Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Friday June 19 2015, @09:58AM   Printer-friendly
from the is-anonymous-possible-anymore dept.

Unlike conventional World Wide Web technologies, the Tor Darknet onion routing technologies give users a real chance to remain anonymous. Many users have jumped at this chance – some did so to protect themselves or out of curiosity, while others developed a false sense of impunity, and saw an opportunity to do clandestine business anonymously: selling banned goods, distributing illegal content, etc. However, further developments, such as the detention of the maker of the Silk Road site, have conclusively demonstrated that these businesses were less anonymous than most assumed.

Intelligence services have not disclosed any technical details of how they detained cybercriminals who created Tor sites to distribute illegal goods; in particular, they are not giving any clues how they identify cybercriminals who act anonymously. This may mean that the implementation of the Tor Darknet contains some vulnerabilities and/or configuration defects that make it possible to unmask any Tor user. [In this securelist.com article, the authors] present practical examples to demonstrate how Tor users may lose their anonymity.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Interesting) by Anonymous Coward on Friday June 19 2015, @01:49PM

    by Anonymous Coward on Friday June 19 2015, @01:49PM (#198220)

    The last section of the article is the most important one, yet the most half-ass: Connecting to a malicious server isn't the only problem, traffic fingerprinting works both ways. Malicious clients can connect to a server while the all-seeing PRISM watches. Further the malicious server scenario in the article is incomplete, if Eve is in control of the router upstream from the server, the server itself can be innocent. Eve can impose traffic shaping controls from the router to create the fingerprint.

    Starting Score:    0  points
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Interesting' Modifier   0  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Friday June 19 2015, @02:16PM

    by Anonymous Coward on Friday June 19 2015, @02:16PM (#198235)

    Eve is a passive attacker (E for eavesdropper). So she can watch traffic, but does not influence it directly. Only Mallory can do that (M for man-in-the-middle).