Comments on: Hacking Tor – A Flaw Appears? http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/ Ethical Hacking, Penetration Testing & Computer Security Sat, 21 Nov 2009 06:04:59 +0000 http://wordpress.org/?v=2.8.6 hourly 1 By: navin http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-125381 navin Tue, 13 Jan 2009 11:14:01 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-125381 I agree chris, but fact of the matter is tht most users do use privoxy for Tor and don't really have the technical knowhow on how to set up a personal box...... tht leaves them in a state where their online security can be compromised I agree chris, but fact of the matter is tht most users do use privoxy for Tor and don’t really have the technical knowhow on how to set up a personal box…… tht leaves them in a state where their online security can be compromised

]]> By: Chris http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-125372 Chris Mon, 12 Jan 2009 18:25:01 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-125372 The problem with this paper is that they expect that the user is only using something like Privoxy for Tor. What if the user is default-routing all his TCP traffic through his own Tor proxy box? The method he uses for demasking won't work because all the TCP traffic is being routed through Tor anyway. I don't see anything groundbreaking about this paper and his methods are easily defeated. The problem with this paper is that they expect that the user is only using something like Privoxy for Tor. What if the user is default-routing all his TCP traffic through his own Tor proxy box? The method he uses for demasking won’t work because all the TCP traffic is being routed through Tor anyway.

I don’t see anything groundbreaking about this paper and his methods are easily defeated.

]]> By: ethernode http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35465 ethernode Tue, 05 Dec 2006 16:50:04 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35465 I was talking about the packetstormsecurity.org implications, not about the flaw itself. Following what i understood from the article, that would mean that tor's anonymity features are fake (because of the "sent back via DNS tunnel to an external host to confirm the real identity of the host") ? I'm beginning to guess i'm saying shit, but doesn't this back-tunnel outpass the 1-hop only feature? I was talking about the packetstormsecurity.org implications, not about the flaw itself. Following what i understood from the article, that would mean that tor’s anonymity features are fake (because of the “sent back via DNS tunnel to an external host to confirm the real identity of the host”) ? I’m beginning to guess i’m saying shit, but doesn’t this back-tunnel outpass the 1-hop only feature?

]]> By: Darknet http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35463 Darknet Tue, 05 Dec 2006 16:41:48 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35463 <strong>Brian:</strong> Yah I guess it would, anything as such can circumvent the anonymity of a proxy, that's why using something like AnonymOS is preferable. <strong>gerg:</strong> Thanks I'll check that out. <strong>ethernode:</strong> I don't think so this a flaw in any proxy based system, it's just showing how its relevant to Tor aswell. It's still the best system there is ATM. Brian: Yah I guess it would, anything as such can circumvent the anonymity of a proxy, that’s why using something like AnonymOS is preferable.

gerg: Thanks I’ll check that out.

ethernode: I don’t think so this a flaw in any proxy based system, it’s just showing how its relevant to Tor aswell. It’s still the best system there is ATM.

]]> By: ethernode http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35423 ethernode Tue, 05 Dec 2006 12:09:00 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-35423 So, if the SANS is serious about this, is tor a giant honeypot? Corporate or occult? So, if the SANS is serious about this, is tor a giant honeypot? Corporate or occult?

]]> By: gerg http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-34852 gerg Fri, 01 Dec 2006 00:17:56 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-34852 This so called paper only describe methods that are known for more than 10 years and that work with every proxy... There's no Tor specific flaws in this document. The paper title is just a way to make lamers talk and provide "instant celebrity" to his author... nothing new here If you want some real technical paper on Tor search a pdf document on how to discover the location of an hidden service using statistics based on rendez-vous nodes. This so called paper only describe methods that are known for more than 10 years and that work with every proxy…
There’s no Tor specific flaws in this document.

The paper title is just a way to make lamers talk and provide “instant celebrity” to his author… nothing new here

If you want some real technical paper on Tor search a pdf document on how to discover the location of an hidden service using statistics based on rendez-vous nodes.

]]> By: Brian http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-34823 Brian Thu, 30 Nov 2006 19:40:47 +0000 http://www.darknet.org.uk/2006/11/hacking-tor-a-flaw-appears/#comment-34823 Thanks for this post, I use tor pretty extensively myself and I have to say this is troubleing. The only thing is wouldn't this "vulnerability" fall into the same category as the already known ActiveX and Flash vulnerabilities for these plugin's requiring a direct connection with the client and thus circumventing the proxy network? Thanks for this post, I use tor pretty extensively myself and I have to say this is troubleing. The only thing is wouldn’t this “vulnerability” fall into the same category as the already known ActiveX and Flash vulnerabilities for these plugin’s requiring a direct connection with the client and thus circumventing the proxy network?

]]>