Spying On Tor

juct writes "The long-standing suspicion that the anonymizing network TOR is abused to catch sensitive data by Chinese, Russian, and American government agencies as well as hacking groups gets new support. Members of the Teamfurry community found TOR exit-nodes which only forward unencrypted versions of certain protocols. These peculiar configurations invite speculation as to why they are set up in this way. Another tor exit node has been caught doing MITM attacks using fake SSL certificates."

Conclusion:

[Anonymous Coward]

You have to know what you're doing to have security. I know it's getting old, but plug-in security simply does not exist.

Is this not what that swedish hacker said?

[TheSciBoy]

This is what happens in a knee-jerk-reaction-based society. You point out a security flaw, instantly identifying yourself as a security threat, get thrown into jail and while your very public trial is going on, the real bad guys are utilizing the very security flaws you found to do Bad Things(TM).

Good grief.

No expectation of anonymity

[athloi]

How does anyone expect anonymity? Traffic must somewhere go through ISPs, most of which rent their upstream from large providers like AT&T, who is surely not the only large corporation to get in bed with the government or anyone else who can pay. Enough of that information loaded into a database and compared will yield information about the suspect, even if it's too complex to explain to a "jury of your peers."

If you want anonymity, SSH through a string of compromised Eastern European servers to a comfortably log-agnostic Indonesian ISP, and do all your surfing through Lynx/Links. That's the only stab at anonymity you'll get, and they'll probably just install a keylogger anyway. Freedom is slavery.

Do fancy locks attract thieves?

[G4from128k]

Perhaps the problem is that using an anonymizer makes someone a more interesting target to authorities. Like the old adage of attacking the bank because "that's where the money is," perhaps some people are attacking Tor because "that's where the secrets are."

Not what tor was intended for!

[sammydee]

Tor was never intended to SECURE traffic. It is an ANOMYMISER. It is designed to cope with compromised nodes and still provide military grade anonymity.

It's important to remember that security and anonymity are different things.

How does a SSL MITM attack work?

[arevos]

I can't quite see how a SSL MITM attack works. Wouldn't the SSL certificate have to be registered for use with a specific domain? Could anyone explain how this would work?

Re:Is this not what that swedish hacker said?

[Frosty Piss]

The problem with the guy you're talking about is not that he pointed out some issues with TOR, but that he then proceeded to disclose 100's of user ID and password combos. Totally unnecessary and irresponsible.

any idiot should realize it's a hostile network

[SuperBanana]

Is this not what that swedish hacker said?

Is this not what anyone with a basic understanding of the most basic network/TCP concepts (ports, IP addresses, connections, that sort of thing) should have realized, if they read anything about Tor? Is this not something that the Tor project should have explained in clear language for those who do NOT have a basic understanding of networking?

It's beyond "untrusted". It's a hostile network and blatantly so, if you bother to read even a basic description of it. You should assume that your traffic will be routed out a node where a person, organization, or government is passively monitoring or actively attacking your traffic.

All this (repeated) fuss demonstrates is how many incompetent network/sysadmin people there are in the world, and how few people in the press and "blogging" community understand networking. Any idiot who knows ALL of the reasons why ssh is better than telnet (ie, answers more than just "it's encrypted, so people can't see what you're typing") should be able to tell you why Tor is a hostile network...unless they're just parroting what they've read elsewhere.

Re:Not what tor was intended for!

[Cal Paterson]

*Sure, TOR aint big fans of people chewing up BW with p2p, but better that than being sued right?

No, not "better that than be sued". You're just making tor more difficult to use for what it really is for; information censured for political reason. Tor really does help chinese nationals (at least, those that are aware of it and able to use it), you're just ramming nodes with your idiotic hollywood film traffic.

Re:Tor gives you anonymity

[Fred Ferrigno]

If checked the "Post Anonymously" button at the bottom, then ended my post by signing my name, then it's my own damn fault that my communication is no longer anonymous.

Re:Tor gives you anonymity

[arevos]

But without privacy, nothing stops them from looking that that packets contents, and finding out your name and other information.

Unless you're really really cunning and - stop me if I'm going too fast for you - don't send out your name in plaintext when trying to stay anonymous!

Above TS

[ravenspear]

but if there, would you be allowed to know of them, without having a TS yourself?

I would say yes, because there are laws governing what will happen to you if you reveal certain levels of information, i.e. TS is defined as having the potential to cause "exceptionally grave" damage to national security if disclosed inappropriately. I imagine this would carry a more stiff penalty than say releasing some mundane info that was classified as "Confidential". Having a secret level above TS causes certain problems:

1. If you are not aware of any classified scheme above TS, then how will you know such information is actually classified if you come across it. Like if I were to stumble across a folder that had a classification stamp of "ULTRA SENSITIVE QUARANTINED" I would not have any qualms discussing the contents if I so chose because I would assume the documents to be fake or otherwise not associated with the gov since that is not an official gov classification scheme.

2. If I were indeed to disclose such information how would I be prosecuted? There are no laws against disclosing ULTRA SENSITIVE QUARANTINED information, so I don't see how a case could be made. Unless of course the laws themselves were secret and a court were to rule that you could be punished even though the law was unknowable to you. But lets not even go there.

Encrypted Traffic?

[nurb432]

I thought TOR was mostly to hide your identity, not the data.

FreeNet is more about hiding the data.

Re:Please help us improve our documentation.

[CKW]

Do a little light traffic analysis and block anything that isn't encrypted. Anything that isn't "as random" as encrypted data, and anything that has plaintext in it - block.

The only way to get users to do something with any reliability is to FORCE them to do it, and to make everything else impossible.

Now someone is going to scream that they really want the ability to do plain in the clear http over TOR. Fine, ship tor clients with two modes, "insecure" and "secure". Default to the latter which only uses the half of the tor network that blocks un-encrypted traffic, and force users to select "insecure" to be able to use the other half.

Re:How can ...

[Ajehals]

Well the way I normally test to make sure a key is from who it claims to be from is to ask, or more likely because they have told me in advance using a medium that can be trusted (i.e. by phone, or any other communications method that you trust, for me to communicate with you securely getting in touch using the emails listed on /. would probably be sufficient because its not like you know who I am anyway, as long as you are talking to the person you expect to talk to it matters very little who I really am).

It is perfectly possible to fake almost any element of an email, from faking the sender, the headers, up to and including the creation and registration of encryption keys with PKI servers that have nothing to do with the person the email claims to be from (as far as an email address can claim anything). However, this is where the trust element of PKI comes in. If I sign up with a commercial supplier of PKI related products then that supplier may well carry out a number of checks to ensure that I am who I say I am, if I use a random and badly configured server on the net, it will work just as well but will not have the same level of trust. Most importantly it would then be up to you to decide if you trust my PKI provider to identify me correctly.

However disregarding the positive identification of a sender to some degree, you can get round most of the problems by using a little common sense, if you received an email from me now, encrypted and signed, all you would know is that someone had sent you an email, claiming to be me. If I call you first and tell you I am about to email you something encrypted, you can be 99.99% certain that its from me (you still don't know for sure who I am, but you know the email came from the person claiming to have sent it). More importantly we only need to go through that once, after all if I signed the message you know who I am and can can now use my public key to send me encrypted communications and you can verify that my key doesn't change between mails (unless I tell you it will be) just as I can do for you. The only remaining risk is me losing my private key, but that's what revocation is for. The big thing with PKI and mail is less to do with positively identifying someone, and everything to do with knowing it is the same person sending the mail (however you verify their identity in the first instance) or being able to ensure that only the holder of a specific private key is able to read an email you send (a key that only they have, and one they never have to share).

You decide to trust the public key and the identity of the person you are communicating with, if you blindly trust an email because its signed and it turns out its someone else then that's tough, it would be the same as assuming the mails from NatWest and Barcleys Bank I get about my account being closed unless I update my security data are valid and responding. Emails, Signatures, Keys, Passports, Letters etc.. are only valid for identification to a certain level, a level defined by the trust of the person relying on them of the system used to procure them, and the certainty they purport to provide with regard to identification.

Sorry, this post isn't all that clear and I think I rambled.

Re:trust.

[Anonymous Coward]

trust is like love, in that it must be built up over a period of time - but can be destroyed in an instant.

Oh poor guy, you have never experienced real love.

Nobody verifies SSH host keys.

[Grendel Drago]

So does SSH. It's the server fingerprint. Much like a certificate, unless you have knowledge of what it should be prior to the connection, it's hard to know you're compromised. The problem is exacerbated by inexperienced users, but fundamentally it's the issue of trusting an unknown set of credentials.

No, it's not the same. Server certificates are signed by a trusted root CA; the public key for that CA is distributed out-of-band on your operating system's installation media. You can reasonably trust that whoever you're connecting to at least went to the trouble to fool the CA.

On the other hand, SSH host keys are signed by nobody; there's no infrastructure in place to allow, for example, your sysadmin to sign SSH host keys using his own PGP mail keys, which you trust via the web-of-trust in place for that. No, you have to maintain your PGP keys and SSH keys separately, for no damned good reason, and we all just hope and pray that our SSH sessions aren't being jacked the first time we connect--and if we are jacked, we blame ourselves rather than the system that makes such stupidity practically mandatory. It's utter insanity, and it's amazing that we all put up with it.

(There was once a project to add GPG support to OpenSSH [red-bean.com], but it seems to be moribund.)