Tor hack reports downplayed by developers

Found on Ars Technica on Friday, 02 March 2007

Tor, the system for anonymizing Internet traffic by routing it through a succession of "onion" routers, has been compromised. In the lab. Using a previously-known exploit. One that has yet to be seen in the wild. And one that was researched in consultation with Tor developers.

The paper that started the whole uproar explained that anonymity could be compromised on a Tor network if a malicious party deliberately configured its own Tor routers and advertised them as high-bandwidth devices. The Tor protocol tends to route traffic to devices which claim they have plenty of bandwidth available, but it does no checking to see if this claim is true. Setting up several of these servers allows the malicious party to be chosen as part of the routing path quite often. If two of the malicious servers are included as the start and end points in any particular path, a "correlation attack" becomes possible that can reveal both the sender and receiver of the communication.

The attack in question has never been seen in action outside the laboratory, and the researchers suggest several ways of reworking Tor to address the problem. Those suggestions include checking up on the claims made by routers (by comparing them to observed performance, for instance) and by implementing "location diversity" among the routers used by the system.

It has been pointed out more than once that true anonymity is practically impossible, so this shouldn't be much of a surprise.

Browse all articles« Previous « » Next »