Update your Tors - Tor security advisory: "relay early" traffic confirmation attack - cypherpunks

Update your Tors - Tor security advisory: "relay early" traffic confirmation attack

older
Re: cypherpunks Digest, Vol 14,...

coderman

30 Jul 2014 30 Jul '14

12:12 p.m.

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-c... [see also release notes per below] ''' On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected. . . . Relays should upgrade to a recent Tor release (0.2.4.23 or 0.2.5.6-alpha), to close the particular protocol vulnerability the attackers used — but remember that preventing traffic confirmation in general remains an open research problem. Clients that upgrade (once new Tor Browser releases are ready) will take another step towards limiting the number of entry guards that are in a position to see their traffic, thus reducing the damage from future attacks like this one. Hidden service operators should consider changing the location of their hidden service.

Show replies by date

Georgi Guninski

30 Jul 30 Jul

3:22 p.m.

Someone here ranted against Tor and he was called a troll IIRC... Ironically they discovered it on 4.7 :) On Wed, Jul 30, 2014 at 05:12:17AM -0700, coderman wrote:

...

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-c... [see also release notes per below] ''' On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.

The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected. . . . Relays should upgrade to a recent Tor release (0.2.4.23 or 0.2.5.6-alpha), to close the particular protocol vulnerability the attackers used — but remember that preventing traffic confirmation in general remains an open research problem. Clients that upgrade (once new Tor Browser releases are ready) will take another step towards limiting the number of entry guards that are in a position to see their traffic, thus reducing the damage from future attacks like this one. Hidden service operators should consider changing the location of their hidden service.

rysiek

4 Aug 4 Aug

5:36 p.m.

Dnia środa, 30 lipca 2014 18:22:41 Georgi Guninski pisze:

...

Someone here ranted against Tor and he was called a troll IIRC...

Nobody said Tor is perfect. But making the assumption Tor is made imperfect on purpose by Tor developers, because they are funded by US money (that's the rant you're referring to, right?) is a bit... rich. -- Pozdr rysiek

Cathal Garvey

7:33 p.m.

A less controversial reading of the (US Govt Money) >>= Tor "thing" is that, while the Tor devs may be doing their best, Tor is ultimately an asset to the US Intelligence apparatus rather than a liability. That is, perhaps they haven't convinced the Tor devs to insert backdoors in anything, but Tor remains something that helpfully concentrates dissidents while not overly inhibiting the government's ability to round them up and imprison them when needed. Part of this is plausible because endpoint security; 'nuff said, especially as JS is enabled by default in the TBB. Part of this is plausible because there are plenty of NSA docs in the wild suggesting that while they can't anonymise everyone at once, they also don't feel the need to as they can usually anonymise the subset they care about eventually. While the Tor devs seem to have a callous disregard for this line of inquiry (which in itself is worrying), to me it's a healthy thing to bear in mind. The bottom line is that we're dealing with a piece of software that purports to blind the world's biggest and most politically powerful surveillance state, yet receives virtually all of its funding from that same surveillance state. Draw your own conclusions based on a weighting of (ability of individuals to hide traffic from the state) / (ability of the state to obfuscate intelligence traffic) and taking into consideration how much smaller the threat model is for a state apparatus with known trusted servers and alternative traffic routes through compromised botnets and embassies around the world. Me, I'm more hopeful for i2p; it's just a pity that it's so oddly put together right now. On 04/08/14 18:36, rysiek wrote:

...

Dnia środa, 30 lipca 2014 18:22:41 Georgi Guninski pisze:

...
Someone here ranted against Tor and he was called a troll IIRC...

Nobody said Tor is perfect. But making the assumption Tor is made imperfect on purpose by Tor developers, because they are funded by US money (that's the rant you're referring to, right?) is a bit... rich.

-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com

rysiek

5 Aug 5 Aug

10:19 p.m.

Dnia poniedziałek, 4 sierpnia 2014 20:33:29 Cathal Garvey pisze:

...

A less controversial reading of the (US Govt Money) >>= Tor "thing" is that, while the Tor devs may be doing their best, Tor is ultimately an asset to the US Intelligence apparatus rather than a liability. That is, perhaps they haven't convinced the Tor devs to insert backdoors in anything, but Tor remains something that helpfully concentrates dissidents while not overly inhibiting the government's ability to round them up and imprison them when needed.

Yeah, that's a legitimate worry, but one that is far from being black or white (as in: it's really hard to assess the net impact of such a tactic, and how effective it really is).

...

Part of this is plausible because endpoint security; 'nuff said, especially as JS is enabled by default in the TBB.

I would love to see JS disabled by default (blocked via NoScript, which is installed by default in TBB).

...

Part of this is plausible because there are plenty of NSA docs in the wild suggesting that while they can't anonymise everyone at once, they also don't feel the need to as they can usually anonymise the subset they care about eventually.

Thing is: even with that taken into account, Tor is of great value, as it actually *raises the costs* of surveillance; consider: http://smarimccarthy.is/blog/2014/05/28/engineering-our-way-out-of-fascism/

...

While the Tor devs seem to have a callous disregard for this line of inquiry (which in itself is worrying), to me it's a healthy thing to bear in mind. The bottom line is that we're dealing with a piece of software that purports to blind the world's biggest and most politically powerful surveillance state, yet receives virtually all of its funding from that same surveillance state.

One of the things I have learnt during the years of my brushing shoulders with Teh Gummint (public consultations, conferences, etc) is that a huge bureaucracy like a government is bound to have conflicting interests and fund/take conflicting actions. Governments are not homogeneous, to say the least. So I can see how a government can fund a tool that is useful for one of the departments or agencies, and which at the same time is detrimental to actions of some other department or agency. There's no Huge Plan Or Conspiracy behind it. Just Hanlon's razor, if anything.

...

Draw your own conclusions based on a weighting of (ability of individuals to hide traffic from the state) / (ability of the state to obfuscate intelligence traffic) and taking into consideration how much smaller the threat model is for a state apparatus with known trusted servers and alternative traffic routes through compromised botnets and embassies around the world.

Yup.

...

Me, I'm more hopeful for i2p; it's just a pity that it's so oddly put together right now.

Care to elaborate on the "oddly put together" part? -- Pozdr rysiek

Juan

11:31 p.m.

On Wed, 06 Aug 2014 00:19:17 +0200 rysiek wrote:

...

One of the things I have learnt during the years of my brushing shoulders with Teh Gummint (public consultations, conferences, etc) is that a huge bureaucracy like a government is bound to have conflicting interests and fund/take conflicting actions.

Governments are not homogeneous, to say the least.

Governments are pretty homoneneous criminal organizations. The fact that sometimes different government factions within a given government quarrel a bit over the spoils is basically meaningless, from the point of view of government victims at least. In the case of tor - employees of the american nazi military, it should be pretty obvious that they are aligned with american nazi policies, despite their hypocritical alleged support for 'free speech'. By the way, if the american nazi government had to fund something like tor, what would be the best approach? Two options : One, try to do it secretly. Problem is, it's difficult and sooner or later (sooner) people would find out and the project reputation would rightfully suffer. So what to do? Well, hide in plain sight! Get the money openly from the government and brag about how 'transparent' the scam is!! Clever.

...

So I can see how a government can fund a tool that is useful for one of the departments or agencies, and which at the same time is detrimental to actions of some other department or agency.

As mentioned ad nauseam tor is 'useful' for the 'intelligence' 'community'.

...

There's no Huge Plan Or Conspiracy behind it. Just Hanlon's razor, if anything.

bla bla bla Name calling! You are a witch! You are a conspiracy theorist!! You hate AMERIKKKAAA!!!! Absolutely none of the government actions are secret. Especially things done by the most brutal faction, the military. Anything the military do is public, published in www.nazis.org and for the common good!!!

...

...
Draw your own conclusions based on a weighting of (ability of individuals to hide traffic from the state) / (ability of the state to obfuscate intelligence traffic) and taking into consideration how much smaller the threat model is for a state apparatus with known trusted servers and alternative traffic routes through compromised botnets and embassies around the world.

Yup.

...
Me, I'm more hopeful for i2p; it's just a pity that it's so oddly put together right now.

Care to elaborate on the "oddly put together" part?

rysiek

6 Aug 6 Aug

9:13 a.m.

Dnia wtorek, 5 sierpnia 2014 20:31:26 Juan pisze:

...

On Wed, 06 Aug 2014 00:19:17 +0200

rysiek wrote:

...
One of the things I have learnt during the years of my brushing shoulders with Teh Gummint (public consultations, conferences, etc) is that a huge bureaucracy like a government is bound to have conflicting interests and fund/take conflicting actions.

Governments are not homogeneous, to say the least.

Governments are pretty homoneneous criminal organizations. The fact that sometimes different government factions within a given government quarrel a bit over the spoils is basically meaningless, from the point of view of government victims at least.

Well, obviously you haven't much experience with how governments look from the inside. Ministries and departments have different and conflicting policies regarding some of their overlapping responsibilities, and the flow of information is a real problem. Add to that some personal animosities and ambitions and you get a clusterfuck of an organisation. A clusterfuck leaving quite a lot of space for projects like Tor. -- Pozdr rysiek

Juan

11 Aug 11 Aug

8:24 p.m.

On Wed, 06 Aug 2014 11:13:10 +0200 rysiek wrote:

...

Dnia wtorek, 5 sierpnia 2014 20:31:26 Juan pisze:

...
On Wed, 06 Aug 2014 00:19:17 +0200

rysiek wrote:

...
One of the things I have learnt during the years of my brushing shoulders with Teh Gummint (public consultations, conferences, etc) is that a huge bureaucracy like a government is bound to have conflicting interests and fund/take conflicting actions.

Governments are not homogeneous, to say the least.

Governments are pretty homoneneous criminal organizations. The fact that sometimes different government factions within a given government quarrel a bit over the spoils is basically meaningless, from the point of view of government victims at least.

Well, obviously you haven't much experience with how governments look from the inside.

...but I do have some inside information about the 'legal system', having been raised by lawyers =P

...

Ministries and departments have different and conflicting policies regarding some of their overlapping responsibilities, and the flow of information is a real problem. Add to that some personal animosities and ambitions and you get a clusterfuck of an organisation.

Yes, all of that is true. I am aware of the fact that there are different factions inside a government. I did explicitly mention that. It doesn't affect my argument(s) though.

...

A clusterfuck leaving quite a lot of space for projects like Tor.

Sorry, but that's circular. You *assume* tor isn't designed as a tool to further imperial american policies and you arrive at the conclusion that there are some 'good guys' in the US government. Too bad your assumption is what you actually need to prove. The argument here is that tor is a small network that can be more or less easily 'traffic analyzed' by the US government - the same government that created it. This is not 'rocket science'...

rysiek

9:09 p.m.

Dnia poniedziałek, 11 sierpnia 2014 17:24:08 Juan pisze:

...

On Wed, 06 Aug 2014 11:13:10 +0200

rysiek wrote:

...
Dnia wtorek, 5 sierpnia 2014 20:31:26 Juan pisze:

...
On Wed, 06 Aug 2014 00:19:17 +0200

rysiek wrote:

...
One of the things I have learnt during the years of my brushing shoulders with Teh Gummint (public consultations, conferences, etc) is that a huge bureaucracy like a government is bound to have conflicting interests and fund/take conflicting actions.

Governments are not homogeneous, to say the least.

Governments are pretty homoneneous criminal organizations.

The fact that sometimes different government factions within a

given government quarrel a bit over the spoils is basically meaningless, from the point of view of government victims at least.

Well, obviously you haven't much experience with how governments look from the inside.

...but I do have some inside information about the 'legal system', having been raised by lawyers =P

...
Ministries and departments have different and conflicting policies regarding some of their overlapping responsibilities, and the flow of information is a real problem. Add to that some personal animosities and ambitions and you get a clusterfuck of an organisation.

Yes, all of that is true. I am aware of the fact that there are different factions inside a government. I did explicitly mention that. It doesn't affect my argument(s) though.

...
A clusterfuck leaving quite a lot of space for projects like Tor.

Sorry, but that's circular.

You *assume* tor isn't designed as a tool to further imperial american policies and you arrive at the conclusion that there are some 'good guys' in the US government.

No, I didn't say there are any "good guys" (nor that there aren't any, mind you). But even between a clusterfuck of "bad guys", each dragging in their own direction, simply *because* they are dragging all in different directions, there might be space for some neat projects. Think of it as a hack on the system. Guy A needs total secrecy of communication for their moles in third world countries and finances a tool that incidentally is a huge PITA for guy B, that tries to surveil everything and everybody. Guy A and guy B are far enough from each other (system/hierarchy/department/competence-wise) that they do not co-operate, nor even know of each other too well. Or: they know of each other and are in a state of "cold war" for resources or ambition-related aims. -- Pozdr rysiek

3692

Age (days ago)

3704

Last active (days ago)

List overview

Download

8 comments

5 participants

participants (5)

Cathal Garvey
coderman
Georgi Guninski
Juan
rysiek