Tor security advisory: "relay early" traffic confirmation attack

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack


Comments


[12 Points] queryox1:

Article really needs more attention. :|

On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.


[10 Points] thenine9:

bigger implications for hidden site operators here than users. the dnm admins that understand the implications here will have sweaty palms atm

the blackhat talk almost certainly targeted DNM's, I bet they would have bragged in their demo about unmasking the real IP for some major DNM services - no better way to demonstrate "breaking tor"

now you hope that your fav dnm was running at a level where having their real IP leak wouldn't compromise their operation.

I bet 95% of DNMs would fail that test


[7 Points] OnlySleepsWithAFanOn:

You went to cinema


[3 Points] None:

[deleted]


[1 Points] None:

I think all of yous are cops! You'll never catch me alive! Ya dirty pigs


[1 Points] sharpshooter789:

I bet this was from the researchers at CMU. They were the ones who claimed to have crack tor. It's also possible they provided the research to law enforcement and that's why they are unable to present at the black hat conference.


[1 Points] lopeor:

Tor has never and will never protect against traffic confirmation attacks, as stated in their blog since 2009 (https://blog.torproject.org/blog/one-cell-enough). What I don't get is how this attack isn't used more often to deanonymise users. According to this papers it is possible and there's nothing to do about it, so how the fuck are DNM even possible in this scenario?


[-1 Points] None:

[deleted]