[tor-talk] Isn't it time to ADMIT that Tor is cracked by now??

mirimir mirimir at riseup.net
Mon Aug 26 01:27:01 UTC 2013


On 08/26/2013 12:58 AM, Nathan Suchy wrote:

> Tor is very secure software but its time we redesign hidden services to be
> faster and more secure. We should bundle a hidden service server which
> won't connect to the internet except through Tor and only knows it's Tor IP
> address.

It would also help if hidden services didn't "stay in the same place
over time". A Tor version of CloudFlare etc might help. Perhaps it could
detect attacks, and respond appropriately.

> On Aug 25, 2013 7:58 PM, "Roger Dingledine" <arma at mit.edu> wrote:
> 
>> On Sun, Aug 25, 2013 at 05:05:26PM -0400, hikki at Safe-mail.net wrote:
>>> The US feds did actually take down FH, which was a HIDDEN SERVICE! They
>>> found it and arrested the admin! Period!
>>
>> Reminds me of my response when in 2011 some Dutch police broke into
>> a hidden service:
>> https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html
>>
>> "If you have an instant messaging conversation with a Tor user and
>> convince her to tell you her address, did you break Tor? Having an
>> http conversation with a webserver running over a Tor hidden service,
>> and convincing it to tell you its address, is not much different."
>>
>> We don't know in this case if they did it through exploiting the software
>> running on the other end of the hidden service, or by the old "follow
>> the money" trick, or by having an insider provide the info, or what.
>>
>> It could in fact have been by attacking the Tor protocol directly (see
>> below). But I think in many cases, even with the various known weaknesses,
>> the above "just bypass Tor and attack them in other ways" approaches
>> are even easier. (This observation should scare you more, not less.)
>>
>> The fact that somebody started serving malware on the various hidden
>> services:
>>
>> https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
>> makes me think that they got in via the software running the webserver.
>> I mean, heck, I heard he let strangers run php scripts in his webserver.
>>
>> For another case of a hidden service being compromised, see
>> https://blog.torproject.org/blog/trip-report-october-fbi-conference
>> The summary sentence there is "Way before they switched to a Tor hidden
>> service, the two main people used Hushmail to communicate."
>>
>>> If they can find hidden services, finding regular tor clients would be
>> even
>>> easier!
>>
>> This part is unfortunately (well, ok maybe fortunately, but either
>> way) false. Hidden services are weaker than normal Tor circuits for two
>> reasons: a) they stay in the same place over time, and b) you, the user,
>> can choose how often they make circuits. These two properties combine
>> to produce a variety of other problems. I described some of them briefly
>> in the 29c3 talk this past December, but see
>> https://blog.torproject.org/blog/hidden-services-need-some-love for
>> many more details, including references to academic papers on the topic.
>>
>> --Roger
>>
>> --
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsusbscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>



More information about the tor-talk mailing list