Done. We know because we
> tested it, in the wild...
>
> In this talk, we demonstrate how the distributed nature, combined with
> newly discovered shortcomings in design and implementation of the Tor
> network, can be abused to break Tor anonymity. In our analysis, we've
> discovered that a persistent adversary with a handful of powerful
> servers and a couple gigabit links can de-anonymize hundreds of
> thousands Tor clients and thousands of hidden services within a couple
> of months. The total investment cost? Just under $3,000. During this
> talk, we will quickly cover the nature, feasibility, and limitations
> of possible attacks, and then dive into dozens of successful
> real-world de-anonymization case studies, ranging from attribution of
> botnet command and control servers, to drug-trading sites, to users of
> kiddie porn places. The presentation will conclude with lessons
> learned and our thoughts on the future of security of distributed
> anonymity networks.
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] BlackHat2014: Deanonymize Tor for $3000
  - From: grarpamp

Prev by Author: Re: [tor-talk] Why does requesting for bridges by email require a Yahoo or Gmail address?
Next by Author: Re: [tor-talk] [liberationtech] messing with XKeyScore
Previous by thread: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
Next by thread: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
Index(es):
- Author
- Thread