A pair of researchers from Northwestern University are working on a framework to let users identify misbehaving Tor nodes.
In a brief paper presented to last week's Privacy Enhancing Technologies symposium in Germany, they suggest their proof-of-concept worked, turning up 110 snooping relays on Tor. Northwestern University's Amirali Sanatinia and Guevara Noubir made the discovery on a 72-day run of their toolkit starting in February.
The problem centres around hidden services, which are meant to protect users by keeping traffic on the Tor network. That protects users against attacks that match entry-node traffic to exit-node traffic, because there's no exit node.
However, as CloudFlare-supported research found last year, the Hidden Service Directory (HSDir) then becomes an attack vector.
That's what Sanatinia and Noubir went to work on in this brief paper. They describe “honey onions” (honions) that they reckon “expose when a Tor relay with HSDir capability has been modified to snoop into the hidden services that it currently hosts”.
(Score: 0) by Anonymous Coward on Wednesday July 27 2016, @07:42AM
dont believe everthing cloudflare