[tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

Roger Dingledine arma at mit.edu
Sun Aug 25 23:58:05 UTC 2013


On Sun, Aug 25, 2013 at 05:05:26PM -0400, hikki at Safe-mail.net wrote:
> The US feds did actually take down FH, which was a HIDDEN SERVICE! They 
> found it and arrested the admin! Period!

Reminds me of my response when in 2011 some Dutch police broke into
a hidden service:
https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html

"If you have an instant messaging conversation with a Tor user and
convince her to tell you her address, did you break Tor? Having an
http conversation with a webserver running over a Tor hidden service,
and convincing it to tell you its address, is not much different."

We don't know in this case if they did it through exploiting the software
running on the other end of the hidden service, or by the old "follow
the money" trick, or by having an insider provide the info, or what.

It could in fact have been by attacking the Tor protocol directly (see
below). But I think in many cases, even with the various known weaknesses,
the above "just bypass Tor and attack them in other ways" approaches
are even easier. (This observation should scare you more, not less.)

The fact that somebody started serving malware on the various hidden
services:
https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
makes me think that they got in via the software running the webserver.
I mean, heck, I heard he let strangers run php scripts in his webserver.

For another case of a hidden service being compromised, see
https://blog.torproject.org/blog/trip-report-october-fbi-conference
The summary sentence there is "Way before they switched to a Tor hidden
service, the two main people used Hushmail to communicate."

> If they can find hidden services, finding regular tor clients would be even
> easier!

This part is unfortunately (well, ok maybe fortunately, but either
way) false. Hidden services are weaker than normal Tor circuits for two
reasons: a) they stay in the same place over time, and b) you, the user,
can choose how often they make circuits. These two properties combine
to produce a variety of other problems. I described some of them briefly
in the 29c3 talk this past December, but see
https://blog.torproject.org/blog/hidden-services-need-some-love for
many more details, including references to academic papers on the topic.

--Roger



More information about the tor-talk mailing list