
Hackers breach FSB contractor, expose Tor deanonymization project - ga-vu
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/
======
Santosh83
Nobody with an ounce of intelligence can believe for one moment that the most
powerful intelligence agencies in the most powerful country of the world will
stand idly by and watch a protocol/network be completely opaque for them.
Whether there is evidence or not (in such cases there may never be enough
evidence), it is safe to assume that many if not most Tor exit nodes are govt
run (various govts), and one or more of the top intelligence agencies of the
world can break Tor by more than one method. The only form of safe
communication is one that relies on old fashioned and proven methods,
utilising code and algo that has been scrutinised by researchers from many
nations. People really wanting to be anonymous will do well to be wary of
heavily 'promoted' solutions.

~~~
onetimemanytime
How do various embassies contact the mothership? I heard that a lot of them
use TOR, and for smaller countries it makes sense. Big countries I suppose
have their brew (which is not necessarily safer.)

~~~
dogma1138
Not a single intelligence agency or diplomatic service will rely on ToR for
security that’s madness.

A properly configured commercial or open source VPN is considerably more
reliable and secure than ToR since you have no idea who is listening on the
exit nodes or who can execute unmasking attacks by traffic shaping or
monitoring if they control enough relays.

For the most part any country which can perform intelligence collection out of
its embassy will have sufficient budget and and technical capacity to develop
their own secure means of phoning home.

Also for highly sensitive material a diplomatic pouch is still the most secure
means of transport as it never leaves your sight and is never inspected and if
you do get intercepted then destroying physical media is much easier than
securing network traffic to the same level of assurance.

~~~
dontbenebby
>Not a single intelligence agency or diplomatic service will rely on ToR for
security that’s madness... For the most part any country which can perform
intelligence collection out of its embassy will have sufficient budget and and
technical capacity to develop their own secure means of phoning home.

The CIA has it's own onion service:
ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion

Tor was developed by the US naval research lab, it was opened up because an
anonymity network only spooks use isn't anonymous.

Smart intelligence agencies are not going to reinvent the wheel (or in this
case, the onion router).

>A properly configured commercial or open source VPN is considerably more
reliable and secure than ToR since you have no idea who is listening on the
exit nodes

If traffic is encrypted this does not matter. (HTTPS also provides integrity
checking to show messages were not modified in transit)

Also, traffic to onion services does not exit the Tor network - there is no
"exit node"

>Also for highly sensitive material a diplomatic pouch is still the most
secure means of transport as it never leaves your sight and is never inspected
and if you do get intercepted then destroying physical media is much easier
than securing network traffic to the same level of assurance.

They may use diplomatic pouches for especially sensitive information, but the
need for low latency communication is strong. What's more likely is that one
time pad codes for said communications are sent via pouch, and the
communication itself then goes over Tor or some other channel.

~~~
wincy
Wow I wonder how much compute it took them to generate that hidden service
name.

~~~
crtasm
I tried one of the older, shorter .onion addresses once out of interest.
Didn't take long on a laptop to get a specified 7 characters at the beginning.

I don't know how much the longer .onions affects generation time - anyone?

~~~
dontbenebby
Is there a script to do that or did you roll your own?

~~~
crtasm
I used
[https://github.com/katmagic/Shallot](https://github.com/katmagic/Shallot)
back then and it took 35221958203 attempts to find one with my chosen seven
characters.

For the longer v3 .onions you'll want a different tool, this page mentions
some and makes some estimates for finding increasing lengths of characters:
[https://www.jamieweb.net/blog/onionv3-vanity-
address/](https://www.jamieweb.net/blog/onionv3-vanity-address/)

------
jakear
Last time Tor was mentioned here, a user posted this link [1], claiming Tor is
a military financed destabilization project. Seems unbelievable, but there
appear to be lots of supporting documents.

[1]: [https://surveillancevalley.com/blog/fact-checking-the-tor-
pr...](https://surveillancevalley.com/blog/fact-checking-the-tor-projects-
government-ties)

~~~
AJ007
Wikipedia: “The core principle of Tor, "onion routing", was developed in the
mid-1990s by United States Naval Research Laboratory employees, mathematician
Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag,
with the purpose of protecting U.S. intelligence communications online.“

Recently, many or all of the US’s agents in China were captured and executed:

[https://foreignpolicy.com/2018/08/15/botched-cia-
communicati...](https://foreignpolicy.com/2018/08/15/botched-cia-
communications-system-helped-blow-cover-chinese-agents-intelligence/)

[https://www.nytimes.com/2017/05/20/world/asia/china-cia-
spie...](https://www.nytimes.com/2017/05/20/world/asia/china-cia-spies-
espionage.html)

This is why things like mandating Apple, Google, et al use breakable
encryption is extremely bad. Anyone who follows information security knows
Apple struggles to keep up with 0 day exploits.

My opinion is that it is both in the interest of the United States government
and all human-rights abiding democratically elected states to have as
absolutely secure and anonymous communications systems as possible. I’m not
the only one who believes this. In fact, I think this is very very much a CIA
vs FBI situation, domestically. Is it really worth exchanging knowing what was
on some dead nut jobs iPhone for the ability of government officials, the
military, business executives (e.g. Jeff Bezos apparent breach by Israeli
assisted Saudis), and every day common citizens to communicate securely?

~~~
heavenlyblue
>> dead nut jobs iPhone

I think the principle here is that the same dead nut will simply cease using
iPhones the moment they become insecure.

------
canada_dry
> Tax-3 - a project for the creation of a closed intranet to store the
> information of highly-sensitive state figures, judges, and local
> administration officials, separate from the rest of the state's IT networks.

So, is this intranet used for keeping official (confidential) records or for
blackmail purposes?

~~~
jammygit
Or is it the network they won’t pass laws requiring backdoors for? Literally
segment society into those with power and privacy, and those with neither?

Why on earth would they need separate infrastructure and the rest of us do
not?

~~~
deaddrop
> _Why on earth would they need separate infrastructure and the rest of us do
> not?_

I imagine they wanted to build their own version of SIPRNet.

[0] -
[https://en.wikipedia.org/wiki/SIPRNet](https://en.wikipedia.org/wiki/SIPRNet)

------
class4behavior
a) All that article states is that Russian intelligence runs their own servers
to scan through the traffic. That isn't a huge threat; only when a party
attempts to run a big majority of the entire network, it becomes an issue.

b) There are merely around 7000 servers active. With more funding or
contributors, the danger of any single party taking over would quickly
diminish. Here's one way you could help:
[https://www.torservers.net/about.html](https://www.torservers.net/about.html)

------
dontbenebby
It sounds like the attack is not unusual or unknown - they're spinning up
malicious nodes then trying to drive traffic to those nodes via DDOS. This is
a common technique and unfortunately it's my understanding that aside from
increasing the number of good nodes there's not much that can done about it.
(Though monitoring for malicious behavior is much better nowadays, so bad
nodes will quickly get kicked off the network)

~~~
dmix
It said the attacks were detected by a Swedish University.

------
INTPenis
Yeah I mean if you have the budget of an intelligence agency, even a russian
one, you could automatically deploy hundreds, thousands, of tor exit nodes all
the time.

Intelligence agencies could run a substantial part of the tor network with
ease.

That's why I'd like to see some sort of identification for tor exit node
operators. Like keybase or github accounts that can verify who they are and
that they have a "normal" presence on the internet.

------
ineedasername
_hacked into SyTech 's Active Directory_

Sure, why not? Active Directory doesn't really scream top-secret security to
me. Maybe someone with more knowledge can chime in here: Is AD really
considered best of breed for what it offers, esp. in terms of security? Or am
I not giving it enough credit?

~~~
thatfunkymunki
Is there any better solution for large scale AAA than Kerberos/AD? I think it
does the job pretty decently for the large problem that it encompasses.

~~~
ineedasername
Maybe I'm just judging too much from personal experience working under a
system that may be poorly implemented.

------
jammygit
What is the risk of hosting an exit node? I have heard that you can be liable
for facilitating illegal actions if yours gets used for it

~~~
somebodythere
Hosting an exit node is not illegal (in the United States), and generally you
cannot be held liable if the network was used for illegal actions as a
consequence of being an exit node and not committed by you (this is not legal
advice); however, you have to be able to prove that and it does not
necessarily mean you are protected from being investigated, having your door
kicked in, and/or your equipment seized.

~~~
lucb1e
> being investigated, having your door kicked in, and/or your equipment
> seized.

True and good to be aware of (upvoted), but I think it is fair to note that
this is a very small number of cases. It's not small odds like "win the
lottery" odds, but it's also not likely that it'll happen to you. Definitely
something to be aware of and plan for (e.g. don't also use that server for
important stuff, say, your email and website).

------
xtat
A reminder: Please run as many tor nodes as you can. They don't have to be
exit nodes. This is a mostly free way to give back that has a big impact on
privacy and free access and helps to prevent state actor attacks.

------
burtonator
I wish there was some sort of secure protocol to allow tor clients to create
their own exit nodes using cloud services. I just don't see how it would
really be possible reliably.

------
bin0
As much as I hate to say this, we all knew it was happening, right? I'm still
ninety percent sure they had to scramble to justify a non-tor-breaking reason
they got Ulbricht. I don't know why people are still encouraging others to use
it alone. You should also be using some kind of encryption of the content
itself. Their goal is to figure out who you are and what you're saying; deny
them either piece, and they're foiled (three-letters, that is).

~~~
TazeTSchnitzel
Ulbricht was grossly incompetent, they didn't need a special attack on Tor to
unmask someone who asks questions about connecting to Tor from a public
StackOverflow account in their real name.

~~~
bin0
He really did that? Jeez, you're right. Still, such attacks have doubtless
been used before. Even if they haven't broken the core protocol, I'd assume
they've got a few zero-days sitting around.

~~~
somethingnot
He did a lot of stupid stuff. Like logging into SilkRoad from a public
library. FBI agents were at the next table.

~~~
dontbenebby
He logged in in public a lot. They were able to correlate him opening
laptop/joining wifi with their suspect account signing into Silk Road.

