Re: Compromise of Tor, anonymizing networks/utilities

[gmaggro <gmaggro () rogers com>]

> > So I guess CIA -> CSIS, FBI -> RCMP, and NSA -> CSE/GCHQ/DSD/GCSB. The
> > last bit being the standard bunch of Echelon sons-of-bitches. Those lads
> > must have some fat pipes. Now are they hidden, or hidden in plain sight?
>
> Not that fat, as Tor is usually quite slow.

Well,  I would assume the setup would be such that it performs like an
average,
or slightly above-average, node:  they would want it to blend in.
In any case, I'm sure it would only take up a fraction of what they have
access to.

> > In any case, it is a certainty than that some law enforcement agencies
> > are running tor nodes; it has been spotted in actual use at many such
> > locales. Tor might a great idea but it is sadly lacking in many aspects
> > of its implementation.
>
> It would help if you were more specific here. Especially, could you
flesh out
> what you mean by, "it is sadly lacking in many aspects of its
> implementation."

Yes, I suppose that assertion would be better served by backing it up
with some
information. I was treating it as a given, but let me see what I can dig
up about the
problems I was referencing. Unless someone wants to post up links or
jump in;
no doubt these aspects of Tor have already been explored and documented far
more competently than I would wind up doing.

Having seen good crypto ruined by lousy implementations, I thought it
timely to
remind ourselves of the lesson that implementation is at least as
important as
the underlying theory.

> > From now on we should all operate under the assumption that every
> > anonymizing network is rife with law enforcement infiltration.
>
> As it is, law enforcement would  have to deal with multiple nodes,
spread over
> multiple, not always friendly  jurisdictions.

Without going so far as to say it's a fact, I propose that is exactly
what has happened.
Now it's quite possible that these agencies are using Tor for their own
'innocent'
purposes but I find that unlikely, unless it's as some kind of technical
experiment.

How to purge law enforcement agencies from anonymizing networks, now that
would be a great area of study. Or how to sucker them into hanging out where
everything is bogus.

Folks like the ELF, and organizations more local to me such as OCAP,
security.resist.ca and First Nations have been known to recommend and
employ Tor.
I do not want to see these people any more compromised than they already
are.

> > In fact, future designs should incorporate this infiltration into their
> > development; there has got to be a way to use this against them.
>
> Which is what TOR has done.

I hope so, and I will look into that.

> I'll toss this out as something to think about: Perfect anonymity is like
> perfect security; with enough work both can be broken. The point is to
make
> it hard to do.

Or construct it such that there's some kind of 'duress' booby-trapping
in the process.
When attempts at subversion are detected it can not just tar-pit them,
it can fold
when appropriate and throw up some info that appears to be valid, or
useful, to
the attacker. Take ideas from the botnet folks where their stuff attacks
you right
back.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/