[Cryptography] The attack that broke the Dark Web—and how Tor plans to fix it

John Denker jsd at av8n.com
Fri Dec 4 17:23:00 EST 2015

On 11/02/2015 02:26 AM, Darren Moffat wrote:

> For a public news site in not so sure I see why someone would expect to
> have any privacy

I can think of a dozen reasons why people /should/ want and expect
privacy when browsing public sites.  These days shopping for a 
pressure cooker can get you into trouble.

> If you need that then you should read in private browsing mode
> over Tor (or equivalent)

That is "supposed" to provide privacy ... but how sure are we that
the Tor network is not a wholly-pwned subsidiary of CMU / FBI / NSA
/ GCHQ / Спецсвязь / 总参三部 / et cetera ???

Here's an interesting article on the subject:
 [1] Kashmir Hill 
  "The attack that broke the Dark Web—and how Tor plans to fix it"

The basic story has been floating around for a while, but that is 
the most detailed account I've seen of how the Tor guys detected 
the attack.  Among other things, it quotes the Black Hat abstract
that was taken down:

A less-detailed article on the same subject is:
 [2] Andy Greenberg
  "Tor Says Feds Paid Carnegie Mellon $1M to Help Unmask Users"

I doubt the details of that incident will remain secret much longer.

Looking forward:  It is reported [1] that Tor ...
>> now has a set, strict procedure for how to respond when it sees a 
>> bunch of servers join its network. It will remove them by default 
>> rather than taking a ‘wait and see if they do something weird’ 
>> approach.

That doesn't impress me.  It would be poor tradecraft to repeat
the tactic of inserting a "bunch of servers" into the Tor network 
all at once.  One must assume that a slightly less oafish M.O. 
would be used for subsequent attacks.  One wonders whether more 
a gradual infiltration would be detected.

More information about the cryptography mailing list