A Mysterious Threat Actor is Running Hundreds of Malicious Tor Relays (therecord.media) 20
Since at least 2017, a mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network in what a security researcher has described as an attempt to deanonymize Tor users. The Record: Tracked as KAX17, the threat actor ran at its peak more than 900 malicious servers part of the Tor network, which typically tends to hover around a daily total of up to 9,000-10,000. Some of these servers work as entry points (guards), others as middle relays, and others as exit points from the Tor network.
Their role is to encrypt and anonymize user traffic as it enters and leaves the Tor network, creating a giant mesh of proxy servers that bounce connections between each other and provide the much-needed privacy that Tor users come for. Servers added to the Tor network typically must have contact information included in their setup, such as an email address, so Tor network administrators and law enforcement can contact server operators in the case of a misconfiguration or file an abuse report. However, despite this rule, servers with no contact information are often added to the Tor network, which is not strictly policed, mainly to ensure there's always a sufficiently large number of nodes to bounce and hide user traffic.
Their role is to encrypt and anonymize user traffic as it enters and leaves the Tor network, creating a giant mesh of proxy servers that bounce connections between each other and provide the much-needed privacy that Tor users come for. Servers added to the Tor network typically must have contact information included in their setup, such as an email address, so Tor network administrators and law enforcement can contact server operators in the case of a misconfiguration or file an abuse report. However, despite this rule, servers with no contact information are often added to the Tor network, which is not strictly policed, mainly to ensure there's always a sufficiently large number of nodes to bounce and hide user traffic.
Dupe (Score:4, Informative)
This was posted a couple of days ago:
https://tech.slashdot.org/stor... [slashdot.org]
Re: (Score:3)
This was posted a couple of days ago:
https://tech.slashdot.org/stor... [slashdot.org]
"History repeats itself, first as tragedy, second as farce."
Re:Dupe (Score:5, Funny)
This was posted a couple of days ago:
https://tech.slashdot.org/stor... [slashdot.org]
This copy was probably posted using Tor and it just took this long to work its way through ...
Re: (Score:2)
Dupe (Score:1)
Mysterious editor (Score:5, Funny)
Mysterious editor is posting hundreds of duplicate stories
Re: (Score:3)
Mysterious threat editor is posting hundreds of duplicate stories
FTFY
"Related Links" might help....eventually. (Score:2)
Perhaps if the "Related Links" at the bottom of each page actually worked, they could be checked against duplicates....
TOR network a literal NSA dragnet the whole time. (Score:1, Insightful)
(And nobody will be less surprised by this than me.)
Re: (Score:2)
Mod parent up.
As regards the "dupe" calls, maybe the story was censored here? It's the kind of thing I think I would have remembered if I had seen it. So maybe the NSA figured out a way to censor the story, too?
However, I suspect it's just the intrinsic badness of the Slashdot top page. What is sacred about 15 stories? What happens if there are 16 good stories in a short period of time? (Though I still think the "good" stories should disappear more slowly.)
Re: (Score:3)
It's still there, there's a hyperlink above in a post by an AC.
https://tech.slashdot.org/stor... [slashdot.org]
Re: (Score:2)
Yes, I know that stories persist after they fall off of the front page, but they are effectively expired at that point. My point was that the arbitrary 15-story limit may be the cause of many of the "timing" problems. Of course it's a subjective judgement about which stories to use, but few people are going to search for the older ones if it ran over 15 since the last visit.
Disclaimer? My own reading pattern is to look at the newest stories as "time sensitive discussions and probably about to go awry" and t
It's like deja vu all over again (Score:1)
the two second attention span strikes (Score:2)
If we can't remember what stories have been accepted for moderation a few days later, then what good is having moderation?
Re: (Score:2)
moderation is all about enforcing the tos, and here's the catch: there is no provision in the tos against duplicates.
Re: (Score:2)
except when you moderate a story up to get it put onto the site. There's a lot of pending things out there, they get voted up or down and commented on. Those that are considered OK are put onto the main feed; that's moderating too. if we can't even remember what was pushed out two to three days later than we're not paying attention.
some editor pulled the trigger on this one (Score:2)
I'm sure some malicious actor is responsible for this posting, but I know it's not me.