
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network [pdf] - newaccountfool
http://www.robgjansen.com/publications/sniper-ndss2014.pdf
======
s_q_b
It's been patched. Here's the Tor Project's take:
[https://blog.torproject.org/blog/new-tor-denial-service-
atta...](https://blog.torproject.org/blog/new-tor-denial-service-attacks-and-
defenses)

------
finnn
Am I correct in assuming this is what was pulled from Black Hat?

EDIT: According to someone on reddit, it's been patched, and the Black Hat one
sounded like it hadn't been.
[http://www.reddit.com/r/netsec/comments/2bf9fl/the_sniper_at...](http://www.reddit.com/r/netsec/comments/2bf9fl/the_sniper_attack_anonymously_deanonymizing_and/cj4t0um)

~~~
s_q_b
If I had to guess what the blackhat talk was, it probably was more about a
systemic vulnerability than a specific hack. I'm guessing it got killed over
ECPA legal concerns.

~~~
s_q_b
Actually, it's the Wiretap Act (See 18 U.S.C.§2511), and the Pen Register and
Trap and Trace Act (See 18 U.S.C. §3127) you have to ensure you follow when
performing this type of research.

Here's an interesting analysis:
[http://spot.colorado.edu/~sicker/publications/issues.pdf](http://spot.colorado.edu/~sicker/publications/issues.pdf)

Equally interestingly, the same researchers who assisted with the paper on the
legality of network monitoring for research purposes were later accused of
wiretapping (although never charged) for monitoring Tor for research:
[http://www.cnet.com/news/researchers-could-face-legal-
risks-...](http://www.cnet.com/news/researchers-could-face-legal-risks-for-
network-snooping/)

------
lucb1e
On his blog it reads:

> 21st Symposium on Network and Distributed System Security (NDSS 2014)

So nothing to do with Black Hat which I thought it was until I saw the
comments here. Misupvoted...

