this post was submitted on 19 Sep 2024
97 points (80.9% liked)

Technology

59317 readers
4753 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] InvertedParallax@lemm.ee 26 points 1 month ago

2 things:

  1. This seems to be a specific attack for their IM protocol if the entry node was compromised, and could be placed nearby the client. To make this much easier, you'd want to compromise both the entry and exit nodes (in this case exit node is TOR native, so it's more like internal node).

This has never been unknown, this is one of the fundamental attack vectors against TOR, the IM protocol seemed to make correlation easier due to its real time nature.

They added a protection layer called Vanguard, to ensure the internal exit nodes were fixed to reduce the likelihood that you could track a circuit with a small number of compromised internal exit nodes. This seems like it would help due to reducing likelihood of sampling.

  1. TOR has always been vulnerable, the issue is the resources needed are large, and specifically, the more competition for compromising nodes the more secure it is. Basically now the NSA is probably able to compromise most connections, and they wouldn't announce this and risk their intelligence advantage unless there was an extremely valuable reason. They definitely wouldn't do so because a drug dealer was trying to make a sale. Telling normal law enforcement basically ends their advantage, so they won't.

Other state actors might try, but they're not in the same league in terms of resources, IIRC there are a LOT of exit nodes in Virginia.

tl;dr - The protocol is mostly safe, it doesn't matter if people try to compromise it, the nature of TOR means multiple parties trying to compromise nodes make the network more secure as each faction hides a portion of data from the others, and only by sharing can the network be truly broken. Good luck with that.