and not a single Tor hacker was surprised...

[Kelly John Rose]

To verify though, this has no effect on someone using tor and staying on
.onion sites or if you are using https end-to-end right?

Honestly, if you use Tor and don't use SSL that seems like laziness to
me and deserves to be caught.

On 1/22/2014 9:54 AM, coderman wrote:
> Scientists detect “spoiled onions” trying to sabotage Tor privacy network
> Rogue Tor volunteers perform attacks that try to degrade encrypted connections.
>  by Dan Goodin - Jan 21 2014, 2:42pm PST
> http://arstechnica.com/security/2014/01/scientists-detect-spoiled-onions-trying-to-sabotage-tor-privacy-network/
> 
> or reason #16256 to crypto end to end...
> 
> ---
> 
> Computer scientists have identified almost two dozen computers that
> were actively working to sabotage the Tor privacy network by carrying
> out attacks that can degrade encrypted connections between end users
> and the websites or servers they visit.
> 
> The "spoiled onions," as the researchers from Karlstad University in
> Sweden dubbed the bad actors, were among the 1,000 or so volunteer
> computers that typically made up the final nodes that exited the
> Tor—short for The Onion Router—network at any given time in recent
> months. Because these exit relays act as a bridge between the
> encrypted Tor network and the open Internet, the egressing traffic is
> decrypted as it leaves. That means operators of these servers can see
> traffic as it was sent by the end user. Any data the end user sent
> unencrypted, as well as the destinations of servers receiving or
> responding to data passed between an end user and server, can be
> monitored—and potentially modified—by malicious volunteers. Privacy
> advocates have long acknowledged the possibility that the National
> Security Agency and spy agencies across the world operate such rogue
> exit nodes.
> 
> The paper—titled Spoiled Onions: Exposing Malicious Tor Exit Relays—is
> among the first to document the existence of exit nodes deliberately
> working to tamper with end users' traffic (a paper with similar
> findings is here). Still, it remains doubtful that any of the 25
> misconfigured or outright malicious servers were operated by NSA
> agents. Two of the 25 servers appeared to redirect traffic when end
> users attempted to visit pornography sites, leading the researchers to
> suspect they were carrying out censorship regimes required by the
> countries in which they operated. A third server suffered from what
> researchers said was a configuration error in the OpenDNS server.
> 
> The remainder carried out so-called man-in-the-middle (MitM) attacks
> designed to degrade encrypted Web or SSH traffic to plaintext traffic.
> The servers did this by using the well-known sslstrip attack designed
> by researcher Moxie Marlinspike or another common MitM technique that
> converts unreadable HTTPS traffic into plaintext HTTP. Often, the
> attacks involved replacing the valid encryption key certificate with a
> forged certificate self-signed by the attacker.
> 
> "All the remaining relays engaged in HTTPS and/or SSH MitM attacks,"
> researchers Philipp Winter and Stefan Lindskog wrote. "Upon
> establishing a connection to the decoy destination, these relays
> exchanged the destination's certificate with their own, self-signed
> version. Since these certificates were not issued by a trusted
> authority contained in TorBrowser's certificate store, a user falling
> prey to such a MitM attack would be redirected to the about:certerror
> warning page."
> 
> From Russia with love
> 
> The 22 malicious servers were among about 1,000 exit nodes that were
> typically available on Tor at any given time over a four-month period.
> (The precise number of exit relays regularly changes as some go
> offline and others come online.) The researchers found evidence that
> 19 of the 22 malicious servers were operated by the same person or
> group of people. Each of the 19 servers presented forged certificates
> containing the same identifying information. The virtually identical
> certificate information meant the MitM attacks shared a common origin.
> What's more, all the servers used the highly outdated version 0.2.2.37
> of Tor, and all but one of the servers were hosted in the network of a
> virtual private system providers located in Russia. Several of the IP
> addresses were also located in the same net block.
> 
> The researchers caution that there's no way to know that the operators
> of the malicious exit nodes are the ones carrying out the attacks.
> It's possible the actual attacks may be carried out by the ISPs or
> network backbone providers that serve the malicious nodes. Still, the
> researchers discounted the likelihood of an upstream provider of the
> Russian exit relays carrying out the attacks for several reasons. For
> one, the relays relied on a diverse set of IP address blocks,
> including one based in the US. The relays frequently disappeared after
> they were flagged as untrustworthy, researchers also noted.
> 
> The researchers identified the rogue volunteers by scanning for server
> relays that replaced valid HTTPS certificates with forged ones. That
> might have helped to detect certificate forgery attacks such as the
> one used in 2011 to monitor 300,000 Gmail users—wouldn't be detected
> using the methods devised by the researchers. The researchers don't
> believe the malicious nodes they observed were operated by the NSA or
> other government agencies.
> 
> "Organizations like the NSA have read/write access to large parts of
> the Internet backbone," Karlstad University's Winter wrote in an
> e-mail. "They simply do not need to run Tor relays. We believe that
> the attacks we discovered are mostly done by independent individuals
> who want to experiment."
> 
> While the confirmation of malicious exit nodes is important, it's not
> particularly surprising. Tor officials have long warned that Tor does
> nothing to encrypt plaintext communications once it leaves the
> network. That means ISPs, remote sites, VPN providers, and the Tor
> exit relay itself can all see the communications that aren't encrypted
> by end users and the parties they communicate with. Tor officials have
> long counseled users to rely on HTTPS, e-mail encryption, or other
> methods to ensure that traffic receives end-to-end encryption.
> 
> The researchers have proposed a series of updates to the "Torbutton"
> software used by most Tor users. Among other things, the
> proof-of-concept software fix would use an alternative exit relay to
> refetch all self-signed certificates delivered over Tor. The software
> would then compare the digital fingerprints of the two certificates.
> It's feasible that the changes might one day include certificate
> pinning, a technique for ensuring that a certificate presented by
> Google, Twitter, and other sites is the one authorized by the operator
> rather than a counterfeit one. Several hours after this article went
> live, Winter published this blog post titled What the "Spoiled Onions"
> paper means for Tor users.
>