[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor compromised?

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Tor compromised?
From: Dave Jevans <djevans@xxxxxxxxxxx>
Date: Thu, 13 Oct 2011 09:49:06 -0700
Accept-language: en-US
Acceptlanguage: en-US
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 13 Oct 2011 12:49:45 -0400
In-reply-to: <20111013154055.GA5287@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4E96AFA7.3000301@xxxxxxxxx> <20111013125935.GA29343@xxxxxxxxxxxxxxxx> <20111013154055.GA5287@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
Thread-index: AcyJx+1yZo5Vgh5+Qri23LLAm3a11Q==
Thread-topic: [tor-talk] Tor compromised?

I went to French bilingual school through high school.  its rusty, but here's additional info:

He mapped TOR bridges and included them in the attack vector.  These IPs will be published in November.   He claims that 30% of entry nodes and bridges run Windows and are subject to privilege escalation, hence takeover or "reduction in security" of the first 2 layers of encryption (via memory inspection and tampering, as has already been discussed).

No claims about exit nodes. 





On Oct 13, 2011, at 9:28 AM, "Roger Dingledine" <arma@xxxxxxx> wrote:

> On Thu, Oct 13, 2011 at 08:59:35AM -0400, andrew@xxxxxxxxxxxxxx wrote:
>> it sounds like they wrote malware to watch the ram
>> in a MS Windows relay and exploit MS Windows weaknesses to read some
>> crypto keys.
> 
> Also, keep an eye out for claims like "25% of the Tor relays runs
> Windows, so if I can break into all relays on Windows, I'll own 25%
> of the Tor network."
> 
> Tor clients load-balance over relays based on the relay capacity,
> so the statement should really be about how much of the *capacity*
> of the Tor network is on Windows. That's a bit messier to calculate,
> but I bet it's nowhere near 25%.
> 
> I don't mean to say that being able to break into, say, 3% of the Tor
> network is irrelevant -- but if claims like this do eventually emerge,
> it would show that either he doesn't understand the Tor design, or he
> has no interest in letting facts get in the way of his claims.
> 
> More broadly, this just looks like another case of a guy who wants to
> get publicity and have everybody think he's amazing, and the best way
> he knows how to do that is to wait until the last possible moment before
> anybody can learn what his claims are.
> 
> --Roger
> 
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Tor compromised?
  - From: Brandon Wiley

References:
- [tor-talk] Tor compromised?
  - From: George-Lopez
- Re: [tor-talk] Tor compromised?
  - From: andrew
- Re: [tor-talk] Tor compromised?
  - From: Roger Dingledine

Prev by Author: [tor-talk] MY E-MEIL
Next by Author: Re: [tor-talk] Getting of Tor Browser
Previous by thread: Re: [tor-talk] Tor compromised?
Next by thread: Re: [tor-talk] Tor compromised?
Index(es):
- Author
- Thread