"Practical onion hacking: finding the real address of Tor clients"
George Shaffer
George.Shaffer at comcast.net
Thu Oct 19 09:06:45 UTC 2006
On Wed, 2006-10-18 at 12:47, Fabian Keil wrote:
> . . . They aren't attacking Tor, but misconfigured applications
> behind the Tor client.
Which they said quite clearly in different words: "Clearly Tor's
designers have done a pretty good job: I couldn't find any weaknesses in
Tor itself . . .
So instead, I attacked the data which Tor carries the most of: web
traffic."
Obviously a number of users are having difficulty configuring or using
Tor correctly. I've been a computer professional, mostly business
software development, but including managing a small IT department for
several years, since 1983. I spent a number of hours reading about Tor
(a lot of the background stuff, not just install instructions) before
installing it. Also I wanted to set it up as a server on my new
firewall. I'm not sure if I have Tor and my browser configured
correctly. All I am sure of is that when Tor is enabled, my IP is
successfully masked at three sites that test this.
For a user new to Tor, the documentation is often confusing or
ambiguous, important information is missing, and sometimes minor details
over emphasized (especially in Tor FAQ). Tor is a young product and
hopefully these problems will be remedied as it grows. In the meantime
though, some users are depending on it for anonymity. You can be sure
that someone in Red China, searching for information his or her
government does not want them to see, is not likely to have mis
configured or misused Tor for want of trying to get it right.
> It's also a good idea not to trust any exit nodes,
> except the ones you run yourself.
If this is true, then the Tor network serves no useful purpose for the
large majority of users who don't run Tor servers, let alone exit nodes.
Even if in the future, some auditing process is set up for exit nodes,
anyone using Tor, implicitly trusts whoever does the auditing, and he or
she is likely to be self selected. Besides technical knowledge and
connection limitations, there is at least one other valid reason for not
running a Tor server. Comcast, the largest ISP in the U.S., has Terms of
Use that very clearly prohibit any and all servers, including p2p, on
any residential connection. I suspect some other ISPs have similar
provisions.
Maybe I'm missing something, but except for a large company with many
valid public IP addresses, what anonymity can you hope to gain by using
your own exit node, except hiding from a network sniffer in the clutter
of the other traffic which leaves the node. Whoever you connect to will
still have the exit node's IP, which can presumably traced back to you.
George Shaffer
More information about the tor-talk
mailing list