Stories
Slash Boxes
Comments

SoylentNews is people

Uncovering Tor Users: Where Anonymity Ends In The Darknet

posted by cmn32480 on Friday June 19 2015, @09:58AM   Printer-friendly
from the is-anonymous-possible-anymore dept.

ticho writes:

Unlike conventional World Wide Web technologies, the Tor Darknet onion routing technologies give users a real chance to remain anonymous. Many users have jumped at this chance – some did so to protect themselves or out of curiosity, while others developed a false sense of impunity, and saw an opportunity to do clandestine business anonymously: selling banned goods, distributing illegal content, etc. However, further developments, such as the detention of the maker of the Silk Road site, have conclusively demonstrated that these businesses were less anonymous than most assumed.

Intelligence services have not disclosed any technical details of how they detained cybercriminals who created Tor sites to distribute illegal goods; in particular, they are not giving any clues how they identify cybercriminals who act anonymously. This may mean that the implementation of the Tor Darknet contains some vulnerabilities and/or configuration defects that make it possible to unmask any Tor user. [In this securelist.com article, the authors] present practical examples to demonstrate how Tor users may lose their anonymity.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Uncovering Tor Users: Where Anonymity Ends In The Darknet | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by kaszz on Friday June 19 2015, @03:37PM

    by kaszz (4211) on Friday June 19 2015, @03:37PM (#198281) Journal

    It seems the culprits are:
      * Using an insecure browser (or infact any http/html browser)
      * Security issues with services setup to be accessed from Darknet. sprintf(), gets() and PHP?
      * Bitcoins. Transaction secure but wallets have an ID and may be associated by any mistake.
      * Make sure any attempt by any process to send packets outside of the Darknet or inquiry local IP is not possible.
      * Traffic low matched at various choke points.

    For the curious: Analyzing the FBI’s explanation of how they located Silk Road [nikcub.com]

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 1, Insightful) by Anonymous Coward on Friday June 19 2015, @03:46PM

    by Anonymous Coward on Friday June 19 2015, @03:46PM (#198289)

    There is another facet of that.

    Lets say you do X with person A.

    But you also do Y with person B.

    and so on.

    Eventually you can create a combination that can *only* be you. Order and what you do are also bits of information. Encryption only encrypts the conversation. Not the you had a conversation.

    Tor is trying to obfuscate the having the conversation bits. But if you post on the internet thru Tor then that means you have leaked information. Not all leaks are useful but some can be.

    For example I saw a dude decrypt an encrypted bios. He made the code do it for him. As it was perfectly obvious what parts were encrypted and which were not. He just started at the boot loader and walked it along until it did it for him. My point is even encrypting something leaks information.