DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, ATi, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 26, 2014 
Main Menu

Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 106 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

RSS
RSS





 

Attack on Tor network may have exposed users for 6 months

Posted on Thursday, July 31 2014 @ 12:13:52 CEST by


The Register spreads word that an attack on the Tor network may have exposed users' identity from late January until early July. The Tor Project writes on their blog that they discovered a group of relays that they assume were trying to deanonymize users, specifically those who operate or access Tor hidden services. It's unclear what data the attackers managed to capture.
A lot of questions remain unanswered for now, but the developers behind the anonymisation network have at least been able to put together a broad overview of what seems to have happened, as explained in an advisory (extract below).

On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.

The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.

Unfortunately, it's still unclear what "affected" includes. We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up).

The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service. In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2014 DM Media Group bvba