1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

TOR Network hacked by 0v1ru$

Discussion in 'General Network Security' started by L&LD, Jul 22, 2019.

  1. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
  2. akb

    akb Regular Contributor

    Joined:
    Sep 25, 2016
    Messages:
    127
    just buy your drugs from public wifi :p
     
  3. nitro001

    nitro001 Regular Contributor

    Joined:
    Nov 6, 2014
    Messages:
    50
    Close. They didn't hack as the title would lead you to believe though, they only tried to inject themselves as valid exit Tor nodes to de-anonymize users.
    <tin-foil hat>
    I don't use Tor, but for any anonymous system that allows arbitrary exit nodes, you figure any government, such as Russia, China, US, etc... who wants to get these users would inject themselves into the network making themselves exit nodes. This just showed Russia was already trying to do it, we all know the other governments are trying as well. :) </tin-foil hat>
     
  4. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,624
    Yeah, they were hacked. ;)

     
  5. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    14,117
    Location:
    San Diego, CA
    This is pretty easy - a modest size Telco has massive bandwidth in the core, and with Docker, can set up tens of thousands of Tor Exit nodes...

    Then run the traffic through a deep packet inspection engine like Sandvine - and everything becomes public.

    This is the same issue with commercial VPN providers, where concentration of traffic makes things like this useful for intel collection.
     
    L&LD likes this.