[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service

To: undisclosed-recipients: ;
Subject: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 02 Feb 2020 11:24:58 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 02 Feb 2020 06:25:08 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#33129: Tor node that is not part of the consensus should not be used as rendezvous
point with the onion service
----------------------------+--------------------------
 Reporter:  cypherpunks     |          Owner:  (none)
     Type:  defect          |         Status:  new
 Priority:  Very High       |      Component:  Core Tor
  Version:                  |       Severity:  Critical
 Keywords:  onion services  |  Actual Points:
Parent ID:                  |         Points:
 Reviewer:                  |        Sponsor:
----------------------------+--------------------------
 According to this article attacker is able to to chose a server that is
 running Tor but is not part of the Tor network as an rendezvous point with
 the onion service so that he can discover in to which family onion
 service`s guard node belongs and than use that information to ddos Tor
 nodes in that family so that onion service drops that guard node and
 instead chose his Tor node as a guard node.

 https://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-
 Tor-Circuits.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33129>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #30986 [Circumvention]: Understand the "long tail" of unclassifiable network traffic
Next by Author: Re: [tor-bugs] #30317 [Circumvention/BridgeDB]: Update howto on https://bridges.torproject.org/ to take mobile Tor Browser into account
Previous by thread: Re: [tor-bugs] #33128 [Applications/Orbot]: Orbot is stuck on "starting"
Next by thread: Re: [tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service
Index(es):
- Author
- Thread