light bulb

Did You Know?



Reply
Posts: 5,114
Topics: 3,272
Kudos: 6,330
Registered: ‎06-12-2013

Active attack on Tor network tried to decloak users for five months

Attack targeted "Tor hidden services" used to protect IDs of website operators.

by Dan Goodin - July 30

 

Tor

 

Officials with the Tor privacy service have uncovered an attack that may have revealed identifying information or other clues of people operating or accessing anonymous websites and other services over a five-month span beginning in February.

The campaign exploited a previously unknown vulnerability in the Tor protocol to carry out two classes of attack that together may have been enough to uncloak people using Tor Hidden Services, an advisory published Wednesday warned. Tor officials said the characteristics of the attack resembled those discussed by a team of Carnegie Mellon University researchers who recently canceled a presentation at next week's Black Hat security conference on a low-cost way to deanonymize Tor users. But the officials also speculated that an intelligence agency from a global adversary might have been able to capitalize on the exploit.

 

Full Article

Sr. Community Leader

Posts: 3,332
Topics: 2,009
Kudos: 2,422
Blog Posts: 0
Registered: ‎06-02-2014

Re: Active attack on Tor network tried to decloak users for five months

Just when you thought it was safe to use Tor this comes up................. so can we trust any proxy or cloaking service

???

Community Leader

Posts: 5,114
Topics: 3,272
Kudos: 6,330
Registered: ‎06-12-2013

Tor developers rush to plug security hole that could identify users

By Graeme Burton  31 Jul 2014

 

                                                                                                eye-spy

 

The developers behind the open-source anonymous web-browsing tool Tor are rushing to patch a critical security hole after discovering a group of relays that appeared to be trying to de-anonymise users.

Tor is widely used around the world to enable people to browse the web anonymously - to get round blocks installed by repressive governments, for example - and to access sites operating in similar anonymity that would otherwise be difficult to locate.

 

Full Article

Sr. Community Leader