Hackers exploiting tor clients on .onion sites?

Karsten Loesing karsten.loesing at gmx.net
Sun Jun 14 11:09:02 UTC 2009

Hash: SHA1

So, did I get this right? You are concerned about certain log messages,
you even searched them on the Net, but you deleted them afterwards
(including the searches in your browser history) and are telling us now
that something strange is going on when visiting .onion sites?

I'm not saying there cannot be bugs in this part of the Tor code. But
what you describe is rather unlikely. I'm not aware how someone could
write anything to your log file---nor why he/she should want to do that.
Should you encounter these messages again, please retain them and file a
bug report: https://bugs.torproject.org/

For the fun of it you might also want to verify that you are running an
official Tor version: https://www.torproject.org/verifying-signatures

- --Karsten

On 06/14/2009 11:29 AM, pigpoked at Safe-mail.net wrote:
> I explored a few of the common .onion sites listed at Wikipedia's tor
> page listed within the external links footer. These sites loaded
> well, but I noticed several errors in my tor client logs. I googled
> for info on the errors, some of the error messages turned up in cvs
> related pages and bug talks, but lacked definite information. I
> didn't retain the error messages, but I won't be visiting .onion
> sites in the future as it feels to me by the open nature of some of
> the .onion sites where users post messages or edit wikis anonymously,
> malicious users may have the ability to target the small audience of
> users at these sites: tor users and their clients. I only discovered
> these errors when visiting a few .onion sites.
> My tor client did not exhibit strange behavior during or after these
> error messages were displayed, but as some of the error messages
> appeared entirely in CAPS, I thought to post here. As I didn't retain
> the error messages, this post is vague - sorry! I am concerned. This
> is not to discourage others from visiting .onion sites, but to raise
> awareness about the possibility of rogue behavior on some .onion
> sites, most probably by anonymous users, not the .onion admins.
> Should this concern me? What steps could be taken to safeguard the
> tor client from possible attacks, if any, from .onion websites? Am I
> considering errors too seriously?
> Hello, my final thread for this day, thank you.
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the tor-talk mailing list