[tor-talk] List of ways to attack Tor
windows95 at national.shitposting.agency
windows95 at national.shitposting.agency
Fri Jan 6 03:03:41 UTC 2017
On 2017-01-05 13:13, Roger Dingledine wrote:
> On Thu, Jan 05, 2017 at 12:25:20PM +1030,
> windows95 at national.shitposting.agency wrote:
>> I'm tasked with doing a short report on the ways in which Tor can be
>> attacked.
>> I've brainstormed and done research for few hours and this is the
>> list I've come up with.
>> Is there anything big that I've missed?
>> I feel I might be a bit light on more technical attacks.
>
> Your list is pretty good, though it could do with some sorting and
> some categories. :)
>
> For another interesting set of attacks, see
> https://media.torproject.org/video/Defcon16-Roger_Dingledine-Sec_Anonymity_Vulns_in_Tor.m4v
> and
> https://media.torproject.org/video/2008-12-29-25c3-2977-en-security_and_anonymity_vulnerabilities_in_tor.mp4
>
> These talks are some years old now, but many of the issues the talks
> describe are hard to fix well so they remain an issue in some form.
>
> If I were doing your 'short report', I would try to prioritize the
> various
> attacks in terms of how hard they are to perform, and how damaging they
> are if performed. You could imagine a two-dimensional graph where
> various
> attacks correspond to a point on the graph.
>
> I would also want to include a short section on how having a big list
> of
> possible attacks does not indicate that it's a weaker system or weaker
> design compared to a system or design that has a shorter but scarier
> list
> of attacks. For example, centralized architectures don't need to think
> about the more esoteric attacks, because they have the whole dataset of
> what users went to which website right in front of them:
> https://svn.torproject.org/svn/projects/articles/circumvention-features.html#5
>
> Let us know what you come up with,
> --Roger
Thanks, those talks were very useful.
One question: Has the attack where the first hop refuses to extend
circuits, except to other relays under their control still a problem?
Has it been addressed apart from using guards?
Thanks
More information about the tor-talk
mailing list