[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor nodes blocked by e-gold
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Tor nodes blocked by e-gold
- From: "Hans S." <toronall@xxxxxxxxxxxxx>
- Date: Wed, 2 May 2007 05:05:13 -0400
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Wed, 02 May 2007 05:06:15 -0400
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=N1-0105; d=Safe-mail.net; b=svRTQvvTcuEk6ePB7f1Fb5ovG9lzQSOi44iuHvLXoixVBmWwn08rQDhlKCVC1ze0 5bkXw1bEEj375J6dHMEzIIKTK44+i3ToHPECI11/rJZwu/CACoWndFAFOYjRPIiI UDEI5Q8Wrw9J+AN/CEfvEEwBO8+x6jR0exS24hRGW1I=;
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Somehow I do not believe this thing, because I assume it to be an unlikely
decision for a site with commercial interests to block a range like whole /16 subnets (if you want to block the changing addresses of dial up exit nodes) or a multitude of them from accessing their site. Unless forced to.
Not only, as repeatedly mentioned by the Tor developers and others, is it pretty easy to block access originating from Tor nodes to a server by the the servers' operators.
Also an adversary with much power might block a particular server of interest (like e-gold) ONLY for Tor nodes without knowledge of the servers'
operators, maybe only necessary for those with distance 9 or higher, but permits access for the rest of the world.
It should then be trivial to analyze the servers' traffic.
Call it an attack to anonymity software via social hacking, aiming at creating panic under those who believe their assets are about to be lost.
Someone in this "panic" situation just might unfold his identity by trying to save his money/assets. And bingo...
Now not every Toruser is a mad computer scientist or cares about things like referrers, user-agents, javascript, flashy blinky animations or else ("I rarely eat cookies when I use my computer").
So a machine accessing the blocked server "naked" might be recognized as the one doing this and that before with Tor, but this time with the real IP.
Further on, this machine could later be identified even if using Tor after Tornodes are unblocked again.
All the "nat" -ed machines finally can be associated with a real ID.
(Correct me if I'm wrong, especially about reading the IP
with whatsoever on "nat" -ed machines.)
For e-gold all the usual save-the-world-from-the-apocalypse
legitimation for doing anything a professionally paranoid brain might wish, are listed in the indictment against e-golds' owners, see
http://www.theregister.co.uk/2007/05/01/e-gold_indictment/
or the "real thing", also linked from the above article
http://www.usdoj.gov/opa/pr/2007/April/07_crm_301.html
and, it's for money, meaning that is generally enough reason for any prosecution.
Even if none of the accusations against e-gold might succeed, it might seriously damage or destroy this particular business, and worse, harvest data for the ever growing databases of so called "evildoers".
And has cracked Tor.
-------- Original Message --------
From: KT <listclient@xxxxxxxxx>
Apparently from: owner-or-talk@xxxxxxxxxxxxx
To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor nodes blocked by e-gold
Date: Wed, 2 May 2007 04:57:40 +0100
> On 4/27/07, force44@xxxxxxxxxxxxx <force44@xxxxxxxxxxxxx> wrote:
>
> > ...Since 24 hours, e-gold has decided to block all TOR nodes...<snip>
>
> Didn't do them much good[1], did it?
>
> [1] http://www.e-gold.com/letter3.html