lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 8 Dec 2007 17:04:13 -0800
From: coderman <coderman@...il.com>
To: jf <jf@...glingpointers.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Compromise of Tor,
	anonymizing networks/utilities

On Dec 9, 2007 12:02 AM, jf <jf@...glingpointers.net> wrote:
> ...
> It's really quite simple. If you or I can setup a tor node and use it to
> mitm/pop people/etc, or use it and the various tracking methods previously
> shown (wasnt it hd who did the js/flash callhome stuff?)

there is no "if", anyone can join the network and contribute,
including exit traffic.  a proper _implementation_  and _use_ of Tor
will protect against the leakage you describe.  improved scanning of
the Tor network and rapid flagging of "bad exit"s at the directories
is a work in progress and can definitely be improved upon.

HD Moore did write a tool to check for common side channels and obtain
the true IP this way:
http://metasploit.com/research/misc/decloak/

to date, JanusVM (and most other transparent proxy impls) have
protected against these and all other known side channel attacks like
this that trick some plugin or externally launched app to reveal the
user's IP.  and there are a lot of them for many different content
types...


> If you consider who has those types of resources you're basically stuck
> with mega-corporations, governments, telcos and potentially some
> spammers/botnets.

the most significant compromise of Tor to date was pulled off by two
people and three broadband lines, actually.  the biggest threats to
Tor users are implementation and usage weaknesses, not attacks on the
onion routing design or the network as a whole.


> That all considered, it becomes obvious that, if you presume that its
> goal was anonymity to everyone, which is dubious at best if you consider
> some of its .mil background,  that this is a deep design flaw. Or at least
> that's my opinion.

a useful anonymity service is like a utility; it needs lots of
different types of participants and provides for a common need.  in
this sense, .mil background only shows that the Navy understood this,
and for Tor to be truly useful they had to set it free.

the code is available for all, and the network has continued to grow
in size and diversity (mostly).  the hardest part of anonymity for
everybody is usability and scale.  Tor has significant hurdles yet to
address in this respect, but this can be hardly viewed as failure and
design flaw, more like growing pains...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ