This is the big problem I have with Tor, and, in particular, with the people who recommend Tor to people with serious privacy needs (such as the Iranian dissidents). A heist like this is possible because putting your traffic on Tor flags it as belonging to a subset of all traffic that is more likely to contain interesting information.
It's the same with the people trying to help Chinese dissidents evade the "great firewall". Maybe you're really helping them evade the firewall. Or, maybe you're helping a savvy government agency zero in on the traffic worth monitoring.
I worry that to the people providing the anonymizing and securing technology, this is a game. It's not for the people using the technology.
I agree with your sentiments. TOR is designed for anonymity, not privacy; which is something I think is lost on many people who use it.
If you're transmitting information that is personally identifiable, TOR isn't the means to do it. The issue I see, is that there isn't really a solution for people concerned with that.
Yes, Tor is for anonymity, not privacy. But that just means you still need to be operating over a secure channel---be that SSL or sending the documents encrypted, etc.
The fact that they operated compromised nodes does NOT diminish from Tor's anonymity. Most anonymity systems assume about 1/5 of the nodes will be compromised (which is reasonable barring a very large global adversary).
In general, timing attacks are the biggest issue in low-latency anonymity systems: if you can track packets going into Tor and coming out of Tor, you can link the sender to the destination. But, if the traffic was encrypted, that still doesn't get you the documents themselves.
Edit: More specifically to the grandparent---even with a compromised exit node, that doesn't reveal the source (that's the point of onion routing). The case of China is a hard one, due to the level of state control. There are ways to request exit nodes in the Tor network (I have no idea how well documented this is), so for them, selecting an exit outside China for accessing international sites would probably be best (this would remove/greatly reduce the risk of Chinese gov't timing attacks).
There has been some work on strategically choosing entrance/exit nodes to reduce the risk of these kinds of timing attacks, but I don't know of anything that has been published or implemented yet (I haven't worked on that particular aspect in a while). Basically, some of the methods would have automatically chosen exit nodes outside of China (to prevent exit->destination traffic from travelling through the same autonomous systems as source->entrance traffic).
After some brief digging, it appears there has been some published research on location diversity in path selection in Tor since I last worked on that problem. https://docs.google.com/viewer?url=http://www.cs.rpi.edu/~ed... has some good results, if anyone is interested.
I believe if the final destination of the tor communication had been https,
wikileaks could not have eavesdropped and read the documents. The article fails
to make that distinction when it says:
By necessity, however, the last node through which traffic passes has to
decrypt the communication before delivering it to its final destination.
A poignant reminder that Tor is just one of many tools and practices necessary to maintain security and privacy.
I remember during Wired's "Vanish" contest ( http://www.wired.com/vanish/2009/11/ff_vanish2/ ), the guy on the run was using Tor. As such, there was talk about setting up a bugged Tor exit node with lots of reported bandwidth to try to intercept his Gmail sessions. I ran the odds (figuring his client chose exit nodes at random), and there was a decent chance that his traffic would have been captured at least once over the month of the contest. Unfortunately, someone pointed out that it ran afoul of wiretap laws. And the SSL MITM shenanigans to try to capture his email password would definitely have been illegal. So the idea was shelved.
Which shows a serious flaw with the contest. The only people you would go to these lengths to avoid would be someone from the government or a criminal organization. Those are exactly the two groups who either don't have the law apply to them, or are willing to break the law.
How is this conflict of interest? They were eavesdropping on private tor communication, albeit morally questionable action.
Either way I lost most of my respect for them long time ago, they are not much different from other news organization, they just put a sensationalist spin to their news. Take whatever they give with a grain of salt and understand that they are only portraying one side of the story.
Say what you want about the methods, motives, and spin of the people behind Wikileaks, but the fact is they release an incredible amount of credible primary sources. You can dismiss their spin, but you can't dismiss the hard facts they've uncovered.
I am not dismissing the importance of what they released. I am hoping that people would see their sensationalist method of reporting.
Take for example the last apache fire video. Its true that it was troubling, its true that it was gruesome and its also true that it will remind people who are otherwise oblivious to the consequences of war, even if it is for a few moments.
But how much value does that piece of video have in changing the perception of public, even after months of hyping ("CIA is following us" on twitter) about it? I suppose not much.
Was this video more significant than the revelation that Iraq never had WMD to begin with? Is this video more significant than Abu Ghraib torture and prisoner abuse? Is this any more significant than 100s of videos you will find online about armies killing Iraqis?
The simple fact is that this single incident is not anymore significant than other 100s of incidents that has been widely reported by mainstream media. People who care, read about it and know about it.
They are certainly not the bad guys but I think wikileaks have questionable ethics and when you have questionable ethics its hard to take you or the news you have seriously, even if the news are exceptional [1]. The idea that they have millions of documents that they can't release because they don't have enough funds is utterly ridiculous. Holy shit, someone tell him about a thing called "torrents".
Their whole point of the sensationalist, biased video release was to get maximum bang for the bucks and get those donations piling up. Which is exactly what happened.
[1] See also: Fox News. (not they are not exceptional, but their occasional truths are lost amid their river of lies)
I lost most of my respect for them long time ago [--] Take for example the last apache fire video.
Do you have another example, from long time ago? That last one was widely panned, but prior to that, their editorialism wasn't criticized very much (though I seem to recall there was some; I just wasn't paying attention).
Wikileaks has been around for less than 3 years. So when I say "long time ago" you have to take it as a figure of speech. I did say I lost respect for them, but I didn't say I lost respect for them as a result of their release of any particular information. I lost respect since they started to claim that they have more than a million documents (2007) waiting to be released, but they can't release it because of lack of funds, specifically for infrastructure costs and had to close the site down. Which they later expanded into legal fees, their website (when they were shut down) showed that their legal fees is being paid by other non-profit organizations and most lawyers are working pro-bono (since they opened up the site I can't find the page or the piece of information). For the love of me I don't understand how they can have an operative cost of €600,000 per year. They never addressed the specifics of their costs.
More WTF, they listed some members in their advisory boards (including Noam Chomsky), who didn't even know that they were members of wikileaks advisory board. [1]
There are quite a few things about wiki-leaks that doesn't make sense or add up, and perhaps the nature of their work creates some discrepancies in information about their work, but that shouldn't take away anything from some of the valuable leaks that came from wikileaks.
Two rules I try to apply in my life.
1) Be skeptical of anyone and everyone. Everyone is biased and everyone has a motive. "Who watches the watchmen"?
2) Don't put anyone in unrealistic moral standard. Avoid "herofication" of individuals or an organization. Humans are fallible.
It's somewhat burried in the article but it is at least claimed they weren't so much eavesdropping as they were "re-stealing" documents which had already been stolen (by Chinese hackers).
It's still questionable but in a more muddy category...
Hrm, in 2007 people were able to intercept traffic from Tor quite easily by using a packet sniffer on an exit node. It looks like wikileaks got information through an implementation of this hack possibly?
Intercepting TOR traffic is trivial, it's not really a hack. They could have just run a TOR exit node of their own, and seen what came through unencrypted. The point of TOR is not to keep the traffic private (you use end-to-end encryption for that), it's to obscure the sender.
I'm of the mindset that if you require anonymity and privacy, and use tools you do not even RTFM for, nor do some basic investigation into the field, you deserve what happens to you.
Go Wikileaks. Capitalizing on stupidity for great justice FTW.
The sources they stole from (if you're referring to "the big one" a little while ago) did know the basics, and presumably quite a bit more than many places. It was a fairly sophisticated attack. It's part of the risk you run in connecting to the internet in the first place, but it's 100% different than people who think TOR makes all their data private, which they'd learn if they read the short intro page. Notably the two sentences that are important enough to get their own paragraph:
"Tor doesn't magically encrypt all of your Internet activities, though. You should understand what Tor does and does not do for you."
My point was that China was transmitting stolen documents over TOR, not stealing documents transmitted over TOR. Although they probably do that as well.
It's the same with the people trying to help Chinese dissidents evade the "great firewall". Maybe you're really helping them evade the firewall. Or, maybe you're helping a savvy government agency zero in on the traffic worth monitoring.
I worry that to the people providing the anonymizing and securing technology, this is a game. It's not for the people using the technology.