Tor Network May Be Attacked, Says Project Leader

Earthquake Retrofit writes The Register is reporting that the Tor Project has warned that its network – used to mask peoples' identities on the internet – may be knocked offline in the coming days. In a Tor blog post, project leader Roger 'arma' Dingledine said an unnamed group may seize Tor's directory authority servers before the end of next week. These servers distribute the official lists of relays in the network, which are the systems that route users' traffic around the world to obfuscate their internet connections' public IP addresses.

Tor directory servers

Long time Tor user, and was never aware of these 9 directory servers. This seems like an extremely weak link in the chain, esp. since 6 of these servers are in the US.

The Tor project promotes running relays, etc., but never a specific DS. Is this something the standard Tor client can do? Can anyone setup a Tor DS? Why has this never really been talked about until now??

Re:Tor directory servers

[ihtoit]

while using the World Wide Web, are you consciously aware of the thirteen root DNS nameservers?

No? So, why worry about the nine Tor servers which do pretty much the same thing - directing traffic so you get your fix of whatever?

The reason is, because these things are transparent to the client - you don't know they're there, all you know is that some endpoint protocol is making shit work, but to do that requires direction, which it gets from one of several servers which all agree on the basic structure of the (extremely fluid) network. Without those services, the network is a: chaotic and b: lost.

Re:Tor directory servers

No, that makes perfect sense -- I just don't recall ever hearing about these particular servers before. I raise this question because I'd bet there'd be more ppl. willing to host the Tor directory servers if they knew of their existence and this particular (perceived?) vulnerability.

Is this something more specialized than running an exit node or a relay? Specifically, can the standard Tor client host a DS? If so, there is zero information on this aspect of the client provided by the documention by the Tor project. Maybe something in the protocol docs, but it's not obvious in the information provided by the Tor project.

Re:Tor directory servers

[ihtoit]

well, yes, because the directory servers have a realtime index of active exit nodes. They hold no actual content, but what they do hold is really not very much in the way of payload (would probably fill a floppy disk); the killer is in the number of concurrent interrogations and the prerequisite bandwidth which would put it out of reach of an individual. All you'd need to do to bring the network to its knees is locate each directory server by IP, find a DOS vulnerability and exploit it. Same for any network with any sort of active directory service.

(knowing this because I built a distributed database that was vulnerable to precisely one thing: the loss (even momentarily) of the directory server. Killed it dead, and rebuilding/resynching it was a fucking nightmare. Having a failover for that one service would've saved a LOT of headaches but I'd already killed my budget).

Re:Tor directory servers

I expect TOR to be down just long enough for an interested Government power to add the backdoor it needs to enforce criminal activity.

It may be time for a replacement for Tor after it is compromised.

Re:Tor directory servers

I raise this question because I'd bet there'd be more ppl. willing to host the Tor directory servers if they knew of their existence and this particular (perceived?) vulnerability.

The DS are essentially the root level of 'trust', you don't want random people able to run them. The TOR client is hardcoded to only trust specific Directory Servers, so if they end up being compromised the Tor project can release a new update to switch to different servers.
The risk of having them compromised is it would allow the controller to be able to do things such as only list nodes/relays under the control of a hostile entity.

Put simply, the DS are what define the Tor network. Control of them would let you make a new Tor network. Likewise, you could distribute a modified client which trusted different DS's and essentially create an alternate Tor-based network.

Re:Tor directory servers

To be clear, there are thirteen root DNS server addresses.

Actually, that is not correct. There are 24 root DNS server addresses. You apparently have forgotten about the IPv6 addresses. There are 13 named DNS servers (a, b, c, ..., l, m.root-servers.net) servers, and while all 13 have IPv4 addresses, 11 have an IPv6 address.

It should be noted that not only anycast, but also various load balancers are in place. The number of actual servers is large, geographically distributed, and multi-homed to multiple independent providers, and in reasonably reliable data centers. While anything is possible it is highly unlikely that all of those servers, networks, and countries would disappear all at once (and that anyone is left on the planet to care).

Re:Tor directory servers

[Cito]

Without Tor however will we add to our R@ygold collections? :-P

Re:Tor directory servers

[Vlijmen+Fileer]

They are not thirteen servers, they are thirteen clusters of servers. And they are better distributed over nations than Tor's DS's. Oh, and alternatives exist. Oh, and TOR is there only for the good people and therefore an easy target. DNS is also used by the bad guys (the governments) and therefore not an obvious target.

would this unnamed group share its initials with

[ihtoit]

Flowers
By
Irene
?

Centralised?

I'm not really sure I understand why people use Tor. Its aim seems to be to make tracing Internet usage a little harder, but it's pretty much safe to assume that governments are running a significant proportion of the nodes, and traffic analysis can determine the rest. Stupid design decisions like having a single point of failure in the form of a centrally maintained list of nodes suggest that the whole thing had an expiry date waiting to be announced.

Re:would this unnamed group share its initials wit

There is no such agency that share these initials.

Re:would this unnamed group share its initials wit

[ihtoit]

I said group, you said agency.

Re:would this unnamed group share its initials wit

[Iamthecheese]

yes. No such agency that has compromised Tor already.

Re: FBI and Sony hack

Sony paid precisely $0 in federal taxes between the period I was victimized by Sony and they were pwned by GOP. As a matter of fact, they received over $11b in tax credits during this same period -- ie. the US government paid *them* money.

I paid *more* taxes than Sony, by far, and you probably did too. I should be affored more protection, no?

Re:would this unnamed group share its initials wit

[MichaelSmith]

I thought it was their project.

Re:would this unnamed group share its initials wit

[ihtoit]

you don't know that. I don't know for certain that it has. Only they know for sure, and they're not about to tell. When they claim to have information that could only be gained by compromising the network or through seizure of the hardware, then we'll know.

Lesson for today: if you don't want information to end up in the hands of those who you don't want having it, airgap it. DO NOT expose it to a network. Whatever you post on a public network, on whatever forum using whatever protocol or encryption or other obfuscation, becomes as far as you should be concerned, information that is now forever and irreversibly in the public domain for any and all to use for whatever nefarious reason.

Re:would this unnamed group share its initials wit

[ihtoit]

no, but they did use just 35 lines of code to compromise it in 2012, during the Operation Torpedo dragnet in which they managed to identify arrest and charge 25 US citizens on their IP addresses* and an undisclosed number of foreigners overseas on international arrest warrants (and slightly less legal means) on child sexual exploitation.

*I don't have the link handy, but I do seem to remember a bunch of John Doe claims by the **AA (or maybe it was the BPI) being thrown out because the respondents were identified by their IPv4 addresses.

BitTorrent Maelstrom

[ThePhilips]

That coming on the heels of the decentralized web solution coming from BitTorrent, Inc.

Pretty exciting times.

Re:BitTorrent Maelstrom

[ThePhilips]

Still.

Dismantling the centralized institutions one by one - DNS, IANA/RIRs, hosting providers - whatever Maelstrom is capable of - is a step in the right direction.

If sufficient number of decentralized alternatives appears, one can try to nest them like a russian dolls. More layers of the nested services - higher the privacy (at the potential cost of reliability).

Re: FBI and Sony hack

[ihtoit]

corporations are "persons" in Law. Otherwise a corporate "person"ality could not be sued, there would be no accountability in case of wrongful death or neglectful injury, and there would be no way a corporation with no personality can legally bind another person (individual or body corporate) in a contract or hold him to any obligations therein.

TOR is a fucking honey pot !

[Taco+Cowboy]

... See the ongoing silk road case, where the DOJ has yet to show how exactly they physically identified its owner and its server locations

TOR is a HONEY POT that enjoys a successful deployment beyond anyone's expectation !

It is not China nor Russia who came up with TOR, it was Uncle Sam which is the entity who funded the TOR project

TOR has several uses for USA ---

1. As you mentioned, to offer dissents within Russia / China or any other dictatorial nation a way to sneak out of the watchful eyes of their respective ruling regime

2. TOR also offers a false sense of security to those who wanted to do something not-so-legal, and in that way, "fish" them out from the real DARK NET and land them inside TOR while Uncle Sam gets to watch their every single fucking move

The highlighted quote above in itself has explained all --- that Uncle Sam knows everything that happens within the TOR domains, including the identity of those involved

Re:TOR is a fucking honey pot !

[Charliemopps]

You could be right, but given TOR's design, it doesn't even matter if the feds wrote it, they still couldn't figure out your identity. The feds would have to own all the nodes in the network, which is possible... but if they did own all the nodes, it wouldn't really matter if they wrote it or not now would it?

All that said... there are easier ways to hide your identity on the internet.

Re:TOR is a fucking honey pot !

[Kjella]

You do realize that most "darknets" are built on a "bust one, bust all" model? Pretty much the only security is that the bad guys aren't in your darknet, they've never reached a popularity where there's any plausible deniability. The only other people likely to be in your darknet are the other members of your terrorist cell or whatever you're part of, it has never offered anything for "normal people" for you to hide in. And darknets have actually been used as honeypots, to make clueless people give away their IP to join a private group which turns out to be a sting. It is pretty much the exact opposite of anonymity, it's joining a conspiracy and you're at the mercy of the stupidity of everyone in it.

TOR is trying for something entirely different, which is to keep everyone at arm's length from each other. I talk to you over TOR, you get busted well tough shit they still can't find me. The users don't know the server, the server doesn't know the users. Of course by adding that glue in between you run the risk of the man in the middle working out who both ends of the connection are, but that's the trade-off. TOR is trying to do something extremely hard, it tries to offer low latency - easy to make timing attacks, arbitrary data sizes - easy to make traffic correlation attacks and interactive access - easy to manipulate services into giving responses, accessible to everyone and presumably with poison nodes in the mix. It's trying to do something so hard that you should probably assume it's not possible, not because they have any special inside access.

I actually did look at trying to do better, it was not entirely unlike Freenet done smarter only with onion routing instead of relying on statistical noise. It wouldn't try to be interactive so you could use mixmaster-style systems to avoid timing attacks and (semi-)fixed data block sizes to avoid many correlation attempts but I never felt I got the bad node issue solved well. TOR picks guard nodes, but it only makes you bet on a few horses instead of many. It was still too easy to isolate one node from the rest of the network and have it only talk to bad nodes, at which point any tricks you can play is moot because they see all your traffic. Even a small fraction of the nodes could do that on a catch-and-release basis and I never found any good countermeasures.

Re:TOR is a fucking honey pot !

Mod parent up! Whoever modded this comment down either hasn't investigated the matter, or sympathizes with those whose goal is the total destruction of privacy for average citizens.

I'm pretty sure at this point that Taco Cowboy's posts start off at -1 due to his reputation score.

In regards to his claims, the Tor software is open source and you can look at it yourself if you want to look for any backdoors. Put simply, in order to 'compromise' the network an attacker needs to control a significant number of Nodes, or have some method of forcing traffic to use nodes they control. These are known weaknesses and are published by the Tor Project. IF a 3 letter agency really was behind the whole thing, they wouldn't tell people any of that, and they would already control the Directory Servers themselves so that they could manipulate the network behavior.

tl;dr - Taco Cowboy is a resident nutter who likes to talk a lot of shit with nothing to back it up.

Re:TOR is a fucking honey pot !

[spacefight]

They don't need to own the nodes. They need to know their uplink and/or upstream provider. And I bet they do on a fucking large scale.

Re:TOR is a fucking honey pot !

[Raenex]

Tor Stinks... But it Could be Worse

• Critical mass of targets use Tor. Scaring them away from Tor might be counterproductive.
• We can increase our success rate and provide more client IPs for individual Tor users.
• Will never get 100% but we don't need to provide true IPs for every target every time they use Tor.

http://www.theguardian.com/wor...

Seems the NSA doesn't want targets to move away from Tor because they have some success and are confident of gaining more. They don't need to own all the nodes. It's a documented weak spot that they just need to tap the incoming and outgoing nodes and do timing attacks. Given the NSA's (and their foreign, cooperating counterparts) massive taps on the Internet backbones, that sounds pretty feasible.

Re:TOR is a fucking honey pot !

[OverlordQ]

It is not China nor Russia who came up with TOR, it was Uncle Sam which is the entity who funded the TOR project

Guess what else they funded? The Internet.

Tor was attacked Nov 4

[Mocko]

Major takedown of sites by *** agencies - they did traffic analysis attack and hacked poorly set up Tor servers, if I recall.

Re:would this unnamed group share its initials wit

[ihtoit]

1. citations required.
2. it was a Flash exploit.

allegedly

[slashmydots]

So allegedly the rumor is that the FBI is taking down part of the network to try and somehow catch and/or prove the North Koreans were behind the hack on Sony. I don't know how true that is. Seems like it wouldn't matter if we had proof or not. That puffy doughboy piece of shit running North Korea is a perpetual liar and we can't possibly like him less nor with the US do anything about it in either case.

Re:TOR gives a false sense of security

[mSparks43]

You mean.
Unlike skype and the https protocol........

You don't seem to understand that tor is still THE most secure communication protocol we have over the internet. So secure that even the Snowden leaks discuss how the agencies you accuse of wanting to use it to spy on you - actually use it so the other agencies can't spy on THEM!

It's not a panacea, it's not the sole solution, but unless you can point to a *BETTER* solution, what is the point in making blind and blatantly false accusations?

Re:would this unnamed group share its initials wit

[mgcarley]

I have it on good authority that the FBI give plenty of shits about Tor.