Unprecedented Spike In TOR .Onion Nodes (profwoodward.org)
57
Martin S. writes: The Tor project is reporting an unprecedented rise in unique .Onion nodes, rising from around 40k to 60k in just a few days, says security researcher Professor Woodward. I wonder is this could possible be related to Shari Steel plan to push Tor mainstream, as reported on /. a few days ago.
Duh (Score:5, Insightful)
More FBI nodes to more easily de-anonymize the network.
Re: (Score:3)
More FBI nodes to more easily de-anonymize the network.
My first thought. That's half as many added in a few days - something's fishy.
Re: (Score:2)
Standard paranoia and standard cluelessness: .onion-nodes do not help for that at all.
Re: (Score:3, Interesting)
That's how I understand it but I too am not an expert. I also understand that it's most important when you leave the .onion domains and enter the "clearnet." (When using it as a proxy, for example.) I guess if someone can see enough of the internet at one time then they can also use traffic shaping and timing to single out a user. So long as you remain on the .onion networks you are reasonably safe - some say completely safe.
Now, safe means that you are safe technically. It does not mean you're safe otherwi
Re: (Score:2)
Damn that Slashdot formatting. It appears to have removed your citation. Think you could post it again?
Re:Smells like Government plan to me... (Score:4, Informative)
These are hidden servers, not entry- or exit-points.
Re: (Score:2)
They aren't hidden from whoever controls them.
Re: (Score:2)
You misunderstand. "Hidden Server" is a technical term for a specific configuration of a TOR-server, as is "exit node" and "entry node". These are three different classes of TOR network elements and they do not overlap.
Sites, not nodes (Score:5, Informative)
The number of hidden services (.onion sites) has increased, not the number of exit or relay nodes.
Personally, I don't see 20k more hidden services as a big number: I'm surprised there are so few total (60k). Tor hidden services are a great way to run a server with a dynamic IP address and solve NAT and fire wall issues all at once for free when trying to run a personal server. It also solves several other problems people generally care less about (hides your IP to prevent traffic DDOS attacks, and protects your identity), provides an easy mechanism to have multiple servers serving the same address for redundancy, provide end to end encryption (if the client is also using tor) and makes your service more accessible to clients using TOR (they don't have to go through an exit node).
Tor hidden services are great for low-bandwidth latency tolerant random services you might want to serve off your laptop or phone from time to time. I found it easier to setup most alternatives for solving any one of these issues: I set up a tor hidden service on the first try with no issues. It was easier than getting my dynamic DNS working, and also easier than forwarding a port through my router. (You can host a tor hidden service without port forwarding since all the connections the server makes are actually outward to the poxy nodes).
Really I think the only big issue with them is the latency, and lack of IPv6 support. On that note, I recently had an IPv4 outage for a while and it was interesting to see what worked on IPv6 only.
Re:Sites, not nodes (Score:4, Interesting)
How does the Tor swarm work anyway when most people don't have open ports for listening? Btw I'm posting this from Tor, kudos to Slashdot for allowing it when most sites are a PITA to use from Tor.
Re: (Score:2, Funny)
Unfortunately they'll have to turn it off again if APK ever figures out how to use Tor.
Re: (Score:2, Informative)
As with any TCP/IP connection, only one side of each connection needs to be listening. In the case of TOR, the user doesn't need any open ports, only the relays need to have open ports. The major misunderstanding I've seen of TOR (especially recently) is that it isn't a "swarm" in the sense that not every user is a relay and even less are exits, you have to specifically enable those settings.
Re: (Score:1)
Hmm, I think Retroshare is even better for a personal server. Retroshare will even reconnect to mobile computers.
BBC also reporting this now (Score:3)
Tor: 'Mystery' spike in hidden addresses [bbc.co.uk]
Re: (Score:2)
Only if the community is also allowed to wiki-edit AC comments.
Encryption trojans (Score:5, Interesting)
There's a recent spike in encryption trojans, too. The recovery-keys are provided through TOR.
e.g.
http://1.f.ix.de/scale/geometry/695/q75/imgs/18/1/7/5/3/8/0/5/locky-desktop-9dc10fc8250d6db0.png
Looks like its generating specific servers to get the keys from for every victim.
Re: (Score:3, Interesting)
Yes, i have seen this trojan twice last week, in different company, sure that the increase of tor's nodes come from that.
Re: Encryption trojans (Score:1)
Yes, Dr. Woodward did mention the Locky ransomware in his blog post. He also mentioned on Twitter that these new onions also seem to have started shutting down shortly after the media buzz revealed it. Funny that...
Re: (Score:2)
Meanwhile, IBM announced . . . (Score:5, Funny)
. . . that they sold and delivered a 20K server to the NSA . . .
Potentially caused by IM application (Score:5, Informative)
According to TFA (yes, I know, I am not supposed to read it) this could be caused by the anonymous messaging application Ricochet [ricochet.im] which apparently creates a hidden service for each user.
Would have expected that that information was mentioned in the summary.
Re: (Score:2)
Sceptical old me (Score:4, Interesting)
Re: (Score:2)
A /. summary with no typos would probably violate some fundamental property of the universe, so that cannot happen, or if it did, the consequences would be dire. Deal with it.
Isolating Tor for privacy (Score:2)
https://www.whonix.org/wiki/Ab... [whonix.org]
This is probably the safest way to use Tor.
Big brother (Score:2)