

New Tor Denial of Service Attacks and Defenses - conductor
https://blog.torproject.org/blog/new-tor-denial-service-attacks-and-defenses

======
redthrowaway
In a nutshell, the flow control algorithm was designed with trustworthy peers
in mind and buffering on a node was controlled by signals sent by its peers.
This allowed a misbehaving peer to spam buffer commands, exhausting available
memory on the target node. An attacker who carefully chose their targets could
force a TOR user to use a specific route, thereby de-anonymizing them.

Really just seems like TOR's version of slowloris. I'm rather disappointed
they didn't call it slowtoris.

~~~
p4bl0
For those (like me) who didn't know about slowloris:
[https://en.wikipedia.org/wiki/Slowloris](https://en.wikipedia.org/wiki/Slowloris).

------
jlgaddis
Holy... crap...

This is a big deal.

 _> ... found that we could disable each of the fastest guard and the fastest
exit relay in a range of 1-18 minutes._

 _> We also found that the entire group of the top 20 exit relays,
representing roughly 35% of Tor bandwidth capacity at the time of the
analysis, could be disabled in a range of 29 minutes to 3 hours and 50
minutes._

