[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
From: Seth David Schoen <schoen@xxxxxxx>
Date: Thu, 3 Jul 2014 16:58:49 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 03 Jul 2014 20:12:15 -0400
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=yuqBGxq26CRmkL5W5lxH1oSD+Vm4ZHvvABNfAC0Lsgk=; b=7UEKK/CYarCeUc8h9IhXFSMx1lrn8gACvJEdEkQUYEg6R3cNJmeLzgnqrz3KJnPPf7rynJAwu5Dwo9or9gLELySeyJ+7koLVSlLOPUeEQyjvK7xc5kRL0cidUoP0AMIEpDOXZaJoAxQ+EbHZdElc0sXzj7kD5uKh2oiTR4FNTrw=;
In-reply-to: <CACbaT3YTV045R8=TuGUb=uxE0F+3Nay25QHzv512eeCFtJXcJw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@xxxxxxxxxxxxxx> <53B5CFE6.8000102@xxxxxxxxxxxxxx> <CACbaT3YTV045R8=TuGUb=uxE0F+3Nay25QHzv512eeCFtJXcJw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

Adrian Crenshaw writes:

> Best guess, many client side and web app attacks Tor can't do much about.
> (My talk at Defcon will cover a bunch of folks that got Deanonymized, but
> in every case it was not Tor that was really broke)

The description on the Black Hat site refers "a handful of powerful
servers and a couple gigabit links" that are operated for "a couple
of months", which sounds like this involves actually running nodes and
getting the attack targets to build circuits through them.

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] BlackHat2014: Deanonymize Tor for $3000
  - From: grarpamp
- Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
  - From: krishna e bera
- Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
  - From: Adrian Crenshaw

Prev by Author: Re: [tor-talk] High-latency hidden services (was: Re: Secure Hidden Service
Next by Author: Re: [tor-talk] Questions about NSA monitoring of Tor users.
Previous by thread: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
Next by thread: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
Index(es):
- Author
- Thread