Spying On Tor

← Back to Stories (view on slashdot.org)

Posted by CmdrTaco on Wednesday November 21, 2007 @04:23AM from the shocked-and-apalled-and-totally-not-surprised dept.

juct writes "The long-standing suspicion that the anonymizing network TOR is abused to catch sensitive data by Chinese, Russian, and American government agencies as well as hacking groups gets new support. Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."

8 of 198 comments (clear)

Team Furry? by Odiumjunkie · 2007-11-21 04:32 · Score: 3, Funny

> Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols.

Are they worried that the Chinese will intercept pictures of them dressed like this?
Whew. by Anonymous Coward · 2007-11-21 04:34 · Score: 1, Funny

It's good to know the furry community is keeping us abreast of these security concerns.
Re:Conclusion: by s20451 · 2007-11-21 05:00 · Score: 5, Funny

Tor is so easy to abuse (if you run a tor server) it's not even funny. Just take a look at the code, it's trivial to hack. It's funny how much of the OSS community are proverbial sheeple, believing that since it's open source, it must be secure.

It's for exactly this reason that Tor should adopt AGPL. That way, if the Chinese government ran a hacked Tor server, they would have to release the source code as well and the hack would be obvious.

--
Toronto-area transit rider? Rate your ride.
Re:Please help us improve our documentation. by Rob+T+Firefly · 2007-11-21 05:11 · Score: 5, Funny

If you find a reliable way to make end-users RTFM, please let us know.

--
Slashdot Burying Stories About Slashdot Media Owned
Re:You Can't Sue China by Jason+Earl · 2007-11-21 05:42 · Score: 2, Funny

with a userid that low, you'd think you would be able to identify a joke when you see one by now.

It just goes to show that age does not necessarily bring enlightenment. Thanks for the heads up :).
Re:Conclusion: by Anonymous Coward · 2007-11-21 06:26 · Score: 5, Funny

It's for exactly this reason that Tor should adopt AGPL. That way, if the Chinese government ran a hacked Tor server, they would have to release the source code as well and the hack would be obvious.

The problem is, a couple hours after suing the Chinese, you want to sue them again.
Re:You Can't Sue China by Anonymous Coward · 2007-11-21 06:45 · Score: 2, Funny

Not with that attitude
Re:Please help us improve our documentation. by Alsee · 2007-11-21 14:17 · Score: 2, Funny

If you find a reliable way to make end-users RTFM, please let us know.

Have you tried waterboarding?

-

--
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.