• Posts: 7,941
  • Tag points: 14

Topic: Tor is not secure.

http://www.technologyreview.com/news/52 … veillance/

Ironically I described this exact attack 3 or 4 months ago to two very tech savvy guys and they flat out disbelieved me.

I could crack Tor with less resources than a nation State either. I just need root access to either the Pacific or Atlantic underwater trunk line and lots of spare time (and a team following my directions, say 10 software developers).

Everything bad in the economy is now Obama's fault. Every job lost, all the debt, all the lost retirement funds. All Obama. Are you happy now? We all get to blame Obama!
Kemp currently not being responded to until he makes CONCISE posts.
Avogardo and Noir ignored by me for life so people know why I do not respond to them. (Informational)

0 Dislike 0 Post Points

  • Posts: 14,366
  • Tag points: 68

Re: Tor is not secure.

spam

Obama isn't doing those $300 billion no-bid deals anymore Einstein.  Access denied!

The core joke of Hitchhiker's Guide to the Galaxy is that of course no civilization would develop personal computers with instant remote database recovery, and then waste this technology to find good drinks.
Steve Jobs has ruined this joke.

0 Dislike 0 Post Points

  • Posts: 14,366
  • Tag points: 68

Re: Tor is not secure.

if I had an office and internet and 10 aviation engineers under me I could invent a new helicopter

The core joke of Hitchhiker's Guide to the Galaxy is that of course no civilization would develop personal computers with instant remote database recovery, and then waste this technology to find good drinks.
Steve Jobs has ruined this joke.

0 Dislike 0 Post Points

  • Xeno
  • Xeno
  • Player
  • Offline
  • Posts: 4,779
  • Tag points: 34

Re: Tor is not secure.

Einstein's right on this one.

0 Dislike 0 Post Points

5 Reply by Key (edited by Key 04-Nov-2013 22:50:31)

  • Key
  • Key
  • Player
  • Offline
  • Posts: 990
  • Tag points: 11

Re: Tor is not secure.

Actually it's about circumventing the tool, not breaking it.

In this case the practice they are talking about is called, "Piggybacking", and "triangulation".  And yes it does work.

No, I wouldn't say Tor could be broken without some time, and an understanding and direct copy of the software server.  But, governments aren't stupid as how they can easily identify where those "volunteer" servers are located and corrupt them at a local level.  After that, it's all "catch and release, info".

It's cloak and dagger of the 80's age.  It was easily used then, it can be easily used now.  Today's programs are more complicated, but they are usually weighty in nature, with far more coding now then 30 years ago.  The more lines a program has, the higher chance of a sophisticated attack on a part of it's structure.  In other words, the bigger isn't better.  And the greater amount of line code does not denote it's quality of purpose.  Just means there's more than one way of attacking it.

Why are you all acting like, "I'm a smart hacker, I KNOW how things work, i'm smarter than the average non-computer lingo muggle...."

Really?  Every security measure ever created was always either broken or circumvented.  Acting like Tor can't be broken or circumvented, is pipedreaming.  A computer code is only as good as it's programmer.  Since all programmers are HUMAN, then to error is human.  Or in this case to Err, was strictly a human programmer who had limitations of either brain capacity, hard drive space, or was to full of EGO.

Human + Ego = Err

=^o.o^= When I'm cute I can be cute.  And when I'm mean, I can be very very mean.  I'm a cat.  Expect me to be fickle.

0 Dislike 0 Post Points

6 Reply by Key (edited by Key 04-Nov-2013 23:00:57)

  • Key
  • Key
  • Player
  • Offline
  • Posts: 990
  • Tag points: 11

Re: Tor is not secure.

I'm sure Einstein is perfectly right on this.  Up to a point.  You need more than a trunkline.  You need to identify the "Volunteer server".  Taking out all the legal documented businesses that are corporately owned, what you have is privately ran non-government, non-business servers.  Turns a 1,000 computer search into hundreds.  From time of info released, to time of info catch, also directs how far the server maybe located, taking into account the milliseconds a hub may transfer information....did the info travel on landline, ethernet connection, fiberoptic, or communications sattelite.  A single timestamp can easily pinpoint distance travelled, if you know what road it travelled on.

...Seriously, the process sounds very complicated...AND IT IS....but not by the standpoint of a security agency.  Or a small team.

A proper tool, line access, and a team of programmers...can do it.  It's a LOT of code to look through, and haveing more than one pair of eyes, can shorten the amount of time to crack the problem.

In which case....this is not news.  This has been happening since the early 1980's.  And even the old bag of tricks then, can easily tear a hole in Tor.

=^o.o^= When I'm cute I can be cute.  And when I'm mean, I can be very very mean.  I'm a cat.  Expect me to be fickle.

0 Dislike 0 Post Points