[tor-talk] Wired Story on Uncovering Users of Hidden Services.
Anders Andersson
pipatron at gmail.com
Wed Aug 13 21:01:32 UTC 2014
On Wed, Aug 13, 2014 at 12:06 PM, <blobby at openmailbox.org> wrote:
> If it's possible for the owner of a hidden service (whether the FBI or a
> regular person) to install malware which grabs visitors' IPs, then what is
> stopping any hidden service owner from doing this?
Nothing is stopping a hidden service owner from doing anything that an
operator on the open net can do.
> Considering the number of individuals that must have visited the hidden
> service, this doesn't seem to be very many people. Why were so few
> identified? Were the 25 using outdated browsers (TBB)?
>
> How, in this case, was it possible for the FBI to learn the IP addresses of
> visitors to this hidden service? The Tor hidden server page states that "In
> general, the complete connection between client and hidden service consists
> of 6 relays: 3 of them were picked by the client with the third being the
> rendezvous point and the other 3 were picked by the hidden service."
>
> Can someone knowledgeable please explain how visitors to a Tor hidden
> service can have their real IPs detected?
AFAIK the malware used javascript to break the users' browsers. As
someone who argues against using javascript in any context, I can only
say "told you so", but that doesn't really help anyone. :)
Because they managed to get in to the client browser, they could learn
the real IP address and MAC address, they didn't learn this through
Tor.
More information about the tor-talk
mailing list