Menu
What's new
By:
Filters Better Search

Chinese Compromise Security VPN & TOR

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

CaptainSTX

Part of the Furniture
Interesting article in this weekends NYT on how Chinese hackers have compromised the anonymity of both VPN and TOR.

I would guess if the Chinese can do it other nation states can or perhaps already have done so.

BY NICOLE PERLROTH New York Times 6/12/2015
Exploiting a vulnerability in server software used by Chinese Internet portals, hackers were able to unmask visitors to sites deemed hostile by the government.

Below is a link to the entire article

nyti.ms/1GjdBay
 
Hmm.

I skimmed the article and saw nothing about VPNs and Tor being compromised, but maybe I missed it.

VPNs and Tor are tools that need to be used properly. Seems like people vulnerable to this attack were not following proper security guidelines.

From the article "As long as visitors to those websites were also logged into one of 15 Chinese Internet portals". Never use real creds when trying to be anonymous... :(
 
Im sure various governments and intelligence agencies compromised TOR quite some time ago. For the chinese it would be pretty easy because a lot of people are using tp-link since its cheap. It would make sense that if tp-link has a backdoor for the chinese government than the use of VPN or TOR would be useless to stay hidden from them. Im sure they spare no expense on keeping communism on their own citizens as they had done before with smartphones and telcos.

TOR is compromised if the endpoint or the start point are compromised or if all the nodes in between are owned by the same person which is very likely despite how unlikely it seems. Than theres also the content on the websites that when opened even if it is a simple pdf file or even some web code can give away your identity. I remember reading about one TOR website which the FBI continously hacked and inserting their own code to identify visitors which i believe was had inappropriate content.

So even if you did not use real creds which im sure people who use TOR most likely avoid there are numerous ways you can get identified.
 
Nullity said:
Hmm.

I skimmed the article and saw nothing about VPNs and Tor being compromised, but maybe I missed it.

VPNs and Tor are tools that need to be used properly. Seems like people vulnerable to this attack were not following proper security guidelines.

From the article "As long as visitors to those websites were also logged into one of 15 Chinese Internet portals". Never use real creds when trying to be anonymous... :(
Click to expand...

The hackers by accessing an ISP's server were able to determine the "real" IP of those connected as well as the web sites they were actually connecting to. One of the selling points of both a VPN or TOR is that they hide this information.
 
CaptainSTX said:
The hackers by accessing an ISP's server were able to determine the "real" IP of those connected as well as the web sites they were actually connecting to. One of the selling points of both a VPN or TOR is that they hide this information.
Click to expand...

Perhaps I missed it, but I saw no mention of direct IP leakage.
 
Well... I've said it before, but it bears repeating...

If you don't control both ends of a VPN tunnel, then you deserve to be hacked - seriously...

And yes, I run quite a few L2TP/IPSEC binds - all AES/SHA1 with strong/long keys...
 
sfx2000 said:
Well... I've said it before, but it bears repeating...

If you don't control both ends of a VPN tunnel, then you deserve to be hacked - seriously...

And yes, I run quite a few L2TP/IPSEC binds - all AES/SHA1 with strong/long keys...
Click to expand...

In this case controlling both ends might not make any difference in security or lack thereof. The penetration exploited a security weakness/exploit in the server's OS.
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
G Router VPN / Streaming / Daisy Chain Routers / Security VPN 32

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 957 (members: 21, guests: 936)
Top