"Although these are old, they are classified as zero-day attacks because there is no solution."
They are?
https://news.ycombinator.com/item?id=23929312
Both blog posts probably ended up on the front page and got quite a bit of attention because the words "0 day" and "tor" were used in close proximity, something the author is apparently very fond of doing (the posts are part of a series titled "Tor 0day").
1. purchase VPS products at a bunch of providers who accept bitcoin / crypto
2. ddos your target
3. see if you notice any of your hosted boxes go down
4. once you know the provider pop them (they're usually running some shitty WHMCS or similar homebrew solution, old Cpanel, etc. etc. and they're almost always resellers and amateurs) and move laterally to your target
When the feds do it against online drug markets (and they have been for years) they have the bonus of having decent network insight / view by working with backbone providers
There is just no way to hide multi-Gb of traffic
A zero day starts with it's exploit or public disclosure and ends with a released patch. It's not a zero day for private disclosure.
Edited based on child comment about clarity
If I find an RCE in Cisco IOS and report it Cisco, who sits on it for a few dozen months, and you later find the same RCE and circulate it amongst your friends, who exploit it, your friends are exploiting a zero-day vulnerability.
Zero days are known, exploited and used all the time by all sorts of black hats, govt institutions etc.
Which was/is more relevant when commercial software is updated at most once ever year or two
But it appears no one can agree anymore, making the term useless.
It's a useful distinction. 0-days are special because your target has no idea such a vulnerability even exists. This makes them very different than known but still unpatched vulnerabilities.
High latency mixnets (e.g. https://en.m.wikipedia.org/wiki/Anonymous_remailer ) have the drawback that latency means it cannot work with interactive protocols.
Dining cryptographer networks have much lower latency but scale very poorly. (https://en.m.wikipedia.org/wiki/Dining_cryptographers_proble... )
Tor (a low latency mixnet) trades a weaker threat model for low latency and scalability.
So basically you can pick two of scalability, low-latency and resistence to global passive adversaries.
They actually dealt a lot with the traffic analysis problem, and had both a technical and financial model to encourage defense against it. It wasn't perfect, but it would be more resilient to this stuff than Tor IMHO. It just had the disadvantage that latency was atrocious (for obvious reasons), and ultimately it turns out people don't care about anonymity.
For real anonymity you need something that scrambles and delays your traffic to make it harder to track. Something that breaks big transfers up into a bunch of small transfers, sends them via different routes, and generally makes your experience miserably slow.
It would actually be pretty easy to implement for tor (either for the whole network, or individual nodes or routes), but as far as I can see nobody wants to work on it.
Bittorrent has the "break into a bunch of small transfers" part solved. Just need to modify Bittorrent to somehow transfer each piece over a different route.
>0day
This is not a "0day".
>As it turns out, this is an open secret among the internet service community: You are not anonymous on Tor.
Careful there with the big assertions.
>The last hop is the exit node. It can see all of your decrypted network traffic.
I thought we were talking about onion services here, why the subtle context switch? Does the author even know that onion services don't use exit nodes at all?
>(Don't assume that HTTPS is keeping you safe.)
Why?
>One claimed to see over 70% of all internet traffic worldwide. Another claimed over 50%
The key word here is "claimed".
>If you're a low volume hidden service, like a test box only used by yourself, then you're safe enough. But if you're a big drug market, counterfeiter, child porn operator, or involved in any other kind of potentially illegal distribution, then you may end up having a bad day.
I like how the author assumes that these are the only two uses of Tor.
>you simply need a list of known onion services
Good luck getting that with v3 addresses (unless the author of the service has poor OPSEC).
Not to mention that Tor has provided many fixes for the DDoS issues, but the author obviously didn't mention them.
>Why?
because https depends on certificate authorities and CAs depend on coercible companies which depend on governments from not molesting them.
The existence of QUANTUM INSERT and FOXACID attacks show CA-based authentication is weak (either due to their keys being compromised or coerced). DigitNotar also got pwned.
Strong authentication is one of the unrivaled advantages to onion addresses in tor.
The CIA also advocates to not solely rely on TLS for transport encryption: https://news.ycombinator.com/item?id=24426818
Does this mean that traffic correlation and confirmation attacks cannot be performed on users of hidden services?
There's a "new Tor circuit for this site" button in the Tor Browser, but it's for circumventing dumb WAFs who've blacklisted a Tor exit node's IP. It's not for OPSEC.
> Javascript
Nobody who cares about doing anything secretive is using Tor with Javascript enabled. (Fun fact: most of the "dark web" stuff operates using early-2000s-era phpBB forum tech, which works perfectly fine without JS.)
Download Tor https://www.torproject.org/download/
Go to your site, and see if you think it works - https://fingerprintjs.com/demo
(Also notice how Tor changes the screen size everytime you open it)
I wish Tor never became an activist project. There are a lot of groups with nice sounding names like 'Human Rights Watch' - that seem less nice once you find out who funds them and some of the things they support - that started offering loads of money starting around 2010 to groups which produced this kind of technology.
Tor took the money and transformed from an academic project into an activist one in both terms of both staff and marketing, and I think a lot of people are now using technology they have been told will keep them safe but is actually only a few steps away from bunkum.
I2P never gets any attention compared to Tor, but it keeps chugging along. In many ways, it's a lot better. Their most recent release was on 2020-08-24.
Just using it makes you automatically interesting to state actors.
Code:
I understand that they have mechanisms preventing obviously fake new servers from flooding the network. But still at these numbers it doesn't seem that tough to play the long game.
One reason why it's not devastating to the network as a whole is that the process for getting your relays to make up such a large fraction of the network is social. If you run a ton of capacity, especially if added all at once, people are going to notice, and reach out to find out who you are (and if they can't, expect to get removed). This means that while yes, you can do this (and as above, people have), once it's detected, all of your resources are dropped at once, and you have to start a pretty expensive and time-consuming process over again. It's also the case that adversaries generally don't collude, so e.g., the above attack was for cryptocurrency theft, and those adversaries likely aren't working with the FBI or China to deanonymize circuits. This means you only have to worry about a few of these happening at a time, which makes it easier to detect (pull on one thread, and the rest start to unravel).
That said, just based on the blog post above, it's something that TPO seems to be thinking about new ways to address, and sibyl detection has a long history of research in the academic community as well that has plenty of space left to explore. Something like Salmon[0] is in the process of being implemented by TPO for bridge distribution[1], and the constraints for this reputation problem are far less onerous than that setting.
[0] https://content.sciendo.com/view/journals/popets/2016/4/arti...
[1] https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-...
As a Tor user, I'm quite glad to read that, actually. Tor hidden services are the reason why Tor has this ugly and well-deserved reputation of being a tool for everything illegal and morally unacceptable. As someone who just want strong privacy, I see hidden services as problematic neighbors and I would be glad to see them go.
The alternative would have been providing a dynamic DNS type URL, mucking around with LetsEncrypt and the DNS provider periodically and then implementing all access control in the servers. I'm lazy, Tor works for this use case and I'm lucky my users understand the 3 steps to configure their Tor browser so I'm sold on the usefulness of this mechanism!
I love how you used it for relatives group privacy, though, that sounds cool.
Didn't see it clarified in the article, but IIRC for onion services like OP's the traffic doesn't go out of traditional internet exit nodes and traffic is end-to-end encrypted. Not only can the last relay before the onion service not see all of your decrypted network traffic, I don't believe they can tell they are even the last relay.
Traffic analysis has been a known issue as long as Tor has existed. What I'd like to see are solutions. Can Tor be used with some kind of fixed-rate noise type of protocol (I toyed w/ a rudimentary fixed-rate traffic algo once[0])? Or is it too broken and do we need another P2P (fixed-transfer-rate) protocol? i2p, tribbler, etc haven't gained mass adoption.
0 - https://github.com/cretz/deaf9/blob/master/mask/context_read...
Furthermore, it's not as simple as 'see all of your decrypted network traffic'. Perhaps the Tor client is talking with the clearnet server over TLS 1.3. This presents much more difficulty for the malicious exit node.
Edit: I'm assuming Tier 1 network providers for AT&T/CenturyLink (aka L3) etc as per this list https://en.wikipedia.org/wiki/Tier_1_network
This is a known issue, which, like GMail being accessible to the US government without a warrant, one that a lot of people simply need to block out to go on with their daily lives. It's difficult to emotionally integrate the fact that you can't travel anywhere while holding a cellphone without the military knowing exactly where you are, and exactly where you've been, for the entire time you've had a cellphone.
I encourage you to watch the interview, where I describe this precise attack:
All tor does is provide onion addressing and strong authentication with increased the observation costs for passive observers. Anything beyond that is a user's myopic extension of crypto-is-a-panacea. Cryptography can provide protections for observability, it cannot provide protection against identifiability. Mixnets like remailers or modern traffic mixing like Nym attempt to address identifiability.
>I read off the address: "152 dot" and they repeated back "152 dot". "19 dot" "19 dot" and then they told me the rest of the network address. (I was stunned.) Tor is supposed to be anonymous.
It's hard to tell the author's genuine understanding of Tor is versus what is hyperbolic. How surprising is the quoted feat? IPv4 is roughly 2^32 in size. There's roughly 2.4 million tor users [1], so an observer would need ~22.2 bits to exactly identify them.
The author gives at-least (assuming uniformly random IP address distribution, which isn't the case) ~16 bits of entropy (log(255)/log(2)*2). Which leaves their counter party a 1/32 eg 2^(22.2-16) chance of guessing their IP. Unless your ip space is chock full of tor users, it's not surprising an exit node was able to autocomplete the rest of your ip address. PS If we know the country of their IP, we need at least ~15.3 bits and at most ~19.7 bits
The trick is akin to living on a street with a unique name and a retailer auto completing your address and customer details because you've ordered from them before and you gave them your street name.
If I was a Global Passive Adversary, I would be probing and rerouting traffic to see how systems responded: https://www.ndss-symposium.org/wp-content/uploads/2017/09/ND...
https://www.muckrock.com/foi/united-states-of-america-10/req...
[1] https://metrics.torproject.org/userstats-relay-table.html
This line seems like the big deal. Doesn't matter if it's from 2012 or not a 0 day or about previous posts from this author, how is this possible in 2020 by anyone, but even a corporation?
Is it this line? - "They just didn't know that this specific address was mine."
Tor should have shutdown Onions if this line is true as it seems to read.
