Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Communications Networking

Tor Connections To Hidden Services Could Be Easy To De-Anonymize 50

angry tapir writes with news of a report presented Friday at Hack In The Box which outlines a counterintuitive fact about Tor: Identifying users who access Tor hidden services — websites that are only accessible inside the Tor anonymity network — is easier than de-anonymizing users who use Tor to access regular Internet websites. That's because the addresses of the Hidden Service Directories (HSDirs) used to index those Tor-network-only sites, though shuffled daily, can be predicted (and hijacked) with cheap brute-force techniques. "The researchers managed to place their own nodes as the 6 HSDirs for facebookcorewwwi.onion, Facebook's official site on the Tor network, for the whole day on Thursday. They still held 4 of the 6 spots on Friday. Brute-forcing the key for each node took only 15 minutes on a MacBook Pro and running the Tor relays themselves cost US$62 on Amazon's EC2 service.
This discussion has been archived. No new comments can be posted.

Tor Connections To Hidden Services Could Be Easy To De-Anonymize

Comments Filter:
  • by Anonymous Coward

    pun intended

  • The good thing is (Score:5, Insightful)

    by gweihir ( 88907 ) on Monday June 01, 2015 @06:55AM (#49813625)

    TOR is getting a lot more research attention now. That can only make it stronger in the long run.

    • by Dunbal ( 464142 ) *

      TOR is getting a lot more research attention now. That can only make it stronger in the long run.

      Right. By that logic civil liberties have never been stronger. I mean they've been studied since ancient times.

      • by GoddersUK ( 1262110 ) on Monday June 01, 2015 @07:59AM (#49813907)
        Well no. You can code out bugs, but you can't code out thugs. The bugs in the programme can be found and fixed, but if the government doesn't want to respect our liberties then, unless we have the numbers and strength to fight back, no liberties for us.
      • Re: (Score:3, Insightful)

        by Gallefray ( 2534514 )

        Right. By that logic civil liberties have never been stronger. I mean they've been studied since ancient times.

        Yes, but civil liberties aren't open source.

      • by gl4ss ( 559668 )

        well.. globally civil liberties have never been stronger.

        in USA they were maybe stronger just for a little while in the '90s, provided that you weren't black - and don't talk about civil liberties in '60s and talk even less about them in early 1900's. like, could you imagine blackwater operating domestically? that's what you fuckers had essentially.

        • by GLMDesigns ( 2044134 ) on Monday June 01, 2015 @09:51AM (#49814661)
          Our liberties have been further and further eroded as we've stopped calling them Individual Rights. Calling them civil liberties takes away the power, the self-awareness that comes from knowing that the right of speech (as for example) comes from YOU and can only be abridged by governments. Rights do not come from governments. Governments can either acknowledge and respect individual rights or abrogate them.
          • The mantra that our liberties have been going away gradually is often repeated but not at all, or in any way, true.

            If you want to talk about domestic spying, how about:

            http://en.wikipedia.org/wiki/F... [wikipedia.org]
            http://en.wikipedia.org/wiki/P... [wikipedia.org]

            Plus, I guess you are only talking about white people, because the liberties of every other kind of people are very obviously less eroded than they were in the recent past. I think things like being allowed to marry a white person, or being allowed to buy a house is a pretty i

            • by gweihir ( 88907 )

              Seriously? Secret laws. Secret courts. Extra-legal prisons. Universal surveillance. End of the rule of law (this means the law does not get applied to the police and those in power). Universal criminality. Etc.

              Only those terminally dumb or terminally uneducated do not recognize this pattern from history.

          • by gweihir ( 88907 )

            Dishonest governments that see their primary purpose in fucking over their subjects (as the US government does), is always strongly opposed to civil liberties and tries to reduce and negate them wherever possible. These governments see the population as a threat that will fight and remove them if it realizes what is actually going on.

            The same thing is happening in most parts of the western world at the moment: Those in power have banded together against those they have sworn to serve.

      • by gweihir ( 88907 )

        Making TOR stronger needs knowledge. Making civil liberties stronger needs the power to keep those pretending to serve the people in check. I leave it to you to spot the difference between the two.

  • by Jody Bruchon ( 3404363 ) on Monday June 01, 2015 @07:04AM (#49813663)
    The simple fact that it uses "directory servers" for Tor stuff (including hidden services) means that there is centralization in the network. Centralization of control is the enemy of anonymous communications because it vastly shrinks the target surface area required to damage or intercept that communications. This is just another hole in the bottom of the anonymity boat for Tor users. A better system would publish services using the public key of a strong asymmetric encryption algorithm such that the only valid responses could be encrypted with the private key; flooding the network with bad information to turn yourself into the correct node for a given "hidden service" name simply wouldn't work.
    • by Burz ( 138833 ) on Monday June 01, 2015 @12:47PM (#49816155) Homepage Journal

      This is a primary reason why I2P (Invisible Internet Project) exists. Its much less centralized than Tor, mixes other peoples' traffic with yours by default, and over the years has typically used stronger encryption than Tor. Its just more private and secure overall.

      The people who make the TAILS distro recognize Tor's shortcomings which is why they include I2P along with Tor. I2P isn't built to outproxy to the regular web (although it can), but you do get the ability to do fully decentralized/anonymized messaging and torrents, for instance, along with hidden websites. On top of being more private than Tor, its a protocol that's meant for general purpose use.

      https://geti2p.net/en/ [geti2p.net]

      • by burbilog ( 92795 )

        This is a primary reason why I2P (Invisible Internet Project) exists. Its much less centralized than Tor, mixes other peoples' traffic with yours by default, and over the years has typically used stronger encryption than Tor. Its just more private and secure overall.

        Unfortunately it does not scale well. Some time ago Russian government created new censorship laws and popular book piracy site Flibusta responded with "trainig", turning off its regular website and leaving only Tor and I2P sites, to see how

  • I wonder if they're doing it already?

    • If they weren't before, they will be now? /cynical

      Give it a week.

    • by Noryungi ( 70322 )

      I wonder if they're doing it already?

      And how do you think they have been able to make multiple arrests in the Silk Road case? Hmmm...?

      Gee, I mean, of course, Ross Ulbricht had pretty much zero SecOps, babbling this way and that on different forums, but it's still very suspicious he and other Silk Road operators and ''customers'' got arrested so fast.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        You could read the wired piece on how they caught DPR and actually find out.

        Hint: It wasn't this.

  • If I understand correctly, this attack has a similar effect to a DNS attack : you replace a server for an address with one of your own servers instead, so that users requesting the service will be routed to you.

    While this is bad, I'm not sure how it affects anonymity in any way. Obviously, the spoofed service might try to serve some Tor vulnerability to the users to identify them, but this relies on finding an actual weakness in Tor, or in the user's setup, to identify them.

    • It most certainly DOES affect anonymity. Read the slides, which explain how to set up a correlation attack. They can become the HSDirs for specific hidden services, for a pittance, and then they can run a correlation attack since you'll be having to go through them first to get to said hidden service.

      How the fuck did this factually incorrect tripe get modded up?

      • Well, it took 10 years, but I'm done for good with this site. Thanks to you for being the last tipping impulse, I guess.

  • by mitcheli ( 894743 ) on Monday June 01, 2015 @08:44AM (#49814189)
    With every major Nation in the world trying to glean intelligence from Tor, every major law enforcement agency trying to track down child porn and drugs, and several very high profile leaks involving highly classified information that have caused extreme harm to several western countries (the US not being the only one), and with several academic professors intrigued; does it not surprise us that the protocol of Tor (to include Bridges and Hidden Services) would be analyzed and profiled to the tiniest of details to determine areas of exploitation of the protocol?
    • This is at the core of a much larger issue:

      In the beginning, computer knowledge was in the hands of an elite group who had the special attribute of simply giving a shit while the rest of us gawked at the Hula Hoop®.

      As the public came to appreciate and embrace, not only the benefits of ownership, but the magnitude of bullshit and incompetence of the computer-elite, and the public began to educate themselves regarding best practices in self defense, the playing field warped into a much more horizontal co

    • by Anonymous Coward

      FALSE, NO "extreme harm" was done to any country by the leaks, not even any bit of "harm".
      Leaks DO NOT inflict "harm".
      Leaks do one thing and one thing only, they EXPOSE your dirty laundry of SECRETS that you shouldn't be doing/acting like in the first place, and they EMBARRASS you and your shady underhanded DEALINGS in front of your peers (who in this case and topic of the leaks are SAINTS in comparison to the USA).

Technology is dominated by those who manage what they do not understand.

Working...