Slashdot Mirror
Spying On Tor
juct writes "The long-standing suspicion that the anonymizing network TOR is abused to catch sensitive data by Chinese, Russian, and American government agencies as well as hacking groups gets new support.
Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."
You have to know what you're doing to have security. I know it's getting old, but plug-in security simply does not exist.
This is what happens in a knee-jerk-reaction-based society. You point out a security flaw, instantly identifying yourself as a security threat, get thrown into jail and while your very public trial is going on, the real bad guys are utilizing the very security flaws you found to do Bad Things(TM).
Good grief.
Badgers, we don't need no stinking badgers! - UHF
I've seen ssh MITM attempts myself with tor, but this can easily be avoided by ensuring you check your fingerprints. You do check your fingerprints, don't you?
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
> Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols.
Are they worried that the Chinese will intercept pictures of them dressed like this?
and once credibility is tainted or the finger of suspicion is pointed then nobody will trust it again. as trust is like love, in that it must be built up over a period of time - but can be destroyed in an instant.
burp.
It's good to know the furry community is keeping us abreast of these security concerns.
How does anyone expect anonymity? Traffic must somewhere go through ISPs, most of which rent their upstream from large providers like AT&T, who is surely not the only large corporation to get in bed with the government or anyone else who can pay. Enough of that information loaded into a database and compared will yield information about the suspect, even if it's too complex to explain to a "jury of your peers."
If you want anonymity, SSH through a string of compromised Eastern European servers to a comfortably log-agnostic Indonesian ISP, and do all your surfing through Lynx/Links. That's the only stab at anonymity you'll get, and they'll probably just install a keylogger anyway. Freedom is slavery.
technical writing / development
Old news is better than no news... i guess. /.ers have know that TOR exit notes where being sniffed for a while now and hackers certainly much longer than that.
Windows Vista Help Forum
If you want news from today, you have to come back tomorrow.
Isn't this just pretty much a direct consequence of the nature of TOR pretty much assuming that everyone uses it the way it was intended?
Or otherwise stated, TOR is like a flock of sheep where a wolf cannot bite down on one since they're all on some sort of merry-go-round? But a wolf could simply hop on the merry-go-round and feast?
As the article has repeated, if you're interested in security it seems you really ought to apply your own encryption on top of TOR.
However, even if you do that are you truly anonymous? Is there any way to determine both ends of a conversation (either email or sessions)?
Or by using private-key encryption whenever possible. Of course neither solution means anything when you're trying to use an e-commerce site with SSL. Browsers don't offer a solution for checking the security of the connection against MitM attacks.
I find it interesting and openly malicious that encrypted protocols are blocked at some exit nodes. This may explain some intermittent problems that I've been experiencing with some of my apps that use TOR and encryption.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Perhaps the problem is that using an anonymizer makes someone a more interesting target to authorities. Like the old adage of attacking the bank because "that's where the money is," perhaps some people are attacking Tor because "that's where the secrets are."
Two wrongs don't make a right, but three lefts do.
The only problem with TOR is that it's currently mostly used for 'interresting' from an attacker's point, trafic. If TOR would be used for anything, nobody would evesdrop on the exit nodes anymore.
BTW, it's not like your ISP won't spy on you.
1. set up a data-laundering haven
2. advertise amongst the warez people and criminal element
3. let enough criminal traffic (drug trafficking info) go through to build up trust that the laundering 'really works'
4. Wait around for the stuff that is important (like nuclear codes or enemy state intel)
5. ???
6. Promoted to section chief at the invisible mansion! (Profit!)
I don't have one lick of proof to say that our friends in Maryland or their cousins in Langley set this thing up from the beginning, other than it's an obvious slam dunk for them. I don't think the NSA is monitoring certain ports, I think they own the whole thing.
davejenkins.com |
Old news I know, but this once again brings up the issue of trust. I am only familiar with the TOR protocol/Onion routing at a high level, but is it possible to somehow revamp the protocol and include a trusted node-ranking system? Think slashdot style mod points applied to a TOR server. Obvious DOS attacks exist with this method, but refined a little it may work.
Even so, I'd still try to browse using HTTPS everywhere I go. (Granted that doesn't stop people from knowing what sites you browsed...)
The idea that anonymous routers/nodes can offer your secure routing of traffic is laughable. Since most folks don't understand the difference between anonimizing traffic and securing traffic, the entire conversation is a waste of time. The observations are interesting, but they are not surprising at all.
Tor was never intended to SECURE traffic. It is an ANOMYMISER. It is designed to cope with compromised nodes and still provide military grade anonymity.
It's important to remember that security and anonymity are different things.
This is how the loudness war is killing music.
people be smart enough to setup tor, but not smart enough to use GPG/PGP/etc. ?
TOR is *not* a privacy tool in the sense it hides your message contents. It hides your route. So with Tor people know what is being sent, just not who is sending it.
It's not hard people, encrypt your traffic, then send it through TOR. OMG wow, I R SMRT!
This whole thread is quite dupeish.
"Sir, there's this anonymizing computer out there people are using."
...and this is a surprise to just who again?
"Cool, let's quitely set up computers in line with it and intercept the traffic going to and from it and correlate it with anonymized traffic going the other direction."
This and more from this month's issue of the spy quarterly, "Duh!"
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
This is a little reminder that we need a lot more users and exit nodes before TOR is reasonably safe.
This is a little reminder to encrypt your data end-to-end rather than through another network; anonymity is not security.
This is a little reminder that you really do need to check your SSL certificates.
TOR's encryption fools some into thinking it is a security model. It is not. TOR facilitates anonymous transactions using encryption internally. It eliminates the possibility of people spying on you by name, but it does not stop them from spying on "the people" (which includes you). You still need another encrypted transaction between you and your endpoint for real security.
The more exit nodes there are, the less likely a snooping entity will get ahold of your data. The more users there are, the more data those snoops need to filter through to get something meaningful (caveat: statistical analysis. workaround: encrypt data past the TOR network).
This is a call-to-arms; everybody needs to use encryption and anonymization to enable the system to work, otherwise somebody can set up a few nets and read the whole network's content, even brute-force decrypt it due to its low volume. Take a look at what Zimmerman's justification for PGP:
Use my userscript to add story images to Slashdot. There's no going back.
I can't quite see how a SSL MITM attack works. Wouldn't the SSL certificate have to be registered for use with a specific domain? Could anyone explain how this would work?
Uh, RTFA?
You can't sue China. Therefore the license doesn't matter.
Hi all. I'm one of the Tor authors.
We're trying very hard to get out the message that you should always use encrypted protocols over Tor, if you're doing anything even slightly sensitive.
Right now, we do this in our documentation, and in a list of warnings on our download page. But obviously, this isn't good enough, since some of the commenters here seem to be surprised at finding it out.
Does anybody have good ideas about how to get the word out better?
(As for the SSL MITM thing: we've run into situations like this one before. Usually, it turns out that the exit node isn't doing the MITM itself, but is getting MITMd itself by its upstream. This happens depressingly often in some countries, and in some dormitories. I've dropped a line to the directory authority operators Mike Perry (the guy who maintains the Torbutton firefox plugin) has been working on an automated detection tool for this stuff. It would be great if somebody with programming chops would step up and give him a hand.)
Tor gives you pretty robust anonymity, it just doesn't provide privacy.
governments are spying on Ext.
Is this not what that swedish hacker said?
Is this not what anyone with a basic understanding of the most basic network/TCP concepts (ports, IP addresses, connections, that sort of thing) should have realized, if they read anything about Tor? Is this not something that the Tor project should have explained in clear language for those who do NOT have a basic understanding of networking?
It's beyond "untrusted". It's a hostile network and blatantly so, if you bother to read even a basic description of it. You should assume that your traffic will be routed out a node where a person, organization, or government is passively monitoring or actively attacking your traffic.
All this (repeated) fuss demonstrates is how many incompetent network/sysadmin people there are in the world, and how few people in the press and "blogging" community understand networking. Any idiot who knows ALL of the reasons why ssh is better than telnet (ie, answers more than just "it's encrypted, so people can't see what you're typing") should be able to tell you why Tor is a hostile network...unless they're just parroting what they've read elsewhere.
Please help metamoderate.
Of course I pity the people who's only job is to spy on my boring life. If I don't have a real life, how much more pathetic is it to just watch me? Now...off to Database programming and Laundry (What I like to call "Saturday Night")!
Military grade anonymity?
What?
Sure, we all know - or think we know - what "military grade crypto" means[1], but now you're just making stuff up.
Military grade anonymity, indeed.
[1] Strong crypto managed in a Type 0 or Type 1, etc., system, where everything is kept secret, hardware and software are tightly controlled, and updates are distributed strictly out-of-band - think spies with briefcases handcuffed to their wrists.
Contrast with "commercial grade crypto", where everything but the secret/private keys themselves are known, well studied, well understood, etc., and updates are distributed in-band, though sometimes "boot strapped" using an OOB shared secret, etc.
There is the perception that "military grade" is somehow stronger than "commercial grade", but what is the basis for this perception? None of us can say, least not here.
To know - to really know - whether military grade crypto is actually any stronger than commercial grade crypto requires a degree of access which itself requires clearance at - or above - top secret, said clearance being predicated on the understanding that those with said access won't reveal what they know, on pain of prosecution.
So the people who do know cannot and will not tell.
You'll just have to take my word for it. :->
"Military grade anonymity" is nothing more than buzzspeak for "anonymity that we think is really, really OMG PONIES good, but we can't prove, what with there being a complete and total lack of mathematically sound anonymity analytics comparable to cryptanalysis, so there, nyah!"
I'm here EdgeKeep Inc.
Any router that passes your packets can be abused to spy on you and where you go. It is that simple.
...and your earlier statement that browsers have no way of checking against MITM is incredibly irresponsible. The only MITM browsers cannot warn against is where the CA is executing or cooperating in the attack.
You either trust a third-party CA, or the communicating parties setup their own keys (preferably in person). Those are the fundamental mechanics of trust when using electronic communications, and the modern browser covers them. Need to use a "joe random" CA? Just plug it into your browser preferences. Inconvenient? Too bad, ssh is no better.
As for those who bemoan government surveillance through e-commerce sites and the CAs they use: You need to seriously re-evaluate your expectations of what online merchants can and cannot do for people. Perhaps the merchant, understanding special privacy needs of their clientelle, would switch CAs (perhaps even to their own).
You either trust a third-party CA, or the communicating parties setup their own keys (preferably in person). Those are the fundamental mechanics of trust when using electronic communications, and the modern browser covers them. Need to use a "joe random" CA? Just plug it into your browser preferences. Inconvenient? Too bad, ssh is no better.
In person? Oh, really. Just what browser implements TLS-PSK today?
No, you're pretty much entirely stuck with the first choice -- blindly trusting a third-party CA which can be a single point of security failure for a large number of sites. That's the problem. E-commerce requires trust where none should be assumed, especially in the case of a network like TOR that funnels all traffic into a handful of potentially compromised exit nodes.
There is no perfect technical solution for the problem when using PKI.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Isn't Tor open source?
Then, if some security issue is found, all you need to do is fix it!
I am quite surprise about this news too... I thought Tor was safe...
Now, how can I do my evil surfings from now on????
...and trust isn't required with this anonymity vehicle.
The privacy layer you supply yourself, and that requires the usual crypto-facilitated trust. As the Tor people often remind us, there is no way around that fundamental requirement.
So the question is really, do you trust Certificate Authorities pre-loaded in your browser? And if not, what steps are you and the party you're connecting with going to take to swap private keys?
Also bear in mind that many connections need only anonymity and not privacy, if you don't want to be seen browsing certain websites that are viewable by anyone, for instance. In that case, using Tor while regularly flushing your browser's cookies and cache will do the trick.
Privacy becomes necessary when either you or the second party are transmitting data that no one else should see at all, or that no one else should see in the context of anonymity (like your name or other identifying info). Think!
The "Swedish hacker" didn't show anything new. This is how Tor is designed, ie it will not solve all of your security problems. It isn't going to give you end-to-end encryption. Your ISP can read your email. With Tor, exit nodes can read your email. Unencrypted network traffic is not secret people. Get over it. This has got to be at least the third Slashdot article pointing this out. Tor nodes have been MITM'ing certs for at least a couple years now as well. This is why your browser pops up a warning.
1. If you are not aware of any classified scheme above TS, then how will you know such information is actually classified if you come across it. Like if I were to stumble across a folder that had a classification stamp of "ULTRA SENSITIVE QUARANTINED" I would not have any qualms discussing the contents if I so chose because I would assume the documents to be fake or otherwise not associated with the gov since that is not an official gov classification scheme.
2. If I were indeed to disclose such information how would I be prosecuted? There are no laws against disclosing ULTRA SENSITIVE QUARANTINED information, so I don't see how a case could be made. Unless of course the laws themselves were secret and a court were to rule that you could be punished even though the law was unknowable to you. But lets not even go there.
1. Send your communications traffic over a publicly-accessible carrier (the Internet).
2. Attempt to make your communications secure, inviting interest from third parties.
3. Trust others you do not know to particpate in your security.
4. Feign surprise that your communications have been intercepted, analysed and decoded.
5. Blather. Rinse. Repeat.
While Tor is obviously vulnerable to a variety of attacks, I'm left to question if this is as much an attempt to discredit it as anything else? With no comparable alternative, taking down Tor would be a coup for most governments and spy agencies. Weigh that against the value they currently derive from monitoring, or even owning and controlling, exit points, and question which one benefits them more in the long run.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I thought TOR was mostly to hide your identity, not the data.
FreeNet is more about hiding the data.
---- Booth was a patriot ----
If you're worried about this kind of problem with TOR, I'd like to point you to JonDos, the "sister project" of TOR. It uses similar technology (Chaum's Mixes, multiple proxies with encrypted communication between them), but unlike TOR you know exactly which servers your connection uses, and who runs them. You still have to trust the exit node, but you know which server IS your exit node, and who to bust if its operator should spy on you. Disclaimer: It used to be a research project called AN.ON, with the client called JAP. Now run as a commercial company called JonDos, of which I am one of the main developers.
'cos he or she is right on.
I've never seen that much of a use for TOR's exit nodes. If you're going to set up secret/private communications, keep it within TOR via hidden services routed by .onion addresses. That way, TOR becomes both your anonymity and encryption layers, for both sides.
Laws do not persuade just because they threaten. --Seneca
On the other hand, SSH host keys are signed by nobody; there's no infrastructure in place to allow, for example, your sysadmin to sign SSH host keys using his own PGP mail keys, which you trust via the web-of-trust in place for that. No, you have to maintain your PGP keys and SSH keys separately, for no damned good reason, and we all just hope and pray that our SSH sessions aren't being jacked the first time we connect--and if we are jacked, we blame ourselves rather than the system that makes such stupidity practically mandatory. It's utter insanity, and it's amazing that we all put up with it.
(There was once a project to add GPG support to OpenSSH, but it seems to be moribund.)
Laws do not persuade just because they threaten. --Seneca
Just a word in Egerstad's defense: he tried to get some attention for the leaks he found, but no one (except Iran) seemed to be interested -- so he published a sampling, about 10% of his observations. Then people got excited.
This pattern is a familiar dilemma for security researchers: you say, "there is a problem" and no one responds. You demonstrate the problem and you get in trouble. Quite the Kobayashi Maru.
$META_SIG_JOKE