Ethical Tor
Mirimir
mirimir at riseup.net
Thu Nov 12 01:25:14 PST 2015
On 11/11/2015 09:53 PM, coderman wrote:
> On 11/11/15, Mirimir <mirimir at riseup.net> wrote:
>> ...
>> Anyway, CMU's attack did manage to compromise some onion services, most
>> notably SR2.[0] And I'm not impressed with the Tor Project's
>> performance. They apparently ignored the CMU attack for five months.
>
> this was a very subtle attack in circuit behavior!
Yes, it was subtle. But it was also, as I understand it, pointless
except as an attack. And it was new behavior, right?
But still, it wasn't fair to say "ignored". They just didn't see it.
> additional debugging / logging had to be added to be able to track
> down what was going on, and even then it was a challenge to determine
> the attack technique.
Right. And they apparently didn't start looking until the Black Hat talk
was announced. I did note that they might have been blindsided by a zero
day vulnerability.
> how would you have spotted it?
I'm not technical enough to answer that. But generally, I think that
they ought to put more effort into monitoring. Especially for new
relays. Look for anything unusual.
More information about the cypherpunks
mailing list