Computers - Software Hardware : Tor: Arms Race Between Anti-Censorship and Governments

Discussion in 'Science and Technology' started by Gorilla, Dec 30, 2011.

  1. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399
    The following is an outline/summary provided by BoingBoing:
    Video Presentation:
    Project Website: https://www.torproject.org/
     
  2. JohnWillsq

    JohnWillsq Banned MEMBER

    Joined:
    Mar 28, 2012
    Messages:
    22
    Likes Received:
    7
    Gender:
    Male
    Ratings:
    +7
    what that?
     
  3. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399
    The Amnesic Incognito Live System (Tails) Live CD:https://tails.boum.org/

    This one is Debian-based. I tried it out yesterday and it worked pretty well. This is the official project life cd for all practical purposes.

    Liberte Linux Live CD: http://dee.su/liberte

    Gentoo-based. I haven't tried this one out yet but there seem to be positive reviews about how light-weight it is.


    These are complete ready to use systems that can be booted up without having to manage the browser bundles or any similar set ups.
     
  4. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399
    There were some other anonymity-oriented Linux distributions pointed out at https://prism-break.org/ (also mentioned on the site previously here: http://www.destee.com/index.php?threads/opt-out-prism-break-org.77145/ ).

    Whonix is one that is actually built with being used inside of virtual machines in mind. There's two images that can be imported into something like virtual box. After starting up both images, you have a gateway and a workstation that can be used to push traffic through Tor's network.

    I've been trying it out for the last day or so and it seems to function pretty well even though it's still in a developmental phase.

    Here's the project page and documentation: https://www.whonix.org/wiki/Main_Page
     
  5. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399
    Tor is continuing their drive to constantly improve the service and address threats to the network (traffic analysis):

    Full article: http://www.technologyreview.com/new...a-tune-up-to-protect-users-from-surveillance/
     
  6. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399

    Yep.
     
  7. Gorilla

    Gorilla Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Jan 31, 2009
    Messages:
    2,479
    Likes Received:
    1,382
    Gender:
    Male
    Ratings:
    +1,399
    Tor security advisory: "relay early" traffic confirmation attack

    SUMMARY:
    On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.

    The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.

    Unfortunately, it's still unclear what "affected" includes. We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up). The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service. In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely. And finally, we don't know how much data the attackers kept, and due to the way the attack was deployed (more details below), their protocol header modifications might have aided other attackers in deanonymizing users too.

    Relays should upgrade to a recent Tor release (0.2.4.23 or 0.2.5.6-alpha), to close the particular protocol vulnerability the attackers used — but remember that preventing traffic confirmation in general remains an open research problem. Clients that upgrade (once new Tor Browser releases are ready) will take another step towards limiting the number of entry guards that are in a position to see their traffic, thus reducing the damage from future attacks like this one. Hidden service operators should consider changing the location of their hidden service.

    full advisory: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

    Tor updates are available and hopefully they will get more information from the CMU CERT researchers to improve the tool.
     
Loading...