×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Black Hat Researchers Actively Trying To Deanonymize Tor Users

Soulskill posted about 4 months ago | from the good-research-vs-bad-research dept.

Communications 82

An anonymous reader writes: Last week, we discussed news that a presentation had been canceled for the upcoming Black Hat security conference that involved the Tor Project. The researchers involved hadn't made much of an effort to disclose the vulnerability, and the Tor Project was scrambling to implement a fix. Now, the project says it's likely these researchers were actively attacking Tor users and trying to deanonymize them. "On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. ...We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up). The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service." They also provide a technical description of the attack, and the steps they're taking to block such attacks in the future.

Sorry! There are no comments related to the filter you selected.

I'd like to believe weakness are temporary... (4, Insightful)

i kan reed (749298) | about 4 months ago | (#47566647)

But I have my doubts about about technological fixes to the jackboot/battering-ram/nightstick vulnerability.

Re:I'd like to believe weakness are temporary... (-1)

Anonymous Coward | about 4 months ago | (#47566929)

If somebody posts that insipid xkcd comic in response to your post I'm going to flip out.

Re:I'd like to believe weakness are temporary... (0, Offtopic)

Anonymous Coward | about 4 months ago | (#47567401)

Obligatory XKCD [xkcd.com]

(Now it's not attached to his post, it's attached to yours!)

(Actually, somebody attached it to his post anyway. Now it's here twice, because of you. Hope you're happy!)

Re: I'd like to believe weakness are temporary... (-1)

Anonymous Coward | about 4 months ago | (#47568397)

The scary thing is exactly how wrong the mouse over comment on that turns out to be.

Re: I'd like to believe weakness are temporary... (0)

Anonymous Coward | about 4 months ago | (#47571013)

I agree. You can easily find a wrench for = $5. Check any Pawn Shop's tool section

Re:I'd like to believe weakness are temporary... (2, Interesting)

Anonymous Coward | about 4 months ago | (#47566977)

The foundation of the internet is computers asking adjacent (as for as the network is concerned) computers to relay something to somewhere else. TOR is a well constructed obfuscation layer on top of that, but the low-level standards are very traceable. Without even going into TOR vulnerabilities or PEBCAK errors, a sufficiently determined opponent will be able to beat any obfuscation of intent by extensive analysis of addressing and timing of the encrypted packets.

Oh really ? (0)

Anonymous Coward | about 4 months ago | (#47567181)

And sure as hell it is impossible to develop a mixnet that will generate Camouflage traffic so that the attacker just sees a constant flow of packages ?

Neither is it possible to build carriages not propelled by horses, I guess.

Re:Oh really ? (3, Insightful)

Qzukk (229616) | about 4 months ago | (#47567501)

And sure as hell it is impossible to develop a mixnet that will generate Camouflage traffic

It would have to generate traffic in equal amounts for every flow, which would halve network speed to give an attacker a 50/50 chance of guessing the correct flow. Those fake flows would also have to be carried to something that looks like a reasonable endpoint as well.

PRISM-level metadata collection makes it trivial to see which computer sent the original 682-byte request (recurse as necessary until the 800 byte request starts at the "sender") as well as which computer the multi-megabyte response was sent to (recurse as necessary until the multi megabyte response returns to the requesting computer). Camouflage traffic can't fix this on its own, it's easy to exclude the data that wasn't requested from the analysis.

I think that Tor's best bet while maintaining performance at this point would be to round all packets up to the nearest MTU (lets say 1400 to account for PPPoE, VPNs, and other layers on ethernet), so every request and response becomes a multiple of 1400 bytes, would make most tracking rely on packet timing. The next step would be to introduce packet delays at each hop, but that will slow the already slow network down.

Re:Oh really ? (1)

Anonymous Coward | about 4 months ago | (#47568751)

I don't think you can imagine a proper Camouflage scheme at this point. I do think I can. And yes, it would thwart correlation attacks. It might induce some delays for (say) ssh-over-TOR sessions which transmit very small packages. Camouflage would of course mandate a single package size histogram over a certain time frame. Many small payload packages would be stuffed in a single transport package, which means delay. Lots of dummy octets would be transmitted in the course of a browsing session. Bandwidth would be wasted. So what ? Save the bw for kitten videos ?

Re:Oh really ? (2)

Qzukk (229616) | about 4 months ago | (#47569565)

Since you're not sharing, I'm guessing you're imagining some sort of multiplexing scheme where the node would take say 100 bytes from 14 different sources and combine them into one packet and send that. It's an intriguing idea that would slow down metadata analysis but it would have a lot of overhead to keep track of, but that "keeping track of" becomes an attack vector again especially with subverted nodes, since node B will need to know that the next 8 packets from node A will have 100 bytes of data that need to be kept together and sent on to node C.

If the network is busy it should actually not be bad for interactive small-packet connections. If the network is idle there could be a timer before the node fills unfilled slots with random data and sends it.

Re:Oh really ? (1)

Anonymous Coward | about 4 months ago | (#47569377)

You are focusing on packet length patterns, which is only part of the whole story. The TLAs also have the ability to impress transmission-rate patterns onto TOR traffic. There are some papers out there which demonstrated good results (from the TLA perspective) from that.

So next-gen TOR needs to handle both the packet length problem and the transmission rate shaping problem.

Finally, where did you get 3 modpoints from ?

Re:I'd like to believe weakness are temporary... (1)

LordLimecat (1103839) | about 4 months ago | (#47568935)

There is nothing in a packet's headers that will indicate what route it took to get somewhere, no matter what sort of analysis you apply to it. The only 3 clues you have are the TTL, the source MAC address, and the source IP address.

Re:I'd like to believe weakness are temporary... (1)

i kan reed (749298) | about 4 months ago | (#47569219)

And the thing is, when you're the government of a country, you can bust down every door, pull the mac address, look at the routing table, and head to the next door to bust down. It goes even faster when every ISP is freely complicit(they are in the US, China, Russia, and anywhere else notably stompy).

Re:I'd like to believe weakness are temporary... (0)

Anonymous Coward | about 4 months ago | (#47567199)

Which vulnerability would that be? this one [xkcd.com] ?

Internet gas (-1)

Anonymous Coward | about 4 months ago | (#47567535)

Is there such a thing as internet gas? The internet in gas form?

Re:I'd like to believe weakness are temporary... (1)

cavreader (1903280) | about 4 months ago | (#47571433)

Didn't Russia just announce a bounty for anyone who could help them identify weaknesses and track TOR users? Maybe the presentation at the Black Hat conference was cancelled because the Russians pay more?

Re:I'd like to believe weakness are temporary... (0)

Anonymous Coward | about 4 months ago | (#47572395)

There is no fix, the stick of truth used correctly works every single time. You plug it into the left knee wait 10 seconds then plug it into the right knee wait 30 seconds and repeat. In most cases it decrypts even the most hardcore security in one second.

Re:I'd like to believe weakness are temporary... (0)

Anonymous Coward | about 4 months ago | (#47572497)

Which is funny since the intent of tor is to safeguard you from that very vulnerability: "whom the fuck am I supposed to beat with this $5 wrench"

Black Hats shoot themselves in the foot. (4, Interesting)

jellomizer (103300) | about 4 months ago | (#47566751)

I find it kinda funny that TOR is used by many Black Hats is being hacked by Them. TO expose who they are...

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47566775)

Jeah just like the bad guz in a western that shoot at each other with their weapons which they use to rob people with.

I don't think they were trying to expose "themselfes", but "each other".

Re:Black Hats shoot themselves in the foot. (2)

i kan reed (749298) | about 4 months ago | (#47566791)

Tragedy of the commons. If you're the person who broke Tor, you're(temporarily) the king of blackhats. Who cares that it screws over all the other blackhats. They'd screw you over just as fast.

Re:Black Hats shoot themselves in the foot. (-1)

Anonymous Coward | about 4 months ago | (#47566897)

Sounds like a porno movie scenario.

Re:Black Hats shoot themselves in the foot. (2)

Opportunist (166417) | about 4 months ago | (#47566939)

Yeah: "Prison statistics: 4 out of 5 people like gang rape"

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47568117)

It's just the guy who took it up the bum 4 times that's unhappy.

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47568825)

Always nice to hear the truth from the Land Of The Free(TM).

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47566945)

Well if they find out YOU screwed over their black hats, you'll get screwed over a LOT faster I'd imagine...

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47567049)

You'd also be the one showing that it's not secure.

Re:Black Hats shoot themselves in the foot. (1)

Ambvai (1106941) | about 4 months ago | (#47572111)

It's a bit like the endgame for the game Uplink-- if you go blackhat, you end up in a race to destroy the internet. If you succeed, the only thing that happens is that you get a 'connection terminated' notice.

Re:Black Hats shoot themselves in the foot. (4, Insightful)

ron_ivi (607351) | about 4 months ago | (#47566907)

Hard to tell who "them" is.

It's being used by, and trying to be hacked by, many groups.

University researchers, governments, MPAA/RIAA, computer security companies, etc.

Seems the project should encourage as many people as possible attempting to hack it -- because that increases the odds that when people finds a hack, at least some of them will report the weakness back to the project.

On the other hand, if the project discourages hacking attempts, only malicious groups will find the hacks.

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47567087)

Thanks for making this point, it's one of my pet peeves when people assume an artificial group is ideologically united.

"You'd think Atheists would love big government because the Soviet Union was big government", etc

Re:Black Hats shoot themselves in the foot. (1, Interesting)

ganjadude (952775) | about 4 months ago | (#47566955)

*black hat* in this case simply means the NSA

Re:Black Hats shoot themselves in the foot. (1)

Ralph Wiggam (22354) | about 4 months ago | (#47567935)

Evidence?

Re:Black Hats shoot themselves in the foot. (1)

ganjadude (952775) | about 4 months ago | (#47568375)

if i had evidence i wouldnt be posting that comment from my work computer in the USA, but with everything going on with them do you doubt it?

Re:Black Hats shoot themselves in the foot. (1)

Ralph Wiggam (22354) | about 4 months ago | (#47568417)

Yes. I doubt everything that I don't have evidence of.

Re:Black Hats shoot themselves in the foot. (1)

LordLimecat (1103839) | about 4 months ago | (#47568957)

So your rationale for accusing the NSA of something is "They do other bad stuff, clearly they do this as well?"

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47569129)

So your rationale for accusing the NSA of something is "They do other bad stuff, clearly they do this as well?"

It seems to be a reasonable thing to assume, given revalations so far.

Re:Black Hats shoot themselves in the foot. (1)

Ralph Wiggam (22354) | about 4 months ago | (#47569487)

Given Saddam Hussein's long history with chemical weapons, was it reasonable to assume he had an active chemical weapons program in 2002?

Re:Black Hats shoot themselves in the foot. (1)

ganjadude (952775) | about 4 months ago | (#47571349)

Damn near every country in the world though t so at the time, and there are still good arguments that they were sshipped to syria so yes...that was a good assumption... should we have gone to war over that hell no

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47573259)

I hear they eat little babies alive in Bavaria and London. Enough reasons to bomb them tomorrow morning ?

IF they're not, they're not doing their job. (0)

Anonymous Coward | about 4 months ago | (#47569437)

Well - if they're not *also* doing this, you might argue that they aren't really doing their job.

I suspect that there are *MANY* groups (like over 200) trying to do this. At least one for every country's own intel agencies; and a lot of corporate security groups too.

Re:Black Hats shoot themselves in the foot. (1)

Electricity Likes Me (1098643) | about 4 months ago | (#47567221)

What's interesting about this post being modded interesting is the number of people who apparently read it and thought "yep, nothing wrong with that logic". Or have never thought seriously, and apparently have no idea, what "black hat" hacker means.

Re:Black Hats shoot themselves in the foot. (1)

Anonymous Coward | about 4 months ago | (#47567279)

I think you're conflating terms here. Yes, a black hat hacker is someone who generally breaks into systems and otherwise acts outside of the scope of legality. However, Black Hat is a security conference held in Las Vegas on an annual basis, and while the atmosphere can be slightly different than DEFCON, it's...generally a similar convention. Black Hat Researchers referenced here, therefore, likely fall under that official umbrella, and thus likely would NOT necessarily fall under the general black hat group (or at least admit to it openly :-P). You can find plenty of videos from prior Black Hat conferences on youtube that'll likely help clarify that for ya. For a particularly entertaining video from a now legendary hacker (who unfortunately passed away last year), I'd suggest starting here [youtube.com] .

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47567367)

I find it kinda funny that TOR is used by many Black Hats is being hacked by Them. TO expose who they are...

I find it sad this was written as an "attack" on TOR rather than perhaps what it might have been...a validation of the actual vulnerability the researchers were looking to present at Black Hat.

One doesn't go to Black Hat as a presenter to demonstrate the latest pizza-making techniques...let's be real here.

Re:Black Hats shoot themselves in the foot. (1)

medv4380 (1604309) | about 4 months ago | (#47567447)

There is no honor among thieves.

Re:Black Hats shoot themselves in the foot. (4, Insightful)

wile_e_wonka (934864) | about 4 months ago | (#47567675)

If Black Hats don't hack it then the NSA will. But the NSA will quietly keep the vulnerability(ies) to themselves and use them to collect data. Whereas a Black Hat looking to rely on TOR will be best off figuring out its weaknesses in order to make it more effective.

In other words, people who rely on TOR would be completely stupid to not try to hack it to determine its vulnerabilities. The only odd thing about this isn't really odd at all when you think about these hackers are--they're exposing vulnerabilities in a particularly spectacular fashion.

Re:Black Hats shoot themselves in the foot. (1)

oursland (1898514) | about 4 months ago | (#47572005)

The NSA isn't the only boogieman here, so don't call only them out. There's a lot of value to cracking Tor open, and it would be wise to quickly identify and resolve the weaknesses.

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47568011)

... but that makes no sense.

You are basically saying that all black hats are equal.
This is as retarded as all those morons that say "Anonymous did this, Anonymous did that", Anonymous is (was) a blanket term that refers to HUNDREDS of cells of white, gray and black hat hackers, usually all fighting amongst each other at that.

Most black hats hate each other. They just abuse and bait gray hats in to helping them, but they generally hate each others guts to the point where they'd likely legit murder each other given they could get away with it.
Destroying Tor would eliminate a large chunk of easy black hats, casual black hats if you will, and leave only the men, the ones with botnets and such.
This would benefit them hugely, since they'd literally get more money from this as people flock to them for resources.

Re:Black Hats shoot themselves in the foot. (0)

Anonymous Coward | about 4 months ago | (#47570341)

They would probably say that if it CAN be broken with reasonable effort, then it already is broken and this is arguably just security through obscurity. So any effort to hack Tor is also an effort to improve Tor for the future. So it's a benefit to people who are worried about sophisticated opponents (US govt probably won't publicize that they've fully "hacked" Tor, even if they can and have), since this will help thwart those sophisticated opponents, but could be harmful to people who are mainly worried about "opponents" that currently don't have the technology or know-how to compromise Tor. (smaller totalitarian governments that aren't US allies, for example)

Changes to the protocol? (1)

brokenin2 (103006) | about 4 months ago | (#47566823)

I wonder how feasible it would be to modify tor, or maybe make a tor version 2 protocol so that the onion layers are determined packet by packet, instead of by the stream.

I'm not all that knowledgeable when it comes to the tor protocol, but it sounds like each stream is bounced off a series of relays.. If you could change that to each packet, or split the stream into a few other streams that took different routes (and let the stream get reassembled from packets from multiple streams at the destination), then it seems like you could make this sort of attack a lot harder..

I'm not sure about people trying to discover the location of the tor hidden service, but it seems like it would help protect the client -> server integrity quite a bit..

Re:Changes to the protocol? (3, Funny)

ArcadeMan (2766669) | about 4 months ago | (#47566913)

If we're talking about onion layers, please call it "Ogre" instead of "Tor 2".

Re:Changes to the protocol? (1)

i kan reed (749298) | about 4 months ago | (#47566921)

I wonder how feasible it would be to modify tor, or maybe make a tor version 2 protocol so that the onion layers are determined packet by packet, instead of by the stream.

I think that might fall apart at the exit node, since expecting the server to receive response packets from 2 different IPs isn't TCP/IP compliant. You could certainly build sites that work with that expectation, but it would essentially require all layers to be designed to support TOR.

Re:Changes to the protocol? (0)

Anonymous Coward | about 4 months ago | (#47567171)

I2P does some cool stuff with breaking packets down and merging them together using garlic routing.

Re:Changes to the protocol? (1)

Electricity Likes Me (1098643) | about 4 months ago | (#47567203)

Tor is designed to be low-latency. Such complicated routing would definitely make a large latency tradeoff, since you'd have several routes, all of different latencies, which would mean the packets would arrive out of order and you'd need to delay to determine if you'd actually received a complete set before reconstructing an in-order stream to the final destination.

Re:Changes to the protocol? (0)

Anonymous Coward | about 4 months ago | (#47567343)

Packet by packet would be an interesting exercise, but I don't see it remotely playing well with TCP. I'm no prestigious developer, and would be thrilled to see someone prove me wrong here, but the three way handshake seems impossible if you're changing up destination and source addresses on a packet per packet basis.

On the other hand, if you were aiming to create a new protocol that operates at the Transport layer that behaved this way specifically for implementation in a darknet (or darknets in general), that might be something a little more realistic. It'd likely need to be solely for darknet-to-darknet traffic, however, or at least somehow resolved by exit nodes to communicate with the clearnet hosts on the other side.

Re:Changes to the protocol? (1)

The MAZZTer (911996) | about 4 months ago | (#47567851)

The packets would still have to use the same exit node, since the final hop to the destination has to use the original TCP (one source, one destination) so it likely wouldn't add too much. The packets are already encrypted, so the intermediate nodes can't see what you're doing in any case, so I don't think there's an added benefit to doing that. Might just slow things down since the packets have to be assembled at the end anyway. Of course Tor hidden services don't take that last unencrypted hop, but it still uses the same hidden node as a destination.

Quick everybody use TOR (0)

Anonymous Coward | about 4 months ago | (#47566883)

They can't hang us all like Spartacus. All the telephone poles in Italy are gone.

Yeah, Roo-see-uh (2)

Impy the Impiuos Imp (442658) | about 4 months ago | (#47566943)

Fascinating. If they can detect suspicious fraud nodes, TOR could build into their project a blacklist support that they publish and honor in their code. Then it becomes a whack-a-mole issue, which is better han the current situation.

Ummm...what with Russia trying to de-anonymize TOR and all. Bad Rooskies.

Re:Yeah, Roo-see-uh (0)

Anonymous Coward | about 4 months ago | (#47567083)

Yes, bad rooskies, good American. Your NSA would never in a million years dream of violating the sanctity of a TOR connection...

Re:Yeah, Roo-see-uh (0)

Anonymous Coward | about 4 months ago | (#47568189)

As bad as they are, the NSA are boy scouts compared to the Russians (mafia and their government), China and the former eastern block countries.

Re:Yeah, Roo-see-uh (0)

Anonymous Coward | about 4 months ago | (#47569115)

Indeed, Russia invades other countries or bombs them every year. They look for Weapons of Mass Destruction. Or they need to Bomb Freedom into some poor souls and their donkeys. Empire of Evil and all that.

Re:Yeah, Roo-see-uh (2, Informative)

Anonymous Coward | about 4 months ago | (#47567085)

Tor *does* have blacklist support: https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays

Can we get a hyphen? (5, Funny)

damn_registrars (1103043) | about 4 months ago | (#47567101)

The first time I saw the headline I thought it said

Black Hat Researchers Actively Trying to Demonize Tor Users

Then I thought it was perhaps

Black Hat Researchers Actively Trying to Deamonize Tor Users

Before I figured out they meant

De-anonymize

Re:Can we get a hyphen? (1)

Anonymous Coward | about 4 months ago | (#47567233)

I think they meant Dean-omize. Turn Tor users into Deans of well respected Universities/Colleges, probably to help increase the adoptomization and respectomization of Tor.

Re:Can we get a hyphen? (1)

damn_registrars (1103043) | about 4 months ago | (#47567351)

I think they meant Dean-omize. Turn Tor users into Deans of well respected Universities/Colleges, probably to help increase the adoptomization and respectomization of Tor.

If instead you meant Dean-omize as in "turn them into Howard Dean", then in this crowd that would have the exact same effect as demonization.

Re:Can we get a hyphen? (1)

idontgno (624372) | about 4 months ago | (#47568709)

I was actually hoping that we'd be turned into Dean Martin. Even if he's long dead, he's cooler than the entire TOR user community and node operator community combined.

Re:Can we get a hyphen? (1)

Bing Tsher E (943915) | about 4 months ago | (#47569299)

I was thinking Jimmy Dean's Pork Sausage. I mean, why not something meaningfully tasty?

Re:Can we get a hyphen? (0)

Anonymous Coward | about 4 months ago | (#47567605)

The first time I saw the headline I thought it said

Black Hat Researchers Actively Trying to Demonize Tor Users

Then I thought it was perhaps

Black Hat Researchers Actively Trying to Deamonize Tor Users

Before I figured out they meant

De-anonymize

This.

Re:Can we get a hyphen? (0)

Anonymous Coward | about 4 months ago | (#47568177)

"De-amortize". They wanted to add their debt back to them.

Can we get a hyphen? (0)

Anonymous Coward | about 4 months ago | (#47568537)

And the demonizing was being done only by the hat researchers who were black?

Re:Can we get a hyphen? (0)

Anonymous Coward | about 4 months ago | (#47578233)

Dyslexics of the world, untie!

Next Generation TOR (0)

Anonymous Coward | about 4 months ago | (#47567133)

TOR clearly needs to be beefed up. Here is what we need in addition:

1.) Multiple routes through the mixnet for each payload connection.

2.) Camouflage Traffic which ensures a constant bitrate visible to attackers. Visible traffic rate should change with a much slower rate than actual payload traffic.

3.) User-configurable number of hops. Better support of more than three hops (this probably requries some sort of buffering because TCP/IP does not like long delays)

Re:Next Generation TOR (0)

NotInHere (3654617) | about 4 months ago | (#47569229)

3.) makes it clear you don't understand how tor works. You can configure as many TOR nodes as you wish. There are points speaking for, and others speaking against your suggestion.

2.) TOR money better should go into the number of TOR relays first, not senseless camouflage traffic.

3 relay path (1)

NotInHere (3654617) | about 4 months ago | (#47567461)

apparently 3 proxies aren't enough, should rather be 7 :-)

Maybe it was all bullshit? (0)

Anonymous Coward | about 4 months ago | (#47567791)

I would be more interested in why this was "cancelled". Maybe it never was possible and this whole business of "we have an exploit" is just part of a larger campaign to spread FUD about Tor.

Duh (1)

Charliemopps (1157495) | about 4 months ago | (#47567949)

It's because Russia's offering $$$ for a TOR hack...
http://www.themoscowtimes.com/... [themoscowtimes.com]

on the bright side, TOR will be better in the end because of it.

Re:Duh (1)

RLiegh (247921) | about 4 months ago | (#47568197)

on the bright side, TOR will be better in the end because of it.

[citation seriously needed]

Re:Duh (1)

Anonymice (1400397) | about 4 months ago | (#47568651)

Re:Duh (1)

RLiegh (247921) | about 4 months ago | (#47569245)

Which does NOT address how the TOR network will magically become somehow better because of being attacked not one bit at all.

This is a good thing! (1)

Anonymice (1400397) | about 4 months ago | (#47568625)

I see many naysayers & detractors here querying why black-hats would want to break the very services they rely on, but surely that's exactly what they should be doing?

If you want to rely on a service for your own security, it's in your best interests to find all the weaknesses - especially with open source projects, which rely on the community to find & fix faults.

THIS IS NOT BLACK HAT RESEARCHERS (1)

Khyber (864651) | about 4 months ago | (#47570509)

"We spent several months trying to extract information from the researchers who were going to give the Black Hat talk, and eventually we did get some hints from them about how "relay early" cells could be used for traffic confirmation attacks, which is how we started looking for the attacks in the wild. They haven't answered our emails lately, so we don't know for sure, but it seems likely that the answer to Q1 is "yes"."

Fucking slashdot, can't even be bothered to RTFA to check the headline. It's only suspected, not proven, that black hat researchers did this.

Attacks have been documented in arXiv for years... (1)

Jizzbug (101250) | about 4 months ago | (#47570517)

Nothing new to see here...

bitmessage (1)

net28573 (1516385) | about 4 months ago | (#47578313)

I think the answer lies in figuring out how to increase throughput on bitmessage networks.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?