권현준 writes: > I subscribe tor-talk > > Hello I'm Korean student studying security > First of all sorry for my bad english. > I have a few question about tor network > > 1. Tor network is 100% security network? that can not be hacked by other > cracker? > > 2. If not, How can cracker attack tor network that tor can't prevent?
Hi! I would suggest looking at Tom Ritter's overview presentation about Tor. It is very detailed. Hopefully the technical level will be appropriate for you and the English content will be clear. https://ritter.vg/p/tor-v1.6.pdf He gives a number of discussions of limitations of Tor and possible attacks. There are also attacks that try to deanonymize users (finding the true IP address of a user responsible for a circuit) or hidden services (finding the true IP address of a server responsible for a hidden service) under various conditions and circumstances. This is an ongoing area of research for academic studies, and also probably for governments that want to identify Tor users. Particular research on Tor has been written about on the Tor blog at https://blog.torproject.org/category/tags/research and also collected as part of the anonymity bibliography at http://www.freehaven.net/anonbib/ Of course only some of the later papers there relate to Tor, because Tor didn't even exist at the time that the anonymity field first began! :-) There are a lot of attacks that are effective at least some of the time. If you look at the original Tor design paper, they assume that someone who is watching the place where a user enters the network (the first node in the chain, today called entry guard) and the place where the user's communications exit the network (the exit node) will be able to break the user's anonymity by noticing that the amount and timing of data going in on one side matches the amount and timing of data coming out on the other side. This is pretty serious and has been used to deanonymize people in real life. Some of the research papers propose ways of trying to deanonymize users or hidden services under more restrictive conditions, where the attacker controls or monitors less of the network, or controls or monitors something other than entry and exit traffic. One issue about this is understanding what counts as a successful attack. I'm still concerned that Tor users may not understand the issue presented in the original design about how someone watching both sides can recognize them! Another kind of attack that hasn't been discussed very much is the idea of hacking the individual servers that provide the Tor network, either by exploiting software vulnerabilities in the Tor server itself or by exploiting vulnerabilities in other software that these servers run like Linux or OpenSSH. This sort of attack could be quite serious if it affected many different Tor nodes at the same time, because the nodes could be reprogrammed by the attacker to start logging data and to cooperate to reveal users' activities. There's no specific publicly-known vulnerability that can be used to do this right now; an attacker would need to find or buy knowledge of a new one (although there might be some portion of Tor nodes that are slow to apply server software updates, which might still be vulnerable to older software bugs or might have stayed vulnerable for a longer period of time). It's important to understand the difference between hidden services and exit traffic when reading the academic research, because a lot of research focuses on deanonymizing hidden services, which poses different challenges from deanonymizing regular users. Attacks against hidden services can be quite serious, but they only represent a small fraction of the overall use of the Tor system. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
