Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Discover 110 Snooping Tor Nodes (helpnetsecurity.com)

Posted by msmash on from the security-woes dept.

Reader Orome1 writes: In a period spanning 72 days, two researchers from Northeastern University have discovered at least 110 "misbehaving" and potentially malicious hidden services directories (HSDirs) on the Tor anonymity network. "Tor's security and anonymity is based on the assumption that the large majority of its relays are honest and do not misbehave. Particularly the privacy of the hidden services is dependent on the honest operation of hidden services directories (HSDirs)," Professor Guevara Noubir and Ph.D. student Amirali Sanatinia explained. "Bad" HSDirs can be used for a variety of attacks on hidden services: from DoS attacks to snooping on them.

1 of 45 comments (clear)

  1. Hidden Service Directories by Anonymous Coward · · Score: 3, Interesting

    I asked on the Tor forum how one can run a directory server, and the response was basically -- "you can't -- only people chosen *specifically* by the Tor project can host a directory server".

    Apparently this is *not* true, so what's the real deal, and *why* did they tell me this?