Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Discover 110 Snooping Tor Nodes (helpnetsecurity.com)

Posted by msmash on from the security-woes dept.

Reader Orome1 writes: In a period spanning 72 days, two researchers from Northeastern University have discovered at least 110 "misbehaving" and potentially malicious hidden services directories (HSDirs) on the Tor anonymity network. "Tor's security and anonymity is based on the assumption that the large majority of its relays are honest and do not misbehave. Particularly the privacy of the hidden services is dependent on the honest operation of hidden services directories (HSDirs)," Professor Guevara Noubir and Ph.D. student Amirali Sanatinia explained. "Bad" HSDirs can be used for a variety of attacks on hidden services: from DoS attacks to snooping on them.

9 of 45 comments (clear)

  1. Hidden Service Directories by Anonymous Coward · · Score: 3, Interesting

    I asked on the Tor forum how one can run a directory server, and the response was basically -- "you can't -- only people chosen *specifically* by the Tor project can host a directory server".

    Apparently this is *not* true, so what's the real deal, and *why* did they tell me this?

    1. Re:Hidden Service Directories by cryptizard · · Score: 2

      What a completely irrelevant piece of information. You do realize that a lot (probably most) of privacy research is sponsored by the government, i.e. the National Science Foundation?

  2. Tor's fatal flaw by fustakrakich · · Score: 4, Insightful

    You can't trust anybody, not even Tor. I'm afraid this one looks like a lost cause. I wouldn't use the damn thing.

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:Tor's fatal flaw by duke_cheetah2003 · · Score: 2

      You can't trust anybody, not even Tor. I'm afraid this one looks like a lost cause. I wouldn't use the damn thing.

      Which is precisely the goal of tampering and interfering with TOR network operations. To cast doubt upon it, to make it less attractive. I really don't think it has much to do with wanting to snoop, as it is to make people think they're being snooped on and to destablize the service entirely. Seems like it's fairly effective so far too!

      This is a beautiful piece of social engineering by those who want TOR to go away. Well played.

    2. Re:Tor's fatal flaw by gweihir · · Score: 2

      This is a beautiful piece of social engineering by those who want TOR to go away. Well played.

      Indeed. It is a classical attack: Make people mistrust the secure tools and have them use less secure tools instead. Works on many people, unfortunately.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  3. Probably almost all misbehave by Anonymous Coward · · Score: 2, Insightful

    Think about it. There are 196 countries in the world, all of which have police and most of which have intelligence agencies. Some hidden services have a legitimate use such as encrypted chat, but many of them are used as C&C for botnets by various criminals and for fun hackers, some of which have an interest in figuring out what the others hidden services are doing. And then there are private security researchers.

    Overall, there is plenty of interest in snooping on Tor hidden services...

  4. ESPECIALLY Tor and other obvious targets by raymorris · · Score: 4, Insightful

    > You can't trust anybody, not even Tor.

    IMHO, I especially don't trust Tor. It's an obvious place that three-letter agencies would be looking. If I drive down Crack Avenue with a busted taillight, I *expect* that police will be patrolling the area and probably pull me over. It would, imho, be silly to think that authorities aren't patrolling the digital equivalent of Crack Avenue.

  5. Re:So is the bottom line... by TroII · · Score: 4, Informative

    If you even search for Tor (or "Linux" or "secure desktop" or "IRC" or "Truecrypt") you get put on an NSA list.

    --
    "If there was a gay Afro-Puertorican Linux distribution, I'd give it a try" ~lucm
  6. Scale? by Anonymous Coward · · Score: 2, Insightful

    110 out of a population of how many hidden service directories? 25% of nodes also claimed to be exits.. How many exits are there?

    A feel for how significant this problem is would be nice.