what happened to the hidden wiki??
is it just me or has the hidden-wiki disappeared? a tor user wishes to know
Re: what happened to the hidden wiki??
is it just me or has the hidden-wiki disappeared? Perhaps it was down when you checked or something else went wrong, regardless, it's there (and worked for me) now.
How can I trust all my Tor nodes in path
Hi. I have read in the Tor documentation that the number of Tor routers in a path is hard-coded at 3. And I understand that the path changes every 10 minutes (except for active connections). As a client not running a server, how am I sure that at least one of the nodes in the path can be trusted? A little math: assume there are 200 Tor routers, some of which have been compromised and owned by the same attacker. If the number compromised is small, I can be somewhat confident that at least one router is trusted. However, suppose the attacker massed a global attack on the Tor network: all at once the attacker introduces 10,000 new routers into the network, all of which he has control of. Now, when I choose 3 routers for my path, I only have a few that may be trusted, which are in the original 200. Has this problem been addressed elsewhere? Thank you in advance. - Access over 1 million songs - Yahoo! Music Unlimited.
Re: How can I trust all my Tor nodes in path
On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: The real danger with Tor is using sensitive information over http rather than https and mixing anonymous and non-anonymous traffic over the same circuit. Those two are the most common and most easy mistakes to make. Maybe you could answer a question for me. Should I NOT login in to a site, such as a bank, when using Tor? Or do I need to make sure it is https:? Appreciate any clarification. Thanks,
Re: How can I trust all my Tor nodes in path
On Friday 01 December 2006 20:55, Tim Warren wrote: On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: The real danger with Tor is using sensitive information over http rather than https and mixing anonymous and non-anonymous traffic over the same circuit. Those two are the most common and most easy mistakes to make. Maybe you could answer a question for me. Should I NOT login in to a site, such as a bank, when using Tor? Or do I need to make sure it is https:? Appreciate any clarification. Thanks, If you use https (and your browser hasn't complained about the ssl certificate) you're fine. The exit node can see everything (if they want) over http. Everything after the exit node is just as good or bad as if you weren't using tor. Tor just adds an extra guy to the chain of *reputable* carriers who *could* monitor your traffic - and it is best practice to assume that at least the tor exit node is doing exactly that. see http://tor.unixgu.ru -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: How can I trust all my Tor nodes in path
Thank you, just trying to make sure I understand. I will also follow that link. On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: On Friday 01 December 2006 20:55, Tim Warren wrote: On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: The real danger with Tor is using sensitive information over http rather than https and mixing anonymous and non-anonymous traffic over the same circuit. Those two are the most common and most easy mistakes to make. Maybe you could answer a question for me. Should I NOT login in to a site, such as a bank, when using Tor? Or do I need to make sure it is https:? Appreciate any clarification. Thanks, If you use https (and your browser hasn't complained about the ssl certificate) you're fine. The exit node can see everything (if they want) over http. Everything after the exit node is just as good or bad as if you weren't using tor. Tor just adds an extra guy to the chain of *reputable* carriers who *could* monitor your traffic - and it is best practice to assume that at least the tor exit node is doing exactly that. see http://tor.unixgu.ru -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net -- Tim Warren SD CA USA
Re: How can I trust all my Tor nodes in path
Robert Hogan writes: Take a look again at the FAQ. The anonymity of Tor isn't predicated on trust. All routers on the circuit could be malicious and still fail to find out who you are. The only one that has a real chance is the last one on the circuit, the exit node - and even this one will rely on it's ability to look at the content of your traffic. That said, if someone owns all three nodes (or even the entry and exit) they could mount a timing attack and figure out who you are - at a stretch. But this really would require the entire network to be owned - and that itself would create a lot of noise to sift through. Hmmm, if someone owns (not just eavesdrops on) all three nodes, they can connect the sessions in a more reliable way than just a timing attack. One approach would be to record TCP port pairs, which temporarily identify a connection on one end with a connection on the other end. For example, my local machine knows that I'm currently using TCP port 43514 to make a connection to the SSH service on the server; the server also knows that the client connecting to it is using TCP port 43514. Thus, both ends know that client:43514 server:22 (at this particular moment) refers to the same TCP session. Tor nodes could log this information, and, if they did, it would not be a speculative matter to link circuits across servers. You would have the existence of the TCP connections client:a --- tornode1:9001 tornode1:b --- tornode2:9001 tornode2:c --- tornode3:9001 tornode3:d --- host:e where a, b, c, and d are randomly chosen TCP ports and e is the TCP port used by host for contacting a service (such as 443 for HTTPS). If all of the Tor nodes were paying attention, then tornode1 knows that its connections involving client:a and tornode1:b are part of the same circuit tornode2 knows that its connections involving tornode1:b and tornode2:c are part of the same circuit tornode3 knows that its connections involving tornode2:c and host:e are part of the same circuit Knowing all of these facts, these nodes could deduce that client:a and host:e are actually communicating with one another. This is not a timing attack and does not rely on observing any packets actually transmitted across the fully-established circuit. Malicious nodes that log this kind of information could also collaborate after the fact to correlate it, without recording large quantities of timing information. They just need TCP port pairs and accurate times when TCP connections were established. Summary: 3 malicious nodes, whether owned by the same entity or not, can work together to identify, in a straightforward and reliable way, the endpoints of a Tor circuit while the circuit is active or afterward, without having to do any timing attacks. To learn more about the relevance of TCP port numbers as connection identifiers, see RFC 793 or try running netstat (or netstat -p, if your implementation supports it) on the machines on both sides of a connection. Observe that, with the output of netstat -p on both ends, one can see which processes on one machine are talking to which processes on the other machine. -- Seth Schoen Staff Technologist[EMAIL PROTECTED] Electronic Frontier Foundationhttp://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107
Re: How can I trust all my Tor nodes in path
Thus spake Robert Hogan ([EMAIL PROTECTED]): On Friday 01 December 2006 20:55, Tim Warren wrote: On 12/1/06, Robert Hogan [EMAIL PROTECTED] wrote: The real danger with Tor is using sensitive information over http rather than https and mixing anonymous and non-anonymous traffic over the same circuit. Those two are the most common and most easy mistakes to make. Maybe you could answer a question for me. Should I NOT login in to a site, such as a bank, when using Tor? Or do I need to make sure it is https:? Appreciate any clarification. Thanks, If you use https (and your browser hasn't complained about the ssl certificate) you're fine. The exit node can see everything (if they want) over http. Everything after the exit node is just as good or bad as if you weren't using tor. Tor just adds an extra guy to the chain of *reputable* carriers who *could* monitor your traffic - and it is best practice to assume that at least the tor exit node is doing exactly that. see http://tor.unixgu.ru It is also wise not to log in to any form over plain http, even if the form posts to an https url. This is true not just over Tor, but pretty much anywhere an attacker can manage to position themselves to rewrite your traffic, which is pretty much anywhere. Many, many, many banking sites completely disregard this attack vector in favor of ease of use. Even if the target action of a form is https, if you have retrieved the form via plain http, that post can be rewritten to go anywhere. An http redirect later and you're logged in to your banking site, no harm no foul. Except to your account balance, of course :) If your bank is braindamaged in this way, usually giving it a bullshit login until you can verify you are actually connected via https to it is probably the easiest way to deal with this. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Re: How can I trust all my Tor nodes in path
Thus spake Martin Toron ([EMAIL PROTECTED]): Hi. I have read in the Tor documentation that the number of Tor routers in a path is hard-coded at 3. And I understand that the path changes every 10 minutes (except for active connections). As a client not running a server, how am I sure that at least one of the nodes in the path can be trusted? A little math: assume there are 200 Tor routers, some of which have been compromised and owned by the same attacker. If the number compromised is small, I can be somewhat confident that at least one router is trusted. However, suppose the attacker massed a global attack on the Tor network: all at once the attacker introduces 10,000 new routers into the network, all of which he has control of. Now, when I choose 3 routers for my path, I only have a few that may be trusted, which are in the original 200. Has this problem been addressed elsewhere? So I'm guessing you're thinking something like someone heading over to Amazon's Elastic Computing Cloud and setting up 10,000 tor servers? I believe tor servers have to be manually approved by tor-ops before they begin to be used for normal traffic. This used to be the case at least. Perhaps it has been abandoned due to scaling issues? -- Mike Perry Mad Computer Scientist fscked.org evil labs
Re: How can I trust all my Tor nodes in path
Hi, Seth! On Fri, Dec 01, 2006 at 01:15:39PM -0800, Seth David Schoen wrote: [...] Hmmm, if someone owns (not just eavesdrops on) all three nodes, they can connect the sessions in a more reliable way than just a timing attack. One approach would be to record TCP port pairs, which temporarily identify a connection on one end with a connection on the other end. For example, my local machine knows that I'm currently using TCP port 43514 to make a connection to the SSH service on the server; the server also knows that the client connecting to it is using TCP port 43514. Thus, both ends know that client:43514 server:22 (at this particular moment) refers to the same TCP session. Actually, Tor tunnels multiple circuits over each TLS connection, so remembering ports won't do the job. An attacker who can compromise an entire circuit's worth of servers will also need to remember the circuit IDs for each circuit. Still, it wouldn't be hard for an attacker to modify Tor to log this. yrs, -- Nick Mathewson pgp4xeflwRoge.pgp Description: PGP signature
Re: How can I trust all my Tor nodes in path
On Friday 01 December 2006 21:23, Seth David Schoen wrote: Some people have suggested that this is a good application for trusted computing; proxies could prove that they're running the real, official proxy software on top of real hardware. Then timing attacks are still possible, but actually logging data directly could be prevented. The problem with this seems to be that intentionally doing timing attacks directly against a proxy you operate, from within the same network, is probably pretty effective! You've lost me here - could you explain further? How would it prevent logging data? This approach might be more relevant to lower-latency anonymity services such as e-mail remailers. -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: How can I trust all my Tor nodes in path
Nick Mathewson writes: Hi, Seth! On Fri, Dec 01, 2006 at 01:15:39PM -0800, Seth David Schoen wrote: [...] Hmmm, if someone owns (not just eavesdrops on) all three nodes, they can connect the sessions in a more reliable way than just a timing attack. One approach would be to record TCP port pairs, which temporarily identify a connection on one end with a connection on the other end. For example, my local machine knows that I'm currently using TCP port 43514 to make a connection to the SSH service on the server; the server also knows that the client connecting to it is using TCP port 43514. Thus, both ends know that client:43514 server:22 (at this particular moment) refers to the same TCP session. Actually, Tor tunnels multiple circuits over each TLS connection, so remembering ports won't do the job. An attacker who can compromise an entire circuit's worth of servers will also need to remember the circuit IDs for each circuit. Still, it wouldn't be hard for an attacker to modify Tor to log this. Whoops, thanks for the clarification! That makes more sense. -- Seth Schoen Staff Technologist[EMAIL PROTECTED] Electronic Frontier Foundationhttp://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107
Re: setup tor in private intranet
On Thu, Nov 30, 2006 at 12:39:20PM -0700, otr comm wrote: i am new to tor and was wondering if it is possible to setup tor in a private intranet without gateways to the internet? i have to assume it is, but where would i find documentation and code to build such a system? There are instructions here: http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#OwnTorNetwork In particular Adam Langley has put together a neat little script which does most of the hard work for you: http://www.imperialviolet.org/binary/make-private-tor-network.py This will work whether or not you are connected to the Internet. Tor does not care. All that matters is the Tor nodes are able to access the directory authority you specify. Thanks, Steven. -- w: http://www.cl.cam.ac.uk/users/sjm217/ pgpltTLccZsBO.pgp Description: PGP signature
