Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tor Network May Be Attacked, Says Project Leader

Posted by timothy on from the routing-around-the-routing-around dept.

Earthquake Retrofit writes The Register is reporting that the Tor Project has warned that its network – used to mask peoples' identities on the internet – may be knocked offline in the coming days. In a Tor blog post, project leader Roger 'arma' Dingledine said an unnamed group may seize Tor's directory authority servers before the end of next week. These servers distribute the official lists of relays in the network, which are the systems that route users' traffic around the world to obfuscate their internet connections' public IP addresses.

10 of 86 comments (clear)

  1. Tor directory servers by Anonymous Coward · · Score: 3, Interesting

    Long time Tor user, and was never aware of these 9 directory servers. This seems like an extremely weak link in the chain, esp. since 6 of these servers are in the US.

    The Tor project promotes running relays, etc., but never a specific DS. Is this something the standard Tor client can do? Can anyone setup a Tor DS? Why has this never really been talked about until now??

    1. Re:Tor directory servers by ihtoit · · Score: 4, Insightful

      while using the World Wide Web, are you consciously aware of the thirteen root DNS nameservers?

      No? So, why worry about the nine Tor servers which do pretty much the same thing - directing traffic so you get your fix of whatever?

      The reason is, because these things are transparent to the client - you don't know they're there, all you know is that some endpoint protocol is making shit work, but to do that requires direction, which it gets from one of several servers which all agree on the basic structure of the (extremely fluid) network. Without those services, the network is a: chaotic and b: lost.

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
    2. Re:Tor directory servers by Anonymous Coward · · Score: 2, Insightful

      No, that makes perfect sense -- I just don't recall ever hearing about these particular servers before. I raise this question because I'd bet there'd be more ppl. willing to host the Tor directory servers if they knew of their existence and this particular (perceived?) vulnerability.

      Is this something more specialized than running an exit node or a relay? Specifically, can the standard Tor client host a DS? If so, there is zero information on this aspect of the client provided by the documention by the Tor project. Maybe something in the protocol docs, but it's not obvious in the information provided by the Tor project.

    3. Re:Tor directory servers by ihtoit · · Score: 3, Informative

      well, yes, because the directory servers have a realtime index of active exit nodes. They hold no actual content, but what they do hold is really not very much in the way of payload (would probably fill a floppy disk); the killer is in the number of concurrent interrogations and the prerequisite bandwidth which would put it out of reach of an individual. All you'd need to do to bring the network to its knees is locate each directory server by IP, find a DOS vulnerability and exploit it. Same for any network with any sort of active directory service.

      (knowing this because I built a distributed database that was vulnerable to precisely one thing: the loss (even momentarily) of the directory server. Killed it dead, and rebuilding/resynching it was a fucking nightmare. Having a failover for that one service would've saved a LOT of headaches but I'd already killed my budget).

      --
      Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
  2. Re:would this unnamed group share its initials wit by ihtoit · · Score: 2

    no, but they did use just 35 lines of code to compromise it in 2012, during the Operation Torpedo dragnet in which they managed to identify arrest and charge 25 US citizens on their IP addresses* and an undisclosed number of foreigners overseas on international arrest warrants (and slightly less legal means) on child sexual exploitation.

    *I don't have the link handy, but I do seem to remember a bunch of John Doe claims by the **AA (or maybe it was the BPI) being thrown out because the respondents were identified by their IPv4 addresses.

    --
    Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
  3. BitTorrent Maelstrom by ThePhilips · · Score: 2, Interesting

    That coming on the heels of the decentralized web solution coming from BitTorrent, Inc.

    Pretty exciting times.

    --
    All hope abandon ye who enter here.
  4. TOR is a fucking honey pot ! by Taco+Cowboy · · Score: 4, Insightful

    ... See the ongoing silk road case, where the DOJ has yet to show how exactly they physically identified its owner and its server locations

    TOR is a HONEY POT that enjoys a successful deployment beyond anyone's expectation !

    It is not China nor Russia who came up with TOR, it was Uncle Sam which is the entity who funded the TOR project

    TOR has several uses for USA ---

    1. As you mentioned, to offer dissents within Russia / China or any other dictatorial nation a way to sneak out of the watchful eyes of their respective ruling regime

    2. TOR also offers a false sense of security to those who wanted to do something not-so-legal, and in that way, "fish" them out from the real DARK NET and land them inside TOR while Uncle Sam gets to watch their every single fucking move

    The highlighted quote above in itself has explained all --- that Uncle Sam knows everything that happens within the TOR domains, including the identity of those involved

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:TOR is a fucking honey pot ! by Charliemopps · · Score: 3, Informative

      You could be right, but given TOR's design, it doesn't even matter if the feds wrote it, they still couldn't figure out your identity. The feds would have to own all the nodes in the network, which is possible... but if they did own all the nodes, it wouldn't really matter if they wrote it or not now would it?

      All that said... there are easier ways to hide your identity on the internet.

    2. Re:TOR is a fucking honey pot ! by Kjella · · Score: 4, Insightful

      You do realize that most "darknets" are built on a "bust one, bust all" model? Pretty much the only security is that the bad guys aren't in your darknet, they've never reached a popularity where there's any plausible deniability. The only other people likely to be in your darknet are the other members of your terrorist cell or whatever you're part of, it has never offered anything for "normal people" for you to hide in. And darknets have actually been used as honeypots, to make clueless people give away their IP to join a private group which turns out to be a sting. It is pretty much the exact opposite of anonymity, it's joining a conspiracy and you're at the mercy of the stupidity of everyone in it.

      TOR is trying for something entirely different, which is to keep everyone at arm's length from each other. I talk to you over TOR, you get busted well tough shit they still can't find me. The users don't know the server, the server doesn't know the users. Of course by adding that glue in between you run the risk of the man in the middle working out who both ends of the connection are, but that's the trade-off. TOR is trying to do something extremely hard, it tries to offer low latency - easy to make timing attacks, arbitrary data sizes - easy to make traffic correlation attacks and interactive access - easy to manipulate services into giving responses, accessible to everyone and presumably with poison nodes in the mix. It's trying to do something so hard that you should probably assume it's not possible, not because they have any special inside access.

      I actually did look at trying to do better, it was not entirely unlike Freenet done smarter only with onion routing instead of relying on statistical noise. It wouldn't try to be interactive so you could use mixmaster-style systems to avoid timing attacks and (semi-)fixed data block sizes to avoid many correlation attempts but I never felt I got the bad node issue solved well. TOR picks guard nodes, but it only makes you bet on a few horses instead of many. It was still too easy to isolate one node from the rest of the network and have it only talk to bad nodes, at which point any tricks you can play is moot because they see all your traffic. Even a small fraction of the nodes could do that on a catch-and-release basis and I never found any good countermeasures.

      --
      Live today, because you never know what tomorrow brings
    3. Re:TOR is a fucking honey pot ! by Anonymous Coward · · Score: 5, Interesting

      Mod parent up! Whoever modded this comment down either hasn't investigated the matter, or sympathizes with those whose goal is the total destruction of privacy for average citizens.

      I'm pretty sure at this point that Taco Cowboy's posts start off at -1 due to his reputation score.

      In regards to his claims, the Tor software is open source and you can look at it yourself if you want to look for any backdoors. Put simply, in order to 'compromise' the network an attacker needs to control a significant number of Nodes, or have some method of forcing traffic to use nodes they control. These are known weaknesses and are published by the Tor Project. IF a 3 letter agency really was behind the whole thing, they wouldn't tell people any of that, and they would already control the Directory Servers themselves so that they could manipulate the network behavior.

      tl;dr - Taco Cowboy is a resident nutter who likes to talk a lot of shit with nothing to back it up.