Lizard Squad Targets Tor

mrspoonsi tips news that Lizard Squad, the hacker group who knocked Xbox Live and the PlayStation Network offline on Christmas morning, has now turned its attention to Tor. After tweeting that they were targeting a Tor-related zero-day flaw, the group is now in control of 3,000 exit nodes — almost half of them. "If one group is controlling the majority of the nodes, it could be able to eavesdrop on a substantial number of vulnerable users. Which means Lizard Squad could gain the power to track Tor users if it infiltrates enough of the network."

Oops

They have just kicked the hornets nest..... people who have the ability to track them down and take their revenge

Flag them all as bad

... and be done with it. Isn't this what the BadExit flag is for?

Re:The TOR Project was well aware of this a while

[lgw]

This is seriously one of the first things anyone in security would have thought up

Ah, the /. 30-second expert. Indeed, the TOR guys did think of that too.

Malicious exit nodes do not per se compromise TOR, though they are in a position to take advantage of some potential exploits (also, exit nodes are irrelevant to .onion servers) It's been known since the start that if an attacker both controlled the exit node and could directly tap your line, there'd be and endless stream of exploits possible - and IIRC the NSA had just such attacks in its arsenal. But that doesn't scale - you have to be actively monitoring a specific target to de-anonimize them, you can't do it to everyone. If the NSA actually got warrants when they did that to Americans [pause for laughter] I think it's a fine system.

TFA seems to be about taking over more than half of all TOR nodes, which can hardly be done in secret, and really makes 0-days in the TOR bundle visible.

Far more worrying, especially for the conspiracy theorist, is the never-ending stream of vulnerabilities in .onion servers allowing the operators to be de-anonymized. It's hard to believe TOR wasn't designed that way. TOR seemed designed from the start as a system to let Chinese dissidents use American servers safely, but not allow Silk Road-style sites (servers illegal in the US) to stay up. That IMO would be pretty cool if the US itself weren't growing ever more repressive.

Re:Prove it.

They already proved it. Take a glance on this list. The "LizardNSA" nodes are theirs.

What is bullshit is calling this a Tor 0day. From what I read on the subject, which, admittedly, isn't much, they don't seem to have found an unknown flaw on Tor and are just throwing a bunch of relays at it - which was a "flaw" known since day 1.

Why are the Loser Squad still walking free?

"Lizard Squad" has been DOS'ing game servers, twitch.tv, and more for months. Surely the NSA has tracked these idiots down, and the FBI has had more than enough time to parallel construct a plausible investigation that didn't involve getting tipped off by NSA. Right? So why are these morons still sitting around in their parents' houses interfering with millions of regular people who are just trying to play games or browse the web? Big companies are being targeted, lots of money is being lost through the game server outages, why haven't these morons been put under the jail by now? They threw the entire weight of the federal government at Aaron Swartz for downloading a bunch of PDF files and yet the Loser Squad has been DOS'ing many companies for months with impunity? Makes me wonder if NSA et. al. aren't the ones behind the attacks.