Re: [tor-relays] attacks from problematic tor exit relays

Subject: Re: [tor-relays] attacks from problematic tor exit relays

From: Amadeus Ramazotti <cryptoquantumhammer@xxxxxxxxx>

Date: Thu, 31 Dec 2020 15:43:35 +0100

Delivery-date: Fri, 01 Jan 2021 01:30:38 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:date:subject:message-id :references:in-reply-to:to; bh=zrnlfhBHtkAT0yMwb009pWy0NIRqDH4y3rYfMBA0jYk=; b=j/TSMhGrdp4YWsawTj5YnXZAAfMjUOnaas5sCleL8wUWK4tvf60K1qBuysfydEmg/A JPDeYI6J3a9KNcbqugMHbcPHcVP1Lg+ThbxZ0ExRS9tVGkxa1Of1W/ypOd4MeDP8qyj5 lwPqLfAbznEJbC379HfJo3fHoTk/K72jbnfnZK5WszNlNgEsU0z+R+rX+fkyR98cOCtC ndBQRuqixIgI27RoWUFwb679ldfzyb4MCIxIb86hAbBlV1b6MAZBdNFgAsdVd+kEZg9N ZcQ4C6E16ZnpOS1hIZg0jXTQpG9gioL0h8R1G6NocejAKeSSUwPXP5IsZYU5qLqanCng iIbQ==

In-reply-to: <20201224221044.2A63B542A3@exit1-us.msgsafe.io>

List-archive: <http://lists.torproject.org/pipermail/tor-relays/>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

References: <20201224221044.2A63B542A3@exit1-us.msgsafe.io>

Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

hey,

there is a decent amount of academic research papers on this very question.

If I remember correctly the tor project homepage does offer some resources.

Some of these papers are quite technical, but even as a non infosec professional I was able to get the basic concept most of the times.

greets

On 24 Dec 2020, at 11:10 PM, BRBfGWMz <brbfgwmz@concealed.company> wrote:

I am trying to guess what kind of target attacks are possible through problematic relays.

Suppose the network relay is controlled by the enemy.

How do they determine the original IP address of the outbound traffic? Correlation attacks are possible, but they seem very difficult and probably require a lot of resources. Also, changing the route stops this.

If I assume that they determine what traffic flow is mine, and that I always use the same route, what attacks are possible? Are there any good posts or videos?

--
Sent using MsgSafe.io's Free Plan

Private, encrypted, online communication

For everyone. www.msgsafe.io

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays