[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor compromised?


I'm all for security research and finding vulnerabilities, in Tor and otherwise. Attacks that enumerate bridges are of particular interest. However, the actual IPs discovered have no publication value. Releasing them is just irresponsible. In order to receive credit, he just needs to publish the attack, which would also be more helpful to us because then we could fix it. I don't really understand this guy's motivation for behaving in this way if he's an actual security researcher.

On Thu, Oct 13, 2011 at 11:49 AM, Dave Jevans <djevans@xxxxxxxxxxx> wrote:
I went to French bilingual school through high school.  its rusty, but here's additional info:

He mapped TOR bridges and included them in the attack vector.  These IPs will be published in November.   He claims that 30% of entry nodes and bridges run Windows and are subject to privilege escalation, hence takeover or "reduction in security" of the first 2 layers of encryption (via memory inspection and tampering, as has already been discussed).

No claims about exit nodes.





On Oct 13, 2011, at 9:28 AM, "Roger Dingledine" <arma@xxxxxxx> wrote:

> On Thu, Oct 13, 2011 at 08:59:35AM -0400, andrew@xxxxxxxxxxxxxx wrote:
>> it sounds like they wrote malware to watch the ram
>> in a MS Windows relay and exploit MS Windows weaknesses to read some
>> crypto keys.
>
> Also, keep an eye out for claims like "25% of the Tor relays runs
> Windows, so if I can break into all relays on Windows, I'll own 25%
> of the Tor network."
>
> Tor clients load-balance over relays based on the relay capacity,
> so the statement should really be about how much of the *capacity*
> of the Tor network is on Windows. That's a bit messier to calculate,
> but I bet it's nowhere near 25%.
>
> I don't mean to say that being able to break into, say, 3% of the Tor
> network is irrelevant -- but if claims like this do eventually emerge,
> it would show that either he doesn't understand the Tor design, or he
> has no interest in letting facts get in the way of his claims.
>
> More broadly, this just looks like another case of a guy who wants to
> get publicity and have everybody think he's amazing, and the best way
> he knows how to do that is to wait until the last possible moment before
> anybody can learn what his claims are.
>
> --Roger
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk