[tor-talk] BlackHat2014: Deanonymize Tor for $3000
Lunar
lunar at torproject.org
Fri Jul 4 05:59:28 UTC 2014
AntiTree:
> If I were a betting person, a beer says that they will be summarizing the
> current issues with hidden services, and as Adrian said, doing a client
> side disbanding attack (e.g. Java + DNS)
My own speculations is that they have used the attacks on guard relays
described in the following blog post, maybe in combination with other
attacks:
https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters
They wanted a NDA, so most Tor Project's core contributors don't know
what's in the air.
Improving the situations of guard relays is tricky to get right. There's
an open proposal in discussion:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/236-single-guard-node.txt
It will also be a “hot topic” at the next Privacy Enhancing Technology
Symposium:
https://www.petsymposium.org/2014/papers/Dingledine.pdf
https://www.petsymposium.org/2014/hotpets.php
--
Lunar <lunar at torproject.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140704/eef88f5c/attachment.sig>
More information about the tor-talk
mailing list