[tor-bugs] #29637 [Core Tor/Tor]: Tor exploit

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Mar 4 03:43:42 UTC 2019


#29637: Tor exploit
--------------------------+-----------------------------------
 Reporter:  pidgin        |          Owner:  (none)
     Type:  defect        |         Status:  needs_information
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:
 Severity:  Critical      |     Resolution:
 Keywords:  tor-dos       |  Actual Points:
Parent ID:                |         Points:  3
 Reviewer:                |        Sponsor:
--------------------------+-----------------------------------
Changes (by teor):

 * status:  new => needs_information
 * component:  Core Tor => Core Tor/Tor
 * points:   => 3
 * milestone:   => Tor: unspecified
 * keywords:   => tor-dos
 * type:  project => defect


Comment:

 The attack probably isn't on the Tor client. It's more likely it's on the
 HSDir or Intro Points. It may be on the service's Guard or Rendezvous
 Point, but they're harder to target.

 Have you tried v3 onion services?
 They are much more resistant to attacks.
 There is no OnionBalance for v3 yet, but the v3 crypto is more efficient,
 so you might not need it.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29637#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list