[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ethical Tor

To: cpunks <[email protected]>
Subject: Ethical Tor
From: [email protected] (Mirimir)
Date: Thu, 12 Nov 2015 02:25:14 -0700
In-reply-to: <CAJVRA1Sd4T8Qdm6yBbfgzHY0UV5+yn4ewKA_NNnRbkCV64FwAg@mail.gmail.com>
References: <CAO7N=i0dOPPPEsHO08T=QDzyvwHZkzN=Qu=T0R3Hgh2RhRbDEg@mail.gmail.com> <[email protected]> <CAJVRA1Sd4T8Qdm6yBbfgzHY0UV5+yn4ewKA_NNnRbkCV64FwAg@mail.gmail.com>

On 11/11/2015 09:53 PM, coderman wrote:
> On 11/11/15, Mirimir <[email protected]> wrote:
>> ...
>> Anyway, CMU's attack did manage to compromise some onion services, most
>> notably SR2.[0] And I'm not impressed with the Tor Project's
>> performance. They apparently ignored the CMU attack for five months.
> 
> this was a very subtle attack in circuit behavior!

Yes, it was subtle. But it was also, as I understand it, pointless
except as an attack. And it was new behavior, right?

But still, it wasn't fair to say "ignored". They just didn't see it.

> additional debugging / logging had to be added to be able to track
> down what was going on, and even then it was a challenge to determine
> the attack technique.

Right. And they apparently didn't start looking until the Black Hat talk
was announced. I did note that they might have been blindsided by a zero
day vulnerability.

> how would you have spotted it?

I'm not technical enough to answer that. But generally, I think that
they ought to put more effort into monitoring. Especially for new
relays. Look for anything unusual.

Follow-Ups:
- Ethical Tor
  - From: [email protected] (coderman)

References:
- Ethical Tor
  - From: [email protected] (Ryan Carboni)
- Ethical Tor
  - From: [email protected] (Mirimir)
- Ethical Tor
  - From: [email protected] (coderman)

Prev by Date: Ethical Tor
Next by Date: Ethical Tor
Previous by thread: Ethical Tor
Next by thread: Ethical Tor
Index(es):
- Date
- Thread