

Rumors of Tor's compromise are greatly exaggerated - ch0wn
https://blog.torproject.org/blog/rumors-tors-compromise-are-greatly-exaggerated

======
JoachimSchipper
There are three relevant hacks here, and it's good to keep them clearly
separated.

First, Anonymous hacked into some server which ran a lot of hidden services
(essentially, Tor was used to hide the identity of the server.) Some
pedophiles were exposed, etc. This is not an attack on Tor: vulnerable webapps
can be hacked, hidden service or not.

Second, it's been known for a long time that wide-scale traffic analysis can
be used to discover who's talking to who. E.g. if I send packets into Tor at
t=0, t=.1354 and t=.1432 and you receive packets from Tor at t=1.832, t=1.982
and t=2.091, these may well be related - the delay is approximately constant.
(More clever analysis gets you better results.) This is a known attack and not
fixable without introducing big random delays. (Mixmaster, "Tor for e-mail",
does introduce such delays. It's not a good fit for the web, though.)

Third, some Eric Filiol reportedly claims to be able to decrypt Tor traffic
(by hacking into lots of vulnerable Tor nodes and overloading the unhackable
ones to force traffic through the compromised nodes.) This seems unlikely: the
report seems to have lots of (minor) errors, and the description of the attack
makes no sense (controlling the flow of encrypted data does not let you
decrypt said data.) It _is_ possible to discover who's talking to who if you
hack into a sufficient number of nodes, by using the nodes as network
monitoring stations. However, that's essentially the same hack as #2 above.
(Note that only the last node in the Tor network to see the packet has access
to the unencrypted form. Since running a Tor endpoint invites lots of
unwelcome attention, these are probably far more professionally run than the
average node.)

------
namank
Well, I'm also to be blamed for this exaggeration.

Last night I also posted one of _those_ links on HN. Sorry about that, reading
stuff at 3 in the morning isn't such a great idea after all.

------
SageRaven
Does anyone know of any service providers which are friendly to Tor? I'm not
sure I'm comfortable with running an exit node (yet), but I think I'm
competent enough to run a secure relay node or two in various geographical
locations.

Anyone here run a dedicated Tor node? I'm curious on bandwidth and horsepower
required. I would imagine even a modest VPS could handle running the service.

I'd really like to support the Tor network on a technical level, to increase
the size of the crowd as it were.

~~~
icarus_drowning
I have a box that sits in the closet and runs a bridge/relay. Bandwidth on a
commercial grade cable connection is minimal, and I don't notice it at all.
I've successfully run Tor nodes on boxes with 300 Mhz processors and only
128MB of memory, so yeah, I'm guessing a tiny VPS wouldn't have trouble with
it.

I don't run an exit, and won't be running an exit, but it is simple enough to
run a bridge/relay that I'm surprised how few people do.

A really helpful piece of software is arm:
<https://blog.torproject.org/blog/arm-release-140> really useful way of
monitoring how much bandwidth tor is using. It also allows you to edit/reset
you torrc with a couple of keys. It keeps stats on how much data your passing
through the network too, which is pretty cool.

I've had no problems from my ISP (Comcast), but then again I do pay for their
commercial grade service, which doesn't have ToS restrictions on proxies. (I
used to run a node out of my residential Comcast connection too-- they didn't
seem to mind).

~~~
SageRaven
You run on a public IP or over NAT? If NAT works, I could stick a little
always-on Acer netbook in a closet to participate on the network over my 15Mb
cable service. Would save a fair bit of money over dedicated server/VPS.

Thanks for sharing.

~~~
icarus_drowning
I've done it both ways. Either way, it's best practice to open a few
recommended ports, so overall I don't see a ton of difference. NAT seemes to
work just fine, so long as tor can establish a few outside connections. (A box
sitting behind a NAT router has relayed about 10 GB of data since I reset it a
few days ago, so obviously something is working).

------
nitrogen
OT: What's the deal with that "thehackernews dot com" site linked in the
article, using an orange favicon and everything? Which came first?

~~~
muchnewer
<http://thehackernews.com/p/about-us.html>

The company was apparently founded in November 2010, so it is quite new.

