
How the TOR Project is helping Iranian protesters - sweetdreams
http://www.washingtontimes.com/news/2009/jun/26/protesters-use-navy-technology-to-avoid-censorship/print/
======
zitterbewegung
Only problem is that TOR can be compromised by operating a hostile exit node.
This involves running a packet sniffer on a exit node and analyzing the
traffic.

~~~
gasull
What do you mean with _compromised_? A Tor exit node can sniff the traffic. So
what? Unless you are signing in on a site, that doesn't matter. There is no
MITM attack against your anonymity, provided you use Torbutton to block known
Javascript/plugin exploits.

Don't use Tor to sign in you bank account or your email account. Reading news
or Wikileaks through Tor? No problem. All what the exit node sniffer will see
is an anonymous user reading news websites.

~~~
mkyc
It depends on which attack was meant - there are two that come to mind. It
annoys me that you're assuring security without being familiar with the
systems, and that the legitimate concern expressed above and this response is
now at the bottom due to downvoting of the former.

The first attack is simple packet sniffing for passwords and data. A few of
these have been covered by the media[1]. This is considered a compromise of
the system because ignorance of complicated security procedure should be
expected and countered, but is not by default (as is attempted in, for
example, I2P/Syndie). See sslstrip[2] for your MITM attack against anonymity,
which does a great job of compromising even the security-aware. As for using a
bank account or email, I would feel perfectly safe using both over Tor, as
long as I entered the https: myself (my webmail is set to always use https).
In fact, I would feel less safe using news websites, since my activity with
these could be used to identify me as the same user over a number of exit
nodes.

The second is the timing attack. Tor is low-latency and not a mix[3], so
packet size & timing data can be correlated to determine whether two hostile
nodes are on the same tunnel. You-H-N-H-Dest, where H are hostile nodes and N
a neutral node. The one beside You is a guard node, and can determine its
status as such by observing how often you connect to it (your node connects to
only a small group of guard nodes). The second H is the exit node, and knows
what the Destination is. A simple timing attack plus the mutual connection to
N links your ip to the destination. There are 1800 tor nodes[4], I'll let you
do the math on how long it would take an adversary with a very modest budget
(or 20 zombies) to land two hostile nodes in this configuration. It's not very
long, given that your 3 outbound tunnels reconstruct every 10 minutes.

As is common with security, you've gotten just about everything wrong. (No
doubt I've made similar blunders in this short message.) Luckily, though,
nobody actually cares about what people do on Tor - or perhaps they think that
collecting data is more worthwhile than exposing vulnerabilities. Please take
the time to learn more before commenting on (or using) these systems.

[1] <http://www.theregister.co.uk/2007/11/15/tor_hacker_arrest/> [2]
<http://www.thoughtcrime.org/software/sslstrip/> [3]
<http://en.wikipedia.org/wiki/Chaum_mixes> [4] <http://proxy.org/tor.shtml>

~~~
gasull
_As for using a bank account or email, I would feel perfectly safe using both
over Tor, as long as I entered the https: myself_

DNS lookups are made through Tor. This means that a compromised exit node
could phish your email or bank account. Unless you do the DNS lookups yourself
off-Tor, of course, but then you won't be anonymous.

 _I would feel less safe using news websites, since my activity with these
could be used to identify me as the same user over a number of exit nodes._

How? Torbutton doesn't use your non-Tor browsing cookies. And you can block
cookies altogether anyway.

 _The second is the timing attack. Tor is low-latency and not a mix[3], so
packet size & timing data can be correlated to determine whether two hostile
nodes are on the same tunnel. You-H-N-H-Dest, where H are hostile nodes and N
a neutral node. The one beside You is a guard node, and can determine its
status as such by observing how often you connect to it (your node connects to
only a small group of guard nodes). The second H is the exit node, and knows
what the Destination is. A simple timing attack plus the mutual connection to
N links your ip to the destination. There are 1800 tor nodes[4], I'll let you
do the math on how long it would take an adversary with a very modest budget
(or 20 zombies) to land two hostile nodes in this configuration. It's not very
long, given that your 3 outbound tunnels reconstruct every 10 minutes._

You're right on this. I knew about timing attacks, but I didn't know they were
so easy. I though you needed a big infrastructure like Echelon.

I think a solution for Iranians would be using I2P or Freenet, or even Tor if
it's just with .onion websites, because then the traffic never leaves the
darknet and therefore it's more resistant to a timing attack (You might need
something like Echelon for a timing attack in this case). The problem is they
wouldn't be able to use Twitter, Google or any other Internet sites.

------
kierank
Why can't the iranians just filter TOR node IP addresses?

~~~
gasull
Some Tor nodes aren't publicly known. You get to know them by a friend or
visiting a website, chat, etc., like it happens with some P2P networks.

I don't know if Iranian the government is trying to block tor nodes, but even
if they were the would never be able to completely block it.

~~~
brl
They could identify connections into the Tor network by analyzing handshake
traffic and it seems that this may be exactly what is currently happening.

~~~
gasull
They are SSL-encrypted. They cannot identify Tor connections unless it is to a
publicly known Tor node.

~~~
brl
The way Tor uses TLS/SSL is unique enough that it seems very possible to
automatically classify Tor traffic.

I don't think this is really happening in Iran, but nobody knows for sure. My
comment was misleading and what I really meant to say is that there is some
evidence that encrypted protocols which can be used for tunneling traffic such
as SSL and SSH are being automatically detected. Rather than blocking the
connections completely, they are traffic shaping them to make them very slow.

Since the Tor link protocol is basically just SSL it will also be affected by
any policy applied to all SSL connections.

~~~
gasull
_The way Tor uses TLS/SSL is unique enough that it seems very possible to
automatically classify Tor traffic._

Do you have more information on this?

~~~
brl
No, and I'm not sure about it. The way that Tor uses certificates does not
seem to be very well documented or I would have a stronger theory about how it
could be done without causing an unacceptable level of false positives on
regular SSL traffic.

