Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Communications Encryption Networking Privacy IT

Tor Network May Be Attacked, Says Project Leader 86

Earthquake Retrofit writes The Register is reporting that the Tor Project has warned that its network – used to mask peoples' identities on the internet – may be knocked offline in the coming days. In a Tor blog post, project leader Roger 'arma' Dingledine said an unnamed group may seize Tor's directory authority servers before the end of next week. These servers distribute the official lists of relays in the network, which are the systems that route users' traffic around the world to obfuscate their internet connections' public IP addresses.
This discussion has been archived. No new comments can be posted.

Tor Network May Be Attacked, Says Project Leader

Comments Filter:
  • by Anonymous Coward on Saturday December 20, 2014 @05:41AM (#48640655)

    Long time Tor user, and was never aware of these 9 directory servers. This seems like an extremely weak link in the chain, esp. since 6 of these servers are in the US.

    The Tor project promotes running relays, etc., but never a specific DS. Is this something the standard Tor client can do? Can anyone setup a Tor DS? Why has this never really been talked about until now??

    • by ihtoit ( 3393327 ) on Saturday December 20, 2014 @06:14AM (#48640753)

      while using the World Wide Web, are you consciously aware of the thirteen root DNS nameservers?

      No? So, why worry about the nine Tor servers which do pretty much the same thing - directing traffic so you get your fix of whatever?

      The reason is, because these things are transparent to the client - you don't know they're there, all you know is that some endpoint protocol is making shit work, but to do that requires direction, which it gets from one of several servers which all agree on the basic structure of the (extremely fluid) network. Without those services, the network is a: chaotic and b: lost.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        No, that makes perfect sense -- I just don't recall ever hearing about these particular servers before. I raise this question because I'd bet there'd be more ppl. willing to host the Tor directory servers if they knew of their existence and this particular (perceived?) vulnerability.

        Is this something more specialized than running an exit node or a relay? Specifically, can the standard Tor client host a DS? If so, there is zero information on this aspect of the client provided by the documention by the To

        • by ihtoit ( 3393327 ) on Saturday December 20, 2014 @06:39AM (#48640793)

          well, yes, because the directory servers have a realtime index of active exit nodes. They hold no actual content, but what they do hold is really not very much in the way of payload (would probably fill a floppy disk); the killer is in the number of concurrent interrogations and the prerequisite bandwidth which would put it out of reach of an individual. All you'd need to do to bring the network to its knees is locate each directory server by IP, find a DOS vulnerability and exploit it. Same for any network with any sort of active directory service.

          (knowing this because I built a distributed database that was vulnerable to precisely one thing: the loss (even momentarily) of the directory server. Killed it dead, and rebuilding/resynching it was a fucking nightmare. Having a failover for that one service would've saved a LOT of headaches but I'd already killed my budget).

        • by Anonymous Coward

          I raise this question because I'd bet there'd be more ppl. willing to host the Tor directory servers if they knew of their existence and this particular (perceived?) vulnerability.

          The DS are essentially the root level of 'trust', you don't want random people able to run them. The TOR client is hardcoded to only trust specific Directory Servers, so if they end up being compromised the Tor project can release a new update to switch to different servers.
          The risk of having them compromised is it would allow the controller to be able to do things such as only list nodes/relays under the control of a hostile entity.

          Put simply, the DS are what define the Tor network. Control of them would l

      • by Anonymous Coward

        I expect TOR to be down just long enough for an interested Government power to add the backdoor it needs to enforce criminal activity.

        It may be time for a replacement for Tor after it is compromised.

      • They are not thirteen servers, they are thirteen clusters of servers. And they are better distributed over nations than Tor's DS's. Oh, and alternatives exist. Oh, and TOR is there only for the good people and therefore an easy target. DNS is also used by the bad guys (the governments) and therefore not an obvious target.

    • by Cito ( 1725214 )

      Without Tor however will we add to our R@ygold collections? :-P

    • I don't think the FBI would give a shit about Tor. If they want to find your identity bad enough, they'll do so via extralegal means, mainly because they can. See the ongoing silk road case, where the DOJ has yet to show how exactly they physically identified its owner and its server locations.

      The only organizations powerful enough with enough motive to take out Tor would have to be either Russia or China. China especially because Tor is perhaps the biggest means of circumventing the GFW, and unlike the FBI

      • One of the articles mentions a disgruntled employee against whom a hit had been taken out. Want to bet he ran to the feds because he was scared and ratted on the silk road. I don't attribute any mystical hacking of TOR to the FBI, someone came forward and spilled the beans. The reason the FBI are keeping it quiet is that in this way it seems that the FBI can track you regardless of what you are doing. If they are planning on taking out the main TOR network it's for the precise reason that they CAN'T tra
      • by Taco Cowboy ( 5327 ) on Saturday December 20, 2014 @06:56AM (#48640829) Journal

        ... See the ongoing silk road case, where the DOJ has yet to show how exactly they physically identified its owner and its server locations

        TOR is a HONEY POT that enjoys a successful deployment beyond anyone's expectation !

        It is not China nor Russia who came up with TOR, it was Uncle Sam which is the entity who funded the TOR project

        TOR has several uses for USA ---

        1. As you mentioned, to offer dissents within Russia / China or any other dictatorial nation a way to sneak out of the watchful eyes of their respective ruling regime

        2. TOR also offers a false sense of security to those who wanted to do something not-so-legal, and in that way, "fish" them out from the real DARK NET and land them inside TOR while Uncle Sam gets to watch their every single fucking move

        The highlighted quote above in itself has explained all --- that Uncle Sam knows everything that happens within the TOR domains, including the identity of those involved

        • Mod parent up! Whoever modded this comment down either hasn't investigated the matter, or sympathizes with those whose goal is the total destruction of privacy for average citizens.

          • by Anonymous Coward on Saturday December 20, 2014 @09:58AM (#48641271)

            Mod parent up! Whoever modded this comment down either hasn't investigated the matter, or sympathizes with those whose goal is the total destruction of privacy for average citizens.

            I'm pretty sure at this point that Taco Cowboy's posts start off at -1 due to his reputation score.

            In regards to his claims, the Tor software is open source and you can look at it yourself if you want to look for any backdoors. Put simply, in order to 'compromise' the network an attacker needs to control a significant number of Nodes, or have some method of forcing traffic to use nodes they control. These are known weaknesses and are published by the Tor Project. IF a 3 letter agency really was behind the whole thing, they wouldn't tell people any of that, and they would already control the Directory Servers themselves so that they could manipulate the network behavior.

            tl;dr - Taco Cowboy is a resident nutter who likes to talk a lot of shit with nothing to back it up.

        • by Charliemopps ( 1157495 ) on Saturday December 20, 2014 @08:37AM (#48641007)

          You could be right, but given TOR's design, it doesn't even matter if the feds wrote it, they still couldn't figure out your identity. The feds would have to own all the nodes in the network, which is possible... but if they did own all the nodes, it wouldn't really matter if they wrote it or not now would it?

          All that said... there are easier ways to hide your identity on the internet.

          • They don't need to own the nodes. They need to know their uplink and/or upstream provider. And I bet they do on a fucking large scale.
          • by Raenex ( 947668 )

            Tor Stinks... But it Could be Worse

            • Critical mass of targets use Tor. Scaring them away from Tor might be counterproductive.
            • We can increase our success rate and provide more client IPs for individual Tor users.
            • Will never get 100% but we don't need to provide true IPs for every target every time they use Tor.

            http://www.theguardian.com/wor... [theguardian.com]

            Seems the NSA doesn't want targets to move away from Tor because they have some success and are confident of gaining more. They don't need to own all the nodes. It's a doc

        • by Kjella ( 173770 ) on Saturday December 20, 2014 @09:07AM (#48641095) Homepage

          You do realize that most "darknets" are built on a "bust one, bust all" model? Pretty much the only security is that the bad guys aren't in your darknet, they've never reached a popularity where there's any plausible deniability. The only other people likely to be in your darknet are the other members of your terrorist cell or whatever you're part of, it has never offered anything for "normal people" for you to hide in. And darknets have actually been used as honeypots, to make clueless people give away their IP to join a private group which turns out to be a sting. It is pretty much the exact opposite of anonymity, it's joining a conspiracy and you're at the mercy of the stupidity of everyone in it.

          TOR is trying for something entirely different, which is to keep everyone at arm's length from each other. I talk to you over TOR, you get busted well tough shit they still can't find me. The users don't know the server, the server doesn't know the users. Of course by adding that glue in between you run the risk of the man in the middle working out who both ends of the connection are, but that's the trade-off. TOR is trying to do something extremely hard, it tries to offer low latency - easy to make timing attacks, arbitrary data sizes - easy to make traffic correlation attacks and interactive access - easy to manipulate services into giving responses, accessible to everyone and presumably with poison nodes in the mix. It's trying to do something so hard that you should probably assume it's not possible, not because they have any special inside access.

          I actually did look at trying to do better, it was not entirely unlike Freenet done smarter only with onion routing instead of relying on statistical noise. It wouldn't try to be interactive so you could use mixmaster-style systems to avoid timing attacks and (semi-)fixed data block sizes to avoid many correlation attempts but I never felt I got the bad node issue solved well. TOR picks guard nodes, but it only makes you bet on a few horses instead of many. It was still too easy to isolate one node from the rest of the network and have it only talk to bad nodes, at which point any tricks you can play is moot because they see all your traffic. Even a small fraction of the nodes could do that on a catch-and-release basis and I never found any good countermeasures.

        • It is not China nor Russia who came up with TOR, it was Uncle Sam which is the entity who funded the TOR project

          Guess what else they funded? The Internet.

      • I have it on good authority that the FBI give plenty of shits about Tor.

    • by Anonymous Coward
      There is no such agency that share these initials.
      • by ihtoit ( 3393327 )

        I said group, you said agency.

        • yes. No such agency that has compromised Tor already.
          • I thought it was their project.

            • by ihtoit ( 3393327 )

              no, but they did use just 35 lines of code to compromise it in 2012, during the Operation Torpedo dragnet in which they managed to identify arrest and charge 25 US citizens on their IP addresses* and an undisclosed number of foreigners overseas on international arrest warrants (and slightly less legal means) on child sexual exploitation.

              *I don't have the link handy, but I do seem to remember a bunch of John Doe claims by the **AA (or maybe it was the BPI) being thrown out because the respondents were identi

          • by ihtoit ( 3393327 )

            you don't know that. I don't know for certain that it has. Only they know for sure, and they're not about to tell. When they claim to have information that could only be gained by compromising the network or through seizure of the hardware, then we'll know.

            Lesson for today: if you don't want information to end up in the hands of those who you don't want having it, airgap it. DO NOT expose it to a network. Whatever you post on a public network, on whatever forum using whatever protocol or encryption or other

  • by Anonymous Coward

    I'm not really sure I understand why people use Tor. Its aim seems to be to make tracing Internet usage a little harder, but it's pretty much safe to assume that governments are running a significant proportion of the nodes, and traffic analysis can determine the rest. Stupid design decisions like having a single point of failure in the form of a centrally maintained list of nodes suggest that the whole thing had an expiry date waiting to be announced.

  • by ThePhilips ( 752041 ) on Saturday December 20, 2014 @06:42AM (#48640797) Homepage Journal

    That coming on the heels of the decentralized web solution coming from BitTorrent, Inc. [cryptocoinsnews.com]

    Pretty exciting times.

  • Major takedown of sites by *** agencies - they did traffic analysis attack and hacked poorly set up Tor servers, if I recall.
  • So allegedly the rumor is that the FBI is taking down part of the network to try and somehow catch and/or prove the North Koreans were behind the hack on Sony. I don't know how true that is. Seems like it wouldn't matter if we had proof or not. That puffy doughboy piece of shit running North Korea is a perpetual liar and we can't possibly like him less nor with the US do anything about it in either case.

Trap full -- please empty.

Working...