Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tor - The Yin or the Yang?

Posted by Zonk on from the watch-the-shadows dept.

An anonymous reader writes "Whitedust is running a interesting article on Tor, The Onion Router project sponsored by the EFF. Tor aims to offer anonymous internet use. Once sponsored by the Naval Research Lab with support from DARPA, it is now managed by The Free Haven Project. Although Tor claims to improve safety and security, the article goes into detail on how Tor can be used as a anonymous attack platform."

11 of 139 comments (clear)

  1. anon attack platform? yup! by Lumpy · · Score: 5, Insightful

    It's already being used this way. Friends still in IRC have been fighting Tor attacks by crapflooders that require 15-20 bans to get rid of the jerk. and the IP's line up with Tor proxies.

    It's not hard to modify the client to do nasties for you. hell it can be used to attack any web forum easily without modification.

    unfortunately the kiddies discovered it useful for attacking already.

    --
    Do not look at laser with remaining good eye.
    1. Re:anon attack platform? yup! by dgatwood · · Score: 4, Insightful
      This just tells us what we already knew--online forums and chat mechanisms and other similar technologies should always be designed to require registration.

      IRC is a relic from the ancient design museum, a reminder that once, when the internet was young, everyone who could run a server on the 'net could be trusted. SMTP is the same way, along with a number of other fossilized protocols. These protocols, if they are to continue to be useful in the new age of IP spoofing, dynamic IPs, and wormhole routing, need to be redesigned with a modicum of security built into them.

      Most people aren't willing to create an account with their real email address to post crapfloods. The few who do can be easily banned by email address.

      I know, I know, I'm posting on the world's biggest counterexample for my opinion. Such is life.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  2. Re:Cultural Idiots by atteSmythe · · Score: 3, Informative

    Messup is [sic] from TFA.

  3. Of course it can be abused by Brad+Mace · · Score: 5, Insightful

    For a society to be free, it MUST be possible for people to do things that are against the law. That's just how it works. If people do something illegal then you can punish them, but only an extremely facist government could hope to prevent crimes before they occur.

    1. Re:Of course it can be abused by ckimyt · · Score: 3, Informative
      For a society to be free, it MUST be possible for people to do things that are against the law. That's just how it works. If people do something illegal then you can punish them, but only an extremely facist government could hope to prevent crimes before they occur.
      But you don't just want a free society, you want a just society. When people can commit crimes anonymously, there is no punishment.

      So avoid facism, but retain your ability to punish those to actually do break the law.
      --

      Putting the sig back into +1, Insightful since 1995!
  4. RBL tor nodes? by blueskies · · Score: 4, Insightful

    If it becomes a large enough of a problem, i can see people firewalling based apon a list of tor nodes.

  5. Re:Cultural Idiots by EnronHaliburton2004 · · Score: 3, Informative

    Actually, isn't it a mistake to try to seperate the two?

    It's the "Yin and Yang", or the 'Yin-Yang' as I understand it-- two opposite pieces of the same energy, both integral and complementary to each other. They cannot be removed from the whole, or the whole is destroyed.

    Using the word 'or' actually distorts the original meaning-- 'or' imply two different pieces, the Yin OR Yang-- with we're really talking about one thing.

    Yes, this sounds pedantic, but I think it's actually an important difference.

    --
    94% of Repubs and 21% of Dems voted to renew the Patriot Act
  6. Fantastic! by Anonymous Coward · · Score: 3, Insightful

    Let's all demonize useful technology before it gets out of the gate! Next year we can all mourn the loss of Sourceforge when it's 'determined' to be a repository for terrorist software development. Oh god, won't somebody help me off of this slippery slope?!

    1. Re:Fantastic! by Jeff+DeMaagd · · Score: 3, Insightful

      Oh god, won't somebody help me off of this slippery slope?!

      Just as well. Slippery slope is a logical fallacy anyway.

  7. Re:the need by Rosco+P.+Coltrane · · Score: 4, Informative

    any good thing doesn't require you to hide behind anything.

    Well for example, it can be used by dissidents to safely express their political views, be it in the PRC, Burma or the United States...

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  8. Latency hurts, however... by nweaver · · Score: 4, Informative

    A: Tor is a documented protocol. If you really REALLY want to block Tor on your network, configure your IDS to recognise the protocol setup, and kill THAT.

    B: You can't quake through Tor. Tor only supports TCP, and it adds a fair bit of latency to boot.

    --
    Test your net with Netalyzr