[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /sec/ - 3904



File: 1485627799822.png (249.74 KB, 300x253, bb960mzvsgby.png)

No.3904

what is up with people spreading disinfo about tor?

Like, every once in a while you'll see something like "tor is a honeypot" or "tor is compromised". What the fuarrrk? Do you really think something open-source that's under that much scrutiny could be compromised? Usually these people don't have any substantiative reason to believe what they do, either. They just say something like "it was originally funded by the military" or some bullsoykaf. Like, yeah, computers were originally built by the military, does that mean they're *all* compromised? no.

  No.3905

It's because of how Tor actually works. You're IP can't see what you're doing, but your traffic still goes through someone's endpoint. You really think the FBI hasn't at least tried to compromise some of those endpoints? I'm not too sure about i2p either. I don't know how the P2P system protects your identity against other peers.

  No.3906

>>3904
>open-source that's under that much scrutiny could be compromised?

It can.
What is exit node eavesdropping?

There are many ways in which the Tor network could be 'compromised', and those have nothing to do with the source code itself, or anything on the software side necessarily (thus rendering the open-source scrutiny point moot).
The weakness to 'compromise' lies mostly in the way the network is set up.
More specifically speaking, the exit nodes can be a point of weakness.

  No.3907

File: 1485628750837.png (73.25 KB, 200x189, 76c44b31d86345345b81d9e21c53f9ab4b5222efc2dc38af51d8589786b4069b.jpg)

Packet timming correlation attacks
Seeing how most exit nodes are government controlled and how NSA has connections with every major national agencies across the world (that can ask for local ISPs data) then I dont see how it would be problem for them to cruntch the data and pick out the who you are

  No.3908

>>3905
yes, tor's threat model assumes that bad nodes exist. That's the entire reason for onion routing.

>>3906
>More specifically speaking, the exit nodes can be a point of weakness.

yes, and the point is that an exit node doesn't know where you're connecting from.

God damn, are yall saying that the disinfo is because people don't know how tor actually works?

>>3907
>Packet timming correlation attacks

I believe that, but the actual feasability of those attacks has yet to be made clear.

>Seeing how most exit nodes are government controlled


[citation needed]

  No.3910

I'm not sure how well traffic correlation attacks work, but I've observed my downspeed through Tor severly oscillating when loading bigger files (by about 500kB/s), which at least might hint at someone trying it.

  No.3913

File: 1485695764823.png (60.88 KB, 200x155, tor-https-2.png)

>>3905
This is why you should use HTTPS as well.

https://www.eff.org/pages/tor-and-https

  No.3914

https://en.m.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses

Well here are the basics but these are just the publicly known weaknesses the NSA wants you to know about. I still think its better than nothing.

  No.3915

>>3914
>but these are just the publicly known weaknesses the NSA wants you to know about
And if they don't want you to know about it, they come to you at night and erase your memory. They do it to every researcher out there, when they discover new attacks that aren't on the public list.

  No.3917

>>3913
The problem is most of hidden services don't use https.

  No.3918

>>3917
this. hidden services should start to give themselves self-signed certs. the only problem is that self signed certs cant be verified by a CA (of course), so an addon would have to manage certs to make sure the one you're being served is the correct one. no such addon exists currently though.

  No.3919

File: 1485742526016.png (50.69 KB, 156x200, lain-wall.jpg)

>>3914
The Tor browsers comes with https everywhere blocking all non https content. The exit node you have to install a self-signed cert which you would have to accept to access your traffic.

>>3917
Hidden services don't need https to function properly. When you're using a hidden services you're not hitting a exit node. All the traffic is already encrypted so SSL is the icing on top.

>>3918
They don't need self-signed certs because lets encrypt exists.

  No.3921

>>3904
>Like, yeah, computers were originally built by the military, does that mean they're *all* compromised? no.
Yes, they all have backdoors in processors.

  No.3922

I think what people don't get / don't know how to articulate is that tor is not a magic bullet - security is hard to understand, especially if you spend your free time between anime, imageboards, and videogames, and your day job isn't in security (because it's nonexistant). That said, I' feel like there are some paid stooges pushing anti-tor rhetoric, but many regular chantrarians took it and ran with it.

kinda funny how I've never met someone in person who thinks tor is a honeypot / compromised. makes me really wonder who the people saying otherwise are

  No.3923

>>3922
I mean, the people saying its a honeypot are.

  No.3924

>>3921
And they're still backdoored to this day (see Intel ME)

  No.3925

>>3924
Intel ME is a possible malicious backdoor. We don't know for sure because we can't know how it works. I don't trust it either way, and my laptop has the ME disabled in Libreboot.

  No.3927

>>3921
>>3924

ME a) can be disabled, b) is only on some newer intel chips. If it's a backdoor, it's a soykafty backdoor.

  No.3945

>>3927
>a)
it takes considerable effort to disable, as it is independent from both the bios and operating system.

>b)

It is on every intel chip from the past 10 years

>soykafty backdoor

It has complete memory and network access, unrestricted by the os. It has complete remote access to every part of your computer, and you cant even see it.

https://libreboot.org/faq/#intelme

  No.3947

>>3908
time correlation attacks have already been proven to work look at lulsec and how sabu got caught also there was a uni that had a bomb threat where they found the student though time correlation attacks

  No.3949

>>3945
>it takes considerable effort to disable, as it is independent from both the bios and operating system.

I disabled it permanently with a simple BIOS setting.

>It has complete memory and network access, unrestricted by the os. It has complete remote access to every part of your computer, and you cant even see it.


it's a soykafty backdoor because it's public knowledge. A good backdoor is unknown.

  No.3954

>>3949
>time correlation attacks have already been proven to work look at lulsec and how sabu got caught also there was a uni that had a bomb threat where they found the student though time correlation attacks
Small caveat, but the "time correlation attack" on the student was actually way lamer than what most people call "correlation attacks" in a Tor context. In this case, the operators of the college network just went through the traffic logs around the time the mail was sent and discovered that the student was the *only* person using Tor at that time.
If people talk about "time attacks" they usually mean a guard node being able to tie you to some traffic on an exit node that is also controlled by the attacker.

  No.3955

>>3949
Disabling it in the BIOS does nothing.

  No.3956

>>3955
Yeah, that's why it's there. Great logic. If they didn't want you to disable it, why bother giving you the option to do so? Your paranoid conspiracy logic has some major flaws and that's why I can't take anything written on this board seriously. Most of you aren't security enthusiasts, you are just conspiracy theory children.

  No.3957

>>3954
It's also worth noting that when they went to his dorm to question him, he confessed before they could even ask anything.

  No.3958

>>3956
My first post actually, fairly sure it actually does nothing and I can't remember where I learned that at the minute but when I find it again I'll be sure to post here.

  No.3959

>>3956
How about Option>Placebo anyway? for one.

  No.4001

>>3947
>how sabu got caught
He got caught because his decided to log in on the IRC server they used without going through Tor. Fun fact: Tor doesn't protect you when you aren't using it.

>uni that had a bomb threat where they found the student though time correlation attacks

Was achieved because they knew the email was sent by someone using Tor and simply checked if anyone was using Tor at the university at the time the email was sent since the email was sent when they were having finals. The idiot who sent the bomb threat was the only person using Tor at the time and confessed immediately when questioned.

  No.4006

>>3947
If the student would have used a tor bridge or went anywhere else he would have been gucci

  No.4008

>>4001
time correlation attacks helped them find sabu and the same with uni case

  No.4010

>>4008
Nah fam.

The uni case has nothing to do with time. He didn't hide his traffic and the email came from a tor exit node. Pretty open and shut case.

In terms of Sabu there are two versions of the story. Either he didn't connect over to Tor before connecting to IRC or the info came from him being doxed from Efnet. Both have nothing to do with time.

http://www.theregister.co.uk/2012/03/07/lulzsec_takedown_analysis/

  No.4014

>>4008

I think you're using "time correlated attacks" in the wrong context. >>4010 mentions what you probably meant.

Time correlation attacks use arbitrary and deliberate latencies into the network to suss out who's who. They're mostly theoretical as they were proven in low-latency lab tests and not with the tor general network. That is to say those were highly contrived and serve as edge cases at best.

  No.4072

>>4014
Essentially, If you're a fragging shazbot and decide that utilizing TOR on a machine that isn't yours, on a network you can't control, and break OPsec by utilizing tools that aren't secure you can be compromised.

Nothing new under that old sun.

Barring the usual DNS, Timing Correlation Attacks, and general OPSEC fuarrrkeru that is covered in much better detail by the related vid, they can attack by either using a Traffic Correlation Attack, a Sybil Attack, or through Compromising an Entry Guard (Lab Proven Only).

In any case, these attacks are often resource intensive and either require a high-risk low probability attacker (likely a state actor), a lucky fox hunter, or simply an area virtually devoid of TOR relays.

Mind you I'm not the most well read on the subject and definitely not an authority on this topic, but this is just the information I've gathered in a limited timeframe.

TL;DR TOR itself has some kinks that might compromise some of the information you're sending but provided you follow proper procedure, does not directly compromise user anonymity.

State level actors are a serious threat for this reason as they do not need to find an exploit in TOR to unmask you and have the resources to pursue unlikely or unconventional avenues of attack.

  No.4073

>>4072
soykaf, apparently webm doesn't work here. The talk itself is from Defcon 22 "How Tor Users Got Caught". Covers the Harvard bomb threat use of timing correlation attacks and their use of DNS.

  No.4275

The funny thing is that I've seen some people talk about tor to impress girls and they describe it as scary and that people find CP form it. They never mention that most of these were traps and that most of them are gone now.

  No.4280

File: 1487529112633.png (267.56 KB, 200x200, CU-CS-1025-07.pdf)

>>3904
I'd say most fear mongering about tor comes from people that don't know how it works and people like >>3905 and >>3906 that sort of know how it works but don't fully understand it.

That said there are viable attacks against the tor network like >>3907 mentions. There have been a successful proof of concept for a timing attack in i2p that actually could de-anonymize traffic (that's what the pdf is, there have been some mitigations applied to i2p since the paper came out). The way the attack was structured it could most likely be applied to tor if the attacker has (much) more resources available.

Tor/i2p is basically the best we have though. It's very hard to stay safe from government actors. The idea that you should "stay under the radar" and avoid red flags is not viable when facing the kind of data analysis tools a government actor have. By not protecting yourself even with imperfect means you're just making their life easier.

  No.4307

Basically the more tor users we have, the more exit node volunteers we have, the slightly more secure tor becomes. It's obvious why agencies like the NSA don't like tor.

If millions of people used it, it would not even be a red flag.

  No.4334

>>4073
that is also the same talk where they said if he went off campus or used a bridge he would have never been caught. either way time correlation attack can help to deanonymize a person but alone are nothing but speculation

  No.4338

>>3917
Hidden services don't need https. They don't ever go through an exit relay (in the same sense as connections clearnet do, at least) and they have both secure encryption through the Tor protocol and identification through the hash in the URL. Having https on a hidden service is pretty redundant. They go through more than 3 relays as well.