and not a single Tor hacker was surprised...

[Griffin Boyce]

   To be fair, literally no one who works on Tor or Tor-related projects 
is surprised.  This is addressed at nearly every talk, nearly every 
workshop, and people are pretty open about it as a feature of the 
landscape.  That most of these are low-speed exits is pretty telling.  
Most bad exits are designed to inject/replace ads, which is pretty 
stupid.  If you catch someone doing this, share their ad code so they 
can be reported to ad networks and lose the money they were trying to make.

   However, the balance of probability has it that any given user is 
likely to be fine.  Enforce https and don't accept random certificate 
errors.  If you're getting a certificate error, click New Identity and 
you'll find that most magically disappear (and those that don't are 
typically issues with the website itself - don't patronize 
poorly-secured websites).

   What do I mean by "balance of probability"?  Well, if you use Tor, 
there's about a 90% chance you'll pass through an exit run by someone I 
know, and a quite good chance that you'll specifically exit through a 
Torservers node.

   My point being that the only real answer to this problem is network 
diversity.  If you're concerned about "spoiled onions," run a node!  
Don't have the time/money/interest? Donate to Torservers or Nos Oignons 
or Noisetor so that they can run more exit nodes.

~Griffin

On 01/22/2014 09:54 AM, coderman wrote:
> Scientists detect “spoiled onions” trying to sabotage Tor privacy network
> Rogue Tor volunteers perform attacks that try to degrade encrypted connections.
>   by Dan Goodin - Jan 21 2014, 2:42pm PST
> http://arstechnica.com/security/2014/01/scientists-detect-spoiled-onions-trying-to-sabotage-tor-privacy-network/
>
> or reason #16256 to crypto end to end...
>
> ---
>
> Computer scientists have identified almost two dozen computers that
> were actively working to sabotage the Tor privacy network by carrying
> out attacks that can degrade encrypted connections between end users
> and the websites or servers they visit.
>
> The "spoiled onions," as the researchers from Karlstad University in
> Sweden dubbed the bad actors, were among the 1,000 or so volunteer
> computers that typically made up the final nodes that exited the
> Tor—short for The Onion Router—network at any given time in recent
> months. Because these exit relays act as a bridge between the
> encrypted Tor network and the open Internet, the egressing traffic is
> decrypted as it leaves. That means operators of these servers can see
> traffic as it was sent by the end user. Any data the end user sent
> unencrypted, as well as the destinations of servers receiving or
> responding to data passed between an end user and server, can be
> monitored—and potentially modified—by malicious volunteers. Privacy
> advocates have long acknowledged the possibility that the National
> Security Agency and spy agencies across the world operate such rogue
> exit nodes.
>
> The paper—titled Spoiled Onions: Exposing Malicious Tor Exit Relays—is
> among the first to document the existence of exit nodes deliberately
> working to tamper with end users' traffic (a paper with similar
> findings is here). Still, it remains doubtful that any of the 25
> misconfigured or outright malicious servers were operated by NSA
> agents. Two of the 25 servers appeared to redirect traffic when end
> users attempted to visit pornography sites, leading the researchers to
> suspect they were carrying out censorship regimes required by the
> countries in which they operated. A third server suffered from what
> researchers said was a configuration error in the OpenDNS server.
>
> The remainder carried out so-called man-in-the-middle (MitM) attacks
> designed to degrade encrypted Web or SSH traffic to plaintext traffic.
> The servers did this by using the well-known sslstrip attack designed
> by researcher Moxie Marlinspike or another common MitM technique that
> converts unreadable HTTPS traffic into plaintext HTTP. Often, the
> attacks involved replacing the valid encryption key certificate with a
> forged certificate self-signed by the attacker.
>
> "All the remaining relays engaged in HTTPS and/or SSH MitM attacks,"
> researchers Philipp Winter and Stefan Lindskog wrote. "Upon
> establishing a connection to the decoy destination, these relays
> exchanged the destination's certificate with their own, self-signed
> version. Since these certificates were not issued by a trusted
> authority contained in TorBrowser's certificate store, a user falling
> prey to such a MitM attack would be redirected to the about:certerror
> warning page."
>
>  From Russia with love
>
> The 22 malicious servers were among about 1,000 exit nodes that were
> typically available on Tor at any given time over a four-month period.
> (The precise number of exit relays regularly changes as some go
> offline and others come online.) The researchers found evidence that
> 19 of the 22 malicious servers were operated by the same person or
> group of people. Each of the 19 servers presented forged certificates
> containing the same identifying information. The virtually identical
> certificate information meant the MitM attacks shared a common origin.
> What's more, all the servers used the highly outdated version 0.2.2.37
> of Tor, and all but one of the servers were hosted in the network of a
> virtual private system providers located in Russia. Several of the IP
> addresses were also located in the same net block.
>
> The researchers caution that there's no way to know that the operators
> of the malicious exit nodes are the ones carrying out the attacks.
> It's possible the actual attacks may be carried out by the ISPs or
> network backbone providers that serve the malicious nodes. Still, the
> researchers discounted the likelihood of an upstream provider of the
> Russian exit relays carrying out the attacks for several reasons. For
> one, the relays relied on a diverse set of IP address blocks,
> including one based in the US. The relays frequently disappeared after
> they were flagged as untrustworthy, researchers also noted.
>
> The researchers identified the rogue volunteers by scanning for server
> relays that replaced valid HTTPS certificates with forged ones. That
> might have helped to detect certificate forgery attacks such as the
> one used in 2011 to monitor 300,000 Gmail users—wouldn't be detected
> using the methods devised by the researchers. The researchers don't
> believe the malicious nodes they observed were operated by the NSA or
> other government agencies.
>
> "Organizations like the NSA have read/write access to large parts of
> the Internet backbone," Karlstad University's Winter wrote in an
> e-mail. "They simply do not need to run Tor relays. We believe that
> the attacks we discovered are mostly done by independent individuals
> who want to experiment."
>
> While the confirmation of malicious exit nodes is important, it's not
> particularly surprising. Tor officials have long warned that Tor does
> nothing to encrypt plaintext communications once it leaves the
> network. That means ISPs, remote sites, VPN providers, and the Tor
> exit relay itself can all see the communications that aren't encrypted
> by end users and the parties they communicate with. Tor officials have
> long counseled users to rely on HTTPS, e-mail encryption, or other
> methods to ensure that traffic receives end-to-end encryption.
>
> The researchers have proposed a series of updates to the "Torbutton"
> software used by most Tor users. Among other things, the
> proof-of-concept software fix would use an alternative exit relay to
> refetch all self-signed certificates delivered over Tor. The software
> would then compare the digital fingerprints of the two certificates.
> It's feasible that the changes might one day include certificate
> pinning, a technique for ensuring that a certificate presented by
> Google, Twitter, and other sites is the one authorized by the operator
> rather than a counterfeit one. Several hours after this article went
> live, Winter published this blog post titled What the "Spoiled Onions"
> paper means for Tor users.