HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Cloud Computing / Tor Internet Privacy Service Breached
Tor Internet Privacy Service Warns Users It Was Breached
Tor Internet Privacy Service Warns Users It Was Breached
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
30
2014


You may never have heard of the Tor Project, but the anonymous browsing service is making headlines on Wednesday. Tor’s developers are warning users they might be victims of an attack launched against the project in early 2014.

In a blog post, Tor said it found a group of relays it assumed were trying to deanonymize users. Specifically, those relays appear to have been targeting people who operate or access the browsing service’s features. The attack essentially modified Tor protocol headers to do traffic confirmation attacks.

“The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4,” the developers said in a blog post. “While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.”

Who Was 'Affected'?

The news gets worse from there. Tor can’t confirm what “affected” includes. All they know is the attack searched for users who fetched “hidden service descriptors.” Tor suspects the attackers could not actually see any application-level traffic, such as what pages were loaded or whether users visited the hidden service they looked up. But no one is completely sure.

“The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service. In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely,” the blog post said. “And finally, we don't know how much data the attackers kept, and due to the way the attack was deployed … their protocol header modifications might have aided other attackers in deanonymizing users too.”

Tor developers said relays should upgrade to a recent Tor release or close the particular protocol vulnerability the attackers used, then reminded that preventing traffic confirmation in general remains an open research problem.

“Clients that upgrade -- once new Tor Browser releases are ready -- will take another step towards limiting the number of entry guards that are in a position to see their traffic, thus reducing the damage from future attacks like this one,” the developers said. “Hidden service operators should consider changing the location of their hidden service.”

Tor is Quick to React

We caught up with TK Keanini, CTO of network security firm Lancope, to get his take on the Tor Project. He told us Tor remains important infrastructure to those who must operate on the Internet anonymously -- but it is a nuisance to those charged with monitoring and identifying the network activity of users.

“Despite the bounties placed on comprising Tor, or the endless amounts of threats made to subvert the technology, Tor evolves and remains a target as [do] many other services on the Internet. The Tor community is quick to react to incidents and this readiness is important to witness as there is a lot we can learn in how to be resilient despite a hostile and advanced threat,” Keanini said.

“The talk from Black Hat that was pulled is operationally insignificant because all the folks actively working on ‘breaking’ Tor are hard at work on their objective and conferences are not their thing.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN CLOUD COMPUTING
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
In late breaking news on Thursday, an unnamed U.S. government official told the press that investigators have solved the vexing question of how Sony’s computer network was hacked.

ENTERPRISE HARDWARE SPOTLIGHT
Almost half of consumer, industry and life sciences manufacturers are expected to be using 3D printers within three years and now 3D printing services are aiming to help companies experiment.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.