Spying On Tor 198
juct writes "The long-standing suspicion that the anonymizing network TOR is abused to catch sensitive data by Chinese, Russian, and American government agencies as well as hacking groups gets new support.
Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."
Conclusion: (Score:3, Insightful)
Re:Conclusion: (Score:5, Funny)
It's for exactly this reason that Tor should adopt AGPL. That way, if the Chinese government ran a hacked Tor server, they would have to release the source code as well and the hack would be obvious.
Re: (Score:2)
In fact, releasing the source code would make it easier to convince people it is safe, because some might even look at the code and say, "well, looks okay..." But what is actually being executed? Who knows.
AGPL won't help security... having to release the source is intended to in
Re:Conclusion: (Score:5, Funny)
The problem is, a couple hours after suing the Chinese, you want to sue them again.
Re: (Score:2)
As long as that is the case, you will always have to trust your provider. That's why voting machines can't be trusted (there's too much incentive to tamper by various parties). It's the same with any se
Re: (Score:2)
In that episode, they were trying to steel a very close election by tampering with a relatively small portion of the vote ballots. They didn't get away with it, precisely because of the number of sets of eyes and hands - and loose lips - that had to be involved in the counting process. That's exactly why hand counted ballots are the only way to go. If they had used networked computers, one individual could have skewed the results in a way that would not have been detectable by anyone, a
Re: (Score:2)
Re: (Score:2, Funny)
Re: (Score:3, Funny)
It just goes to show that age does not necessarily bring enlightenment. Thanks for the heads up :).
Re: (Score:2)
Security based on secrecy is bad security .
And well , Tor never claimed that it couldn't be abused .
Personally , it's a nice experiment , and it will no doubt keep improving .
Re:Conclusion: (Score:4, Informative)
Very true. During one of the original presentations done at Defcon it was mentioned that Tor was already being abused by the government to obfuscate emails for political purposes. It was also mentioned that at the time of the presentation, the potential for both an entry and exit node to be on machines connected to a Level3 connection. One of the big concerns at that point was that with the increased consolidation of backbone providers, it will become more and more difficult to achieve the aims of anonymity.
Re:Conclusion: (Score:5, Informative)
It's not a "plug in security" solution, and it's not meant to protect your traffic from people snooping on it in transit. If you want that, you need to use some sort of end-to-end encryption on top of Tor. (And you need to use some form of encryption that doesn't positively identify you, or else you might as well not use Tor to begin with.)
These kind of "attacks" are trivial because they have nothing to do with Tor's actual function. They're taking advantage of user stupidity, not a design flaw.
Re: (Score:2)
Re: (Score:2)
Certainly still useful, but really limits any longterm connection you could make with someone else. Good for whistle blowing, not for organizing anything.
Re:Conclusion: (Score:5, Informative)
Not really. The tor configuration lets you specify an "exit policy": addresses and ports which you will allow your node to be used as an exit for. Tor clients know what the exit policy of each node is, and don't try to exit out of a node which doesn't allow those connections to be made.
It's only disruptive if you use a firewall to prevent certain connections, and don't let tor know that you're doing so. In that case, a client may select you as an exit node, but the connection will fail. If you configure your exit policy to match your firewall policy, then clients know your server won't allow their connection to a particular host/port, and won't select it as an exit node.
Therefore, if your purpose in running tor is to snoop on unencrypted traffic, you would set your exit policy not to allow connections to port 443, because that's almost always encrypted, and thus minimise the amount of traffic exiting your node which you're not able to sniff. Or more likely, you'd set it to only allow connections to port 80 or whatever it is you're interested in.
Note that exit policies are very useful and quite legitimate. For example, I run two tor servers: one on my own dedicated server at a US colo facility on a dedicated IP address, which uses the standard tor exit policy which is fairly permissive. At work we have an unmetered fibre connection we don't use much, so I run a tor server here with a highly restrictive exit policy: deny everything (in other words, it's purely a relay or entry point, not an exit point). This limits our exposure; I'm willing to deal with people complaining about abuse from my own server, but I don't want to get our organisation involved in such disputes.
Most tor servers won't allow you to connect to port 25, as another example, because that effectively turns your tor server into an open SMTP relay.
Re: (Score:2)
To clarify: With plug-in security I meant the idea that you can just put a box in your network path or install a software and be secure from having your identity revealed. I wasn't talking about the kind of security which keeps your system clean or your data private.
Okay, but I think a better term might be "plug-in anonymity," since what Tor offers isn't really 'security' in general. It's a very specific kind of security, perhaps, but it's not a security solution generally.
And I think given that definition, Tor does pretty well -- it *is* basically a drop-in solution if what you really need is just anonymity. Of course, it doesn't stop you from giving away the store in some way that doesn't use your IP address, but no system can.
Is this not what that swedish hacker said? (Score:4, Insightful)
This is what happens in a knee-jerk-reaction-based society. You point out a security flaw, instantly identifying yourself as a security threat, get thrown into jail and while your very public trial is going on, the real bad guys are utilizing the very security flaws you found to do Bad Things(TM).
Good grief.
Re:Is this not what that swedish hacker said? (Score:4, Interesting)
The problem here is that the guy revealed one of the weaknesses that's utilized by governments all over the world and suddenly that leak was quenched.
Re:Is this not what that swedish hacker said? (Score:5, Insightful)
any idiot should realize it's a hostile network (Score:5, Insightful)
Is this not what that swedish hacker said?
Is this not what anyone with a basic understanding of the most basic network/TCP concepts (ports, IP addresses, connections, that sort of thing) should have realized, if they read anything about Tor? Is this not something that the Tor project should have explained in clear language for those who do NOT have a basic understanding of networking?
It's beyond "untrusted". It's a hostile network and blatantly so, if you bother to read even a basic description of it. You should assume that your traffic will be routed out a node where a person, organization, or government is passively monitoring or actively attacking your traffic.
All this (repeated) fuss demonstrates is how many incompetent network/sysadmin people there are in the world, and how few people in the press and "blogging" community understand networking. Any idiot who knows ALL of the reasons why ssh is better than telnet (ie, answers more than just "it's encrypted, so people can't see what you're typing") should be able to tell you why Tor is a hostile network...unless they're just parroting what they've read elsewhere.
Re: (Score:3, Interesting)
Tor isn't aimed at sysadmins for use as a client. You are confusing the actors and roles in your message.
Tor client only requires a knowledge of: domains/URLs, cookies and misc browser security issues like scripts and web bugs. Network architecture isn't important (if I'm mistaken, please explain). In Firefox, keep using Tools-> Clear Private Data. With this level of knowledge you can browse 'open' sites anonymously.
If privacy is also required, then basic k
Re: (Score:3, Interesting)
Tor isn't aimed at sysadmins for use as a client. You are confusing the actors and roles in your message.
The point of my post is that at several organizations, including apparently a bunch of embassies, someone thought it was a good idea to install this stuff. It's the fault of the sysadmins for not advising their users better or not locking down machines (embassies should have good security.) What's truly frightening is the possibility that one of them recommended it, and that's even worse.
Re: (Score:2)
And yeah, recommending it for official business it just crazy. Unless-- the embassy personnel were spying in their host country.
But the tor people *do* explain that. (Score:3, Informative)
The link goes to an explanation saying that you should use end-to-end encryp
MITM (Score:5, Interesting)
Shared keys, browsers, and malice (Score:2, Interesting)
I find it interesting and openly malicious that encrypted protocols are blocked at some exit nodes. This may explain some intermittent problems that I've been experiencing with some of my apps that use TOR and encryption.
Re: (Score:3, Informative)
Re: (Score:2)
Also, what happens when you visit a site that signs its own certificate? It's not that hard in doing a MitM attack to fake being that site's unique certificate. Unless you're dealing with a site that you absolutely know uses a trusted third party certificate, then you're SOL.
Also, a government-run MitM node could very well possess a CA's private key and be able to fake legit certif
You make very little sense (Score:2)
You either trust a third-party CA, or the communicating parties setup their own keys (preferably in person). Those are the fundamental mechanics of trust when using electronic communications, and the modern browser covers them. Need to use a "joe random" CA? Just plug it into your browser preferences
Yeah, well show me a PSK solution for browsers. (Score:2)
In person? Oh, really. Just what browser implements TLS-PSK today?
No, you're pretty much entirely stuck with the first choice -- blindly trusting a third-party CA whic
Re: (Score:2)
No, you're pretty much entirely stuck with the first choice -- blindly trusting a third-party CA which can be a single point of security failure for a large number of sites. That's the problem. E-commerce requires trust where none should be assumed, especially in the case of a network like TOR that funnels all traffic into a handful of potentially compromised exit nodes.
Who said this was about e-commerce? Under what conditions should online commerce be kept secret from the government? Or by "single point of failure" are are implying that a CA will have its private key STOLEN by private crooks?? The latter would be a really stupid assumption to make, esp since they can revoke stolen keys.
If two or more parties want privacy without the questions an (un)trusted third-party raises, then they can distribute certificates among themselves and use Ce
Re: (Score:3, Interesting)
(Numbers added by me)
1. E-commerce is the single most common use of SSL encryption.
2. Under any and all situations in which the government does not have a warrant.
3. No. By gov
Nobody verifies SSH host keys. (Score:3, Insightful)
No, it's not the same. Server certificates are signed by a trusted root CA; the public key for that CA is distributed out-of-band on your operating system's installation media. You can reasonably trust that w
Re: (Score:2)
Or by "single point of failure" are are implying that a CA will have its private key STOLEN by private crooks?? The latter would be a really stupid assumption to make, esp since they can revoke stolen keys.
Ha. Hahahahahahaha. Certificate revocation is completely useless in today's browsers. Here is one reference [amug.org] that's pretty old, but I'm sure you can find newer stuff if you actually research this.
Re: (Score:2)
You are right to suggest that tight security may require that the certs/keys be exchanged in person.
Re: (Score:2)
Which is basically what I'm saying. PKI is an issue of trust, and MitM attacks work by taking advantage of that trust.
Re: (Score:2)
OTOH, if PKI did prevent gov't surveillance, then the gov't could probably get your data direct from the merchant with some extra effort.
I can imagine a better system, rooted in the keys distributed with FOSS operating systems...
Team Furry? (Score:3, Funny)
Are they worried that the Chinese will intercept pictures of them dressed like this [imageshack.us]?
Re: (Score:2)
trust. (Score:1)
burp.
Whew. (Score:1, Funny)
No expectation of anonymity (Score:5, Insightful)
If you want anonymity, SSH through a string of compromised Eastern European servers to a comfortably log-agnostic Indonesian ISP, and do all your surfing through Lynx/Links. That's the only stab at anonymity you'll get, and they'll probably just install a keylogger anyway. Freedom is slavery.
Tor gives you anonymity (Score:5, Informative)
Re: (Score:3, Insightful)
Re:Tor gives you anonymity (Score:4, Insightful)
Re: (Score:2)
Use someone else's name instead - that'll fix them!
Re: (Score:2)
It isn't as much as anonymity, but rather when the authorities or ISP ask "Who is Sparticus?!" everyone shouts "I am Sparticus!"
Of course what has been happening here is that not everyone has been going along and the concept fails.
I believe true internet anonymity can achieved if there are multiple trusted destination sources and proper encryption between them.
As in if you encrypt your data (with a one time pad), cut it up into multiple different chunks and send it to multip
Re: (Score:2)
However, if enough people on the chain of blind senders/recipients decided to not follow the rules and started telling more info than the should then the ISP and or powers that be can start tracking who is who.
I'm not sure how true that is. The recipient of the message never knows whether the previous node was the originator of the message. The government or ISP would only be able to trace the connection back to the last host that they controlled. Beyond that, they don't know whether the message originated there or at a prior node.
not so fresh (Score:2, Interesting)
Re: (Score:2)
Haha, you imply that
Wolves in Sheep's Clothing (Score:1)
Or otherwise stated, TOR is like a flock of sheep where a wolf cannot bite down on one since they're all on some sort of merry-go-round? But a wolf could simply hop on the merry-go-round and feast?
As the article has repeated, if you're interested in security it seems you really ought to apply your own encryption on top of TOR.
However, even if you do that are you truly ano
Re:Wolves in Sheep's Clothing (Score:4, Interesting)
However, even if you do that are you truly anonymous? Is there any way to determine both ends of a conversation (either email or sessions)?
There's no way to guarantee that your communications over TOR are anonymous, and they're pretty upfront about that in the documentation. It's pretty easy for a government (or just about anybody, really) to add enough nodes to TOR to have a reasonable likelihood of being all three nodes in your conversation (entrance, middle, and exit). The nodes need to be geographically distributed, but that's easy for governments and easier for hackers, who have access to botnets of machines all over the world. Once they've got enough nodes out there, it's pretty easy to tell who's sending all that traffic, and where it's going.
Again, adding encryption helps keep your data from being sniffed (as long as you know you're not hit by MITM, see other comments about PKI), but TOR doesn't protect your anonymity against a sophisticated (and reasonably well-funded) attacker.
Do fancy locks attract thieves? (Score:5, Insightful)
Re: (Score:2)
Only problem with TOR (Score:1)
BTW, it's not like your ISP won't spy on you.
a more wretched hive of scum and villainy (Score:5, Interesting)
2. advertise amongst the warez people and criminal element
3. let enough criminal traffic (drug trafficking info) go through to build up trust that the laundering 'really works'
4. Wait around for the stuff that is important (like nuclear codes or enemy state intel)
5. ???
6. Promoted to section chief at the invisible mansion! (Profit!)
I don't have one lick of proof to say that our friends in Maryland or their cousins in Langley set this thing up from the beginning, other than it's an obvious slam dunk for them. I don't think the NSA is monitoring certain ports, I think they own the whole thing.
Re: (Score:2)
You don't really need any proof. My recollection is that the author of the program admitted that he created it while under contract to US Naval Intelligence as a means of obfuscating their traffic.
Re: (Score:3, Interesting)
Trust (Score:1)
Even so, I'd still try to browse using HTTPS everywhere I go. (Granted that doesn't stop people from knowing what sites you browsed...)
Re: (Score:2)
And exactly how would you know if someone is sniffing if they do not publish the results? The fact is that this is a security/anonymization s
Re: (Score:2, Interesting)
Given the number of hijacked machines taking part in the Storm worm, for example, any popularity contest could be skewed by a maliciously motivated attacker.
The big issue with tor is that you're magnifying your exposure. By default you're vulnerable to sniffing by your ISP, and all the people they peer with till you get to your endpoint. With tor in the mix you're vulnerable to sniffing from your ISP, and any number of random people who've elected to host a tor node.
Sure you've bounced your connection a
Re: (Score:2)
My fierce assertion is this: You wanna sniff my ass? DO SO AT THE DEMARC, FUCKERS.
If I EVER open an internet cafe, I will post signs:
"Not forced to comply with a court-ordered wiretap in [ ] days.
"Along with a "Safe working, accident-free [ ] days..."
"TRUST NO ONE: Assume this computer, or at least your session on it, i
Not what tor was intended for! (Score:5, Insightful)
It's important to remember that security and anonymity are different things.
Military grade anonymity? Say what? (Score:5, Interesting)
Military grade anonymity?
What?
Sure, we all know - or think we know - what "military grade crypto" means[1], but now you're just making stuff up.
Military grade anonymity, indeed.
[1] Strong crypto managed in a Type 0 or Type 1, etc., system, where everything is kept secret, hardware and software are tightly controlled, and updates are distributed strictly out-of-band - think spies with briefcases handcuffed to their wrists.
Contrast with "commercial grade crypto", where everything but the secret/private keys themselves are known, well studied, well understood, etc., and updates are distributed in-band, though sometimes "boot strapped" using an OOB shared secret, etc.
There is the perception that "military grade" is somehow stronger than "commercial grade", but what is the basis for this perception? None of us can say, least not here.
To know - to really know - whether military grade crypto is actually any stronger than commercial grade crypto requires a degree of access which itself requires clearance at - or above - top secret, said clearance being predicated on the understanding that those with said access won't reveal what they know, on pain of prosecution.
So the people who do know cannot and will not tell.
You'll just have to take my word for it. :->
"Military grade anonymity" is nothing more than buzzspeak for "anonymity that we think is really, really OMG PONIES good, but we can't prove, what with there being a complete and total lack of mathematically sound anonymity analytics comparable to cryptanalysis, so there, nyah!"
Re:Military grade anonymity? Say what? (Score:5, Informative)
myvirtualid wrote:
clearance at - or above - top secret
There is no clearance above TS, at least in the technical sense. There is TS/SCI ("special compartmented information") clearance, which may or may not include a lifestyle polygraph exam. TS/SCI and TS/SCI + lifestyle poly are not "above" TS in any real sense, they are merely additional qualifiers used as criteria to determine whether you can be allowed access to compartmented info. If you have TS/SCI it makes that process easier, but not having TS/SCI is not an absolute barrier if the right people sign off on it (although for certain information "the right people" may consist of both houses of Congress and the President).
Compartments can be as loose (within the restrictions of TS) or as restrictive as necessary. There can be (and I understand are) compartments with only a handful of people.
Re: (Score:2)
You may not realize it, but that says everything you need to know about the balance of provable security vs. for-show security in the US military/government.
It would be interesting to have a competition between the pentagon bureaucrats with their pseudoscience, versus some militia, to see which group is best at identifying
Above TS (Score:3, Insightful)
I would say yes, because there are laws governing what will happen to you if you reveal certain levels of information, i.e. TS is defined as having the potential to cause "exceptionally grave" damage to national security if disclosed inappropriately. I imagine this would carry a more stiff penalty than say releasing some mundane info that was classified as "Confidential". Having a secret level above TS causes certain problem
Re: (Score:2)
If you are not aware of any classified scheme above TS, then how will you know such information is actually classified if you come across it.
Usually, the outer folder is stamped as top secret alongside a message stating that it is only for eyes belonging to a specific group (e.g. Division Six).
If I were indeed to disclose such information how would I be prosecuted?
You wouldn't. Rather, the Men in Black would simply assassinate you and make it look like the bullet to the back of your head was an accident, suicide, or whatever makes a plausable story to stop further investigation.
If they want, they can easily discredit you by placing the same content in a tabloid. There's other tactics as well, such as arresting yo
Absolutely. Tor is great at anonymity (Score:2)
The privacy layer you supply yourself, and that requires the usual crypto-facilitated trust. As the Tor people often remind us, there is no way around that fundamental requirement.
So the question is really, do you trust Certificate Authorities pre-loaded in your browser? And if not, what steps are you and the party you're connecting with going to take to swap private keys?
Also bear in mind that many connections need only anonymity and not privacy, if y
Re: (Score:3, Insightful)
Re: (Score:2)
So no. I'M NOT doing anything of the sort.
But thanks for caring.
Re: (Score:2)
Excuse me if I take exception to someone supporting an unethical position. Bittorrent is by a long, long way the most common abuse of the tor network. It's bad to do it, and it's also bad to advocate it.
A little reminder (Score:5, Interesting)
This is a little reminder that we need a lot more users and exit nodes before TOR is reasonably safe.
This is a little reminder to encrypt your data end-to-end rather than through another network; anonymity is not security.
This is a little reminder that you really do need to check your SSL certificates.
TOR's encryption fools some into thinking it is a security model. It is not. TOR facilitates anonymous transactions using encryption internally. It eliminates the possibility of people spying on you by name, but it does not stop them from spying on "the people" (which includes you). You still need another encrypted transaction between you and your endpoint for real security.
The more exit nodes there are, the less likely a snooping entity will get ahold of your data. The more users there are, the more data those snoops need to filter through to get something meaningful (caveat: statistical analysis [wikipedia.org]. workaround: encrypt data past the TOR network).
This is a call-to-arms; everybody needs to use encryption and anonymization to enable the system to work, otherwise somebody can set up a few nets and read the whole network's content, even brute-force decrypt it due to its low volume. Take a look at what Zimmerman's justification for PGP [philzimmermann.com]:
Re: (Score:2)
How does a SSL MITM attack work? (Score:4, Insightful)
Re:How does a SSL MITM attack work? (Score:5, Informative)
Re: (Score:2)
Re: (Score:2)
1) Issue certs in your name to criminals 2) Preform massive traffic monitoring 3) Wait shit the NSA can probably read all encrypted data using Verisign certs and MITM attacks.... son of a bitch....
Please help us improve our documentation. (Score:5, Informative)
Hi all. I'm one of the Tor authors.
We're trying very hard to get out the message that you should always use encrypted protocols over Tor, if you're doing anything even slightly sensitive.
Right now, we do this in our documentation, and in a list of warnings on our download page [torproject.org]. But obviously, this isn't good enough, since some of the commenters here seem to be surprised at finding it out.
Does anybody have good ideas about how to get the word out better?
(As for the SSL MITM thing: we've run into situations like this one before. Usually, it turns out that the exit node isn't doing the MITM itself, but is getting MITMd itself by its upstream. This happens depressingly often in some countries, and in some dormitories. I've dropped a line to the directory authority operators Mike Perry (the guy who maintains the Torbutton firefox plugin) has been working on an automated detection tool for this stuff. It would be great if somebody with programming chops would step up and give him a hand.)
Re:Please help us improve our documentation. (Score:5, Funny)
Re: (Score:2)
Re: (Score:3, Funny)
Have you tried waterboarding?
-
Re: (Score:2)
You want to detect MITM attacks on SSL? Already been done, do not waste your time.
Re: (Score:2)
Items 1
Re: (Score:2)
Re: (Score:2)
Tor is encrypted, it's the protocol on top (eg. HTTP) that he's talking about.
The solution is to use HTTPS instead of HTTP, SSH instead of telnet, etc. etc.
Re: (Score:3, Insightful)
The only way to get users to do something with any reliability is to FORCE them to do it, and to make everything else impossible.
Now someone is going to scream that they really want the ability to do plain in the clear http over TOR. Fine, ship tor clients with two modes, "insecure" and "secure". Default to the latter which only uses
Employ Clippy! (Score:2)
Any router can spy? (Score:2)
Discredit Tor (Score:2)
Re: (Score:2)
Encrypted Traffic? (Score:3, Insightful)
FreeNet is more about hiding the data.
Re: (Score:2)
To install TOR I did, click on "install new packages", find TOR, install. Change to the Proxy gateway. I actually forgot that I was using TOR..
Re: (Score:2)
I may be wrong, but I thought the point of a public key was that it didn't need to be secure. I publish my public key on my website (this is hypothetical-I don't really, though I should), and then ANYONE can use it to send me encrypted data. Then, to decrypt it, you need the private key. Period. No one should ever have your private key for any reason. If they do, then you need to ditch it and the public key and start over, as you have been compromised. There
Re: (Score:3, Informative)
With "Joe Random"'s public key, you can indeed encrypt using it and only the owner of the matching private key can decrypt it. However, who is to say that you are really using Joe's public key?
And conversely, if you get something signed that can be decrypted using Joe's public key, how can you be sure that it was actually signed by Joe?
The answer is, you can't. Not unless Joe has a secure way of providing you his public key. Perhaps publishing it to a web site works,
Re: (Score:2)
My point wasn't concerning anything regarding people getting ahold of "Joe"'s public key. You and the OP are entirely correct that there is virtually nothing nefarious that can be done with someone's public key.
The point is, HOW do you know that the key labeled "Joe's Public Key" actually is Joe's and not a key created by someone doing a Joe job on Joe? (PS. Since you know what wikipedia is, I won't insult you by tel
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Heads up - governments have large resources.
True, and no doubt it would be possible for a large government to monitor or control the majority of the nodes in Tor... but doing so secretly, without anyone even suspecting, when the network is fully open to the public, when anyone can start up a Tor node, when a node can be set up in any country, is much more difficult to believe. It would be like a digital version of the Truman Show - somewhat unlikely!
So the likelihood is that Tor is securely anonymous, even from large government organisations like th