Comment on Tor anonymity infiltrated: Law enforcement monitors servers successfully

InvertedParallax@lemm.ee ⁨2⁩ ⁨months⁩ ago

2 things:

  1. This seems to be a specific attack for their IM protocol if the entry node was compromised, and could be placed nearby the client. To make this much easier, you’d want to compromise both the entry and exit nodes (in this case exit node is TOR native, so it’s more like internal node).

This has never been unknown, this is one of the fundamental attack vectors against TOR, the IM protocol seemed to make correlation easier due to its real time nature.

They added a protection layer called Vanguard, to ensure the internal exit nodes were fixed to reduce the likelihood that you could track a circuit with a small number of compromised internal exit nodes. This seems like it would help due to reducing likelihood of sampling.

  1. TOR has always been vulnerable, the issue is the resources needed are large, and specifically, the more competition for compromising nodes the more secure it is. Basically now the NSA is probably able to compromise most connections, and they wouldn’t announce this and risk their intelligence advantage unless there was an extremely valuable reason. They definitely wouldn’t do so because a drug dealer was trying to make a sale. Telling normal law enforcement basically ends their advantage, so they won’t.

Other state actors might try, but they’re not in the same league in terms of resources, IIRC there are a LOT of exit nodes in Virginia.

tl;dr - The protocol is mostly safe, it doesn’t matter if people try to compromise it, the nature of TOR means multiple parties trying to compromise nodes make the network more secure as each faction hides a portion of data from the others, and only by sharing can the network be truly broken. Good luck with that.

source
Sort:hotnewtop