http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF IBM Advises Businesses To Block Tor With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise. New data from IBM's X-Force research team shows steady increase in SQL injection and distributed denial-of-service attacks as well as vulnerability reconnaissance activity via the Tor anonymizing service.
On Wed, 2015-08-26 at 18:51 -0400, grarpamp wrote:
http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
IBM Advises Businesses To Block Tor
With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise.
New data from IBM's X-Force research team shows steady increase in SQL injection and distributed denial-of-service attacks as well as vulnerability reconnaissance activity via the Tor anonymizing service.
As best I can tell, the article refers to blocking access from the corporate network to Tor, not necessarily e.g. blocking Tor exit node connections to external corporate web servers. They also recommend things like blocking personal VPN servers. My concern is that they take the stance that allowing Tor is a liability. Sure, there are people who will abuse Tor, but the benefits of being able to access, say, Pepsi's web site without revealing you're doing so from Coca-Cola's corporate network should not be ignored. That's what Tor was originally intended to be used for, among other things. I concede it was inevitable that some would use it for evil, but isn't that true about a lot of things? -- Shawn K. Quinn <skquinn@rushpost.com>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I can understand a cautionary approach to Tor at a time when attacks are evident - see some of my past humming and hawing about this sort of subject (where I am posting as ABISprotocol) in an OB thread here: https://github.com/OpenBazaar/OpenBazaar/issues/866 But in the end despite the (vulnerabilities relating to Tor / I2P use) at that time I didn't conclude people should stop using it, just that they should be careful about it and be aware of the limitations of the software. This particular e-mail ('IBM Advises Businesses To Block Tor') caught my eye and seemed rather odd, because in the not-so-distant past, IBM and Microsoft were actually studying (and even promoting) certain types of anonymity solutions. To wit: Direct Anonymous Attestation http://www.zurich.ibm.com/security/daa/ "As...profiling is privacy invasive, we have proposed a way to use direct anonymous attestation such that the detection of rogue TPMs and actually granting/requesting the access are performed in two different unlinkable transactions..." (Gee, IBM, isn't that, like, the evil anonymity stuff?) Idemix / Identity Mixer http://www.zurich.ibm.com/idemix/ These above two links were mentioned / highlighted last year by Microsoft staff at the W3C 'Web Cryptography Next Steps' event which I attended and had a position paper accepted at: http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/report.html While I've never trusted Microsoft Windows (much) - having left that platform long ago for the comfort of Linux - it does seem rather odd that they would state (as they did in their recent article) that "Corporate networks really have little choice but to block communications to these stealthy networks." You have to wonder who is the desperate fail person who authored that conclusion to their recent article.* - - O *Reference: http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN .PDF On 08/26/2015 03:51 PM, grarpamp wrote:
http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086US EN.PDF
IBM Advises Businesses To Block Tor
With Tor-based attacks on the rise, IBM says it's time to stop Tor in the enterprise.
New data from IBM's X-Force research team shows steady increase in SQL injection and distributed denial-of-service attacks as well as vulnerability reconnaissance activity via the Tor anonymizing service.
- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJV3qSRAAoJEGxwq/inSG8CzdwH/2LUl88VDcE7D6zOLwO6h4+1 4LKkIeRTrM2uOdXgmcrEAbixPbvRcdI3Tz3g2tARIPJcGwY4M8diRFH0Xekq8dE9 E5qmMN7QIOgCH0RdCEmGYUaX3oA2RJfaq3G8WN+8lOP1dpywCjKKUM57PCJ4GZqq PCsrlVO8AY2+QrxdCLbokAypPAPlBONcVXsOh4kdM1KwPW1DefR+MuZcUfLcTkFs SScIqQ6u7L3XDAXl4WRGrRvheKpNU59tmHfYRGAhA7aWFT//PImuXUmatXIbEZIi n6H8WkGqUXkT1d0yZYrDNIQALxgrqizSNDhD7g7CPdsdaX/AdYkLQXUU/3+prb8= =0R6t -----END PGP SIGNATURE-----
participants (3)
-
grarpamp
-
odinn
-
Shawn K. Quinn