

Aussie cops: Silk Road TOR anonymity 'not guaranteed' - MRonney
http://www.cso.com.au/article/431755/aussie_cops_silk_road_tor_anonymity_guaranteed_/#closeme

======
pwny
As another commenter suggested in the article, the government probably found
the man because of factors external to TOR, such as the delivery address and
the payment processor/information he used.

I don't believe the TOR network was compromised just yet, although I wouldn't
test that assertion by buying drugs on it...

~~~
victork2
Not entirely true, see here:

[http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Wea...](http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Weaknesses)

"security consultant, revealed that he had intercepted usernames and passwords
for a large number of email accounts by operating and monitoring Tor exit
nodes.[27] As Tor does not, and by design cannot, encrypt the traffic between
an exit node and the target server, any exit node is in a position to capture
any traffic passing through it which does not use end-to-end encryption such
as TLS."

It's strongly suspected that China used that method to arrest some opponents
of the regime that were talking with TOR. I don't know if Australia has the
same level of organization and can drop into communications like that though.

For this story, it really looks that they just used other factors than TOR to
find out this guy.

edit: apparently Silk Road is 100% TOR, so it does not work in that case! Mea
culpa

~~~
sp332
Silk Road is only available via TOR, so there is no exit node involved.

~~~
Natsu
One other possibility is to hack the computers running Silk Road itself. It's
a rather high value target, so I'd be surprised if they didn't try. They could
also order drugs from it in order to find out how they were being packaged and
alert customs to any new techniques. In fact, there are quite a lot of things
they could do, none of which require compromising TOR or Bitcoin.

------
unimpressive
After seeing the headline, I expected to read a bluff by the Australian
Federal Police that they can pierce through TOR.

Instead they didn't even do that; which to me implies that they caught this
guy through weaknesses in his anonymity that had little to do with the merits
of TOR.

------
icebraining
As awesome as the TOR network is, you can't send drugs through it, and
physical delivery is way more difficult to obfuscate.

------
shokwave
When I find a great fishing spot, I always make sure I release a joint
statement informing the fish.

------
jcromartie
Hardly. They got to the _people_ operating accounts on those sites.

On the other hand, Anonymous has _actually_ pulled off something that revealed
users on Tor.

<http://pastebin.com/hquN9kg5>

~~~
marshray
What they did was pwned a website and used that to hack its users via
downloaded malware. The website was hosted as a Tor hidden service.

Again, this is not something that any anonymity network system is going to
defend against. The fact that the attackers had to resort to hacking a server
and then socially engineering users to download and agree to run the malware
shows that Tor was working well.

On the other hand, the way they describe using a DDoS against specific exit
nodes and correlating that with outages against a specific hidden service
could be considered an attack on this feature of Tor. However, there's little
to no data presented and it's mixed in with a lot of other odd factors so I'm
very skeptical.

Opdarknet looked different to me from the other operations of Anonymous. My
guess is that it was some unrelated entity using Anonymous as a cover. It's
weird how they spend as much time bashing specific Tor developers as they do
on the CP criminals.

------
propercoil
another load of crap from another illegitimate "entity" which once was
composed of public servants and now full of "officials".

save the bs for the main stream

