Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spying On Tor

Posted by CmdrTaco on from the shocked-and-apalled-and-totally-not-surprised dept.

juct writes "The long-standing suspicion that the anonymizing network TOR is abused to catch sensitive data by Chinese, Russian, and American government agencies as well as hacking groups gets new support. Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."

3 of 198 comments (clear)

  1. Please help us improve our documentation. by Nick+Mathewson · · Score: 5, Informative

    Hi all. I'm one of the Tor authors.

    We're trying very hard to get out the message that you should always use encrypted protocols over Tor, if you're doing anything even slightly sensitive.

    Right now, we do this in our documentation, and in a list of warnings on our download page. But obviously, this isn't good enough, since some of the commenters here seem to be surprised at finding it out.

    Does anybody have good ideas about how to get the word out better?

    (As for the SSL MITM thing: we've run into situations like this one before. Usually, it turns out that the exit node isn't doing the MITM itself, but is getting MITMd itself by its upstream. This happens depressingly often in some countries, and in some dormitories. I've dropped a line to the directory authority operators Mike Perry (the guy who maintains the Torbutton firefox plugin) has been working on an automated detection tool for this stuff. It would be great if somebody with programming chops would step up and give him a hand.)

  2. Tor gives you anonymity by arevos · · Score: 5, Informative

    Tor gives you pretty robust anonymity, it just doesn't provide privacy.

  3. Re:Conclusion: by Kadin2048 · · Score: 5, Informative

    Tor is so easy to abuse (if you run a tor server) it's not even funny. Just take a look at the code, it's trivial to hack. It's funny how much of the OSS community are proverbial sheeple, believing that since it's open source, it must be secure. I know I'm feeding a troll here, but I think this is an opportunity to clarify a point: Tor does one thing, and does it pretty well. It hides your IP address from the server you're connecting to. That's it.

    It's not a "plug in security" solution, and it's not meant to protect your traffic from people snooping on it in transit. If you want that, you need to use some sort of end-to-end encryption on top of Tor. (And you need to use some form of encryption that doesn't positively identify you, or else you might as well not use Tor to begin with.)

    These kind of "attacks" are trivial because they have nothing to do with Tor's actual function. They're taking advantage of user stupidity, not a design flaw.
    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."