On Thu, 2012-10-04 at 05:07 +0300, Sampo Syreeni wrote:
On 2012-10-03, Ted Smith wrote:
So it actually assumes that the targeted hidden service is running a Tor relay _and_ an open HTTP server.
The basic attack pattern is extensible to a relay and any service which can be correlated with each other, through any sufficiently selective metadata divulged by both services. It ain't a new one, either; I seem to remember this sort of stuff being done from at least 2008, which prolly makes the idea older since I'm not exactly a pro in the field.
The general statistical attack pattern is correlate, accumulate and intersect. The research behind Tor talks about this stuff already, and notes it cannot be stopped if we presume the relay operator leaks such correlated information. So yes, you ought to be worried -- as the operator of a hidden service.
This particular script that is currently being hyped up on Reddit as "de-anonymizing most Tor hidden servers" simply makes too many assumptions to be feasible. Yes, this sort of attack is feasible in principle, and this script will probably work if you find a hidden service that is also a relay and is also a publicly reachable HTTP server, but saying it can be carried out against most hidden services is simply false as a matter of fact. Hidden services don't need to be reachable from the Internet. They don't need to have accurate clocks. And as a result, a lot of them aren't vulnerable to a program on the Internet that is being marketed as reliably de-anonymizing hidden services. To summarize: * This is not a novel attack * This particular variant of the attack ("clockskewer") is not effective against many if not most hidden services * The people claiming it does on Reddit are scare-mongering Tor for karma, and that irritates me as someone who likes Tor and wants people who need more-secure systems to research Tor and see the stable, well-tested tool that it is, rather than hype from Reddit. -- Sent from Ubuntu [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]