[HN Gopher] Tracking One Year of Malicious Tor Exit Relay Activi...
___________________________________________________________________
Tracking One Year of Malicious Tor Exit Relay Activities (Part II)
Author : hacka22
Score : 183 points
Date : 2021-05-10 16:55 UTC (6 hours ago)
(HTM) web link (nusenu.medium.com)
(TXT) w3m dump (nusenu.medium.com)
| grouphugs wrote:
| this project fucked over freenode so bad, would still not
| recommend joining that organization
| 02020202 wrote:
| wow, quarter of the entire tor network is
| compromised....shiiiiet. at least it seems forcing https solves
| the problem.
| ajcp wrote:
| The almost willful lack of tradecraft, scale of deployments,
| small time-frames, and "loudness" of action the highlighted
| entity displays, combined with the technical knowledge required
| to take part in this narrow space, suggests that someone is
| tolerance-checking the system rather than actually seeking to
| inhabit it.
|
| Or they really are just shitty and impatient Russians, I could go
| either way.
| notriddle wrote:
| You're suffering from the Toupee Fallacy. You assume that these
| people must be intentionally making themselves noticeable,
| because there's no way the average malicious Tor node operator
| could be this dumb.
|
| But there's no rule saying that these are average malicious
| exit node operators. They could just be particularly stupid
| ones. We don't know about the competent ones.
| bawolff wrote:
| Why does tor even allow plain http by default. The internet has
| changed, most sites support https now, seems like a better
| default is in order.
| Ajedi32 wrote:
| As the article notes, Firefox has an HTTPs-only mode now and
| Tor Browser is based on Firefox ESR, so there's a chance they
| might add that feature in the next major version update:
|
| > When Tor Browser migrates to Firefox 91esr we will look at
| enabling https-only mode for everyone, but there remains a
| significant concern that there are many sites that do not
| support HTTPS (especially more region specific sites) and the
| question of what messaging Tor Browser should use in that case.
|
| Source: https://lists.torproject.org/pipermail/tor-
| relays/2021-April...
| f430 wrote:
| Quick question: if you use Tor to send and receive crypto are you
| at risk of MITM?
| jandrese wrote:
| If you aren't in the habit of answering yes to big browser
| warnings about self-signed certs it seems like it shouldn't be
| an issue.
|
| If the MITM operators have stolen a well known root cert then
| we have a much bigger problem.
| avidiax wrote:
| SSL stripping allows attackers to avoid the big browser
| warnings, yet view and tamper with your data.
|
| https://blog.cloudflare.com/performing-preventing-ssl-
| stripp...
| vbezhenar wrote:
| HTTP is marked as " Not Secure". It's not big, but it's
| noticeable if you're paying attention and you definitely
| should pay attention for financial operations.
| opheliate wrote:
| In most cases, it should be okay, it's a specific scenario
| where MITM is possible. The issue arises if you're using Tor to
| access a website which gives you an address to send crypto to,
| and you trust that address is correct.
|
| If it's a hidden service you're connecting to, it's fine,
| there's no way for a malicious exit node to alter what's sent
| to you. If it's a normal website (i.e: not .onion) that you're
| getting the address from, then the exit node could perform SSL
| stripping [0], an attack in which a website which would
| normally be served over HTTPS is served to you via HTTP, and so
| the malicious exit node could alter the content. In this case,
| the attacker could change any cryptocurrency addresses present
| in the website to convince you to send currency to the wrong
| address. It would be visible in your browser that the website
| is being served over HTTP, not HTTPS.
|
| It should be noted, this scenario is getting rarer with the
| introduction of HSTS [1], especially in conjunction with HSTS
| preloading, which prevents your browser from accessing the
| website over plain HTTP. Tools like HTTPS Everywhere [2] can
| help ensure that you never access websites over plain HTTP
| also.
|
| Also, this isn't a vulnerability in Tor per se, the exact same
| is possible without Tor, it's just that when you connect to a
| website via Tor, you're deliberately introducing extra hops
| between you and your destination, which wouldn't normally be
| there.
|
| So, things that would need to come together for this attack to
| work: First, you're not connecting to a hidden service. Second,
| the website you're connecting to doesn't use HSTS, or you've
| not connected to them before & they're not in the preload list.
| Third, you aren't using a tool like HTTPS everywhere and you
| don't notice the website is coming to you over HTTP. Fourth,
| you don't verify that the address you've been given is correct
| independent of the website before sending a payment. This seems
| to me to be a fairly rare set of circumstances on the modern
| internet.
|
| 0: https://security.stackexchange.com/questions/41988/how-
| does-...
|
| 1: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
|
| 2: https://www.eff.org/https-everywhere
| azalemeth wrote:
| Out of curiosity, is there much of a (legal, sensible) community
| on i2p nowadays? I think its crypto is stronger than tor's, but
| unfortunately when I looked (many, many years ago) it was an
| absolute cesspool of humanity, of the "oh god, I am uninstalling
| this now" variety.
| saurik wrote:
| FWIW, the security researchers I talked to about I2P--such as
| the authors of the paper I link after this paragraph, which is
| an example that comes to mind readily--mostly had felt that
| there was no reason to write papers about it anymore as there
| had been so many attacks on it already and that none of them
| had been taken seriously (unlike the Tor people, who care
| deeply and fix things quickly) that it wasn't fun or pointful.
|
| https://sites.cs.ucsb.edu/~vigna/publications/2013_RAID_i2p....
| a2tech wrote:
| As a believer in the Tor mission---how do I run a non-evil exit
| node?
| akadruid1 wrote:
| Given the sizable investment of time and money required to run
| and independent exit node, it might be worth considering
| throwing your support behind one of the existing non-profits
| providing exit nodes
|
| https://blog.torproject.org/support-tor-network-donate-exit-...
|
| https://2019.www.torproject.org/docs/faq#RelayDonations
| flatiron wrote:
| running an exit node is a really bad idea. someone is going to
| do something dumb on Tor and the local PD isn't going to know
| anything about Tor and will come knock on your door. i used to
| run a relay and even that became too much of a hassle. first my
| bank blocked me (they block all tor traffic even from relays)
| and then my companies IT did an audit and saw traffic "coming
| from tor" to them and politely asked me to stop using Tor. that
| was the last straw for me, and i took it down.
| scrose wrote:
| I've had a similar experience just connecting to my school's
| Wifi network. Someone left a threatening message on the now
| dead 'anonymous' chat app(YikYak) using the campus Wifi.
| Campus PD checked the IP address, saw one of my devices now
| had that IP, and gave me a call. I spent 5 mins trying to
| understand what this app was that they were even talking
| about, and another 10 mins explaining how IP addresses work
| to them.
| SubiculumCode wrote:
| But why would you do that from you home IP and not rent a
| server somewhere?
| phoronixrly wrote:
| AFAIK
|
| 1. Live in a country in which law enforcement follows the law
| and the law does not prohibit running tor, as noted in a
| response.
|
| 2. Hire a lawyer competent on cybercrime, intellectual property
| and freedom of speech.
|
| 3. Set up a non-profit or other legal entity with the explicit
| purpose of running tor exits/relays (stated in the articles of
| incorporation or similar founding documents, depending on the
| country and type of legal entity). Make sure its address is not
| your home address.
|
| 4. Purchase or rent the necessary hardware through the legal
| entity (don't ever do anything unrelated to the tor exits from
| this entity). _Make sure you co-lo it in a datacenter, do not
| run any exits in your office and especially not in your home_.
| Avoid having any hardware you rely on not being seized in close
| (physical -- same rack or logical -- e.g. same network)
| proximity. Explain to your host that you 'll be running tor
| exits. Clearly label your systems as tor exits in any possible
| way you can manage, including physically on the cases/bezels.
| Run a web server on their public IPs with a page explaining
| that this is a tor exit node run by such and such legal entity,
| set WHOIS data with the same info if possible. Set up reverse
| DNS with hostnames that clearly state this is a tor exit node.
|
| 5. Be ready for trips to the PD in order to explain what tor is
| and why what you're doing is legal and that it's not you that
| sent that phishing e-mail, etc. It is a matter of _when_ an
| illegal activity will be traced back to your the legal entity
| 's exit and no amount of labelling will deter law enforcement
| from summoning you as a representative of the entity. Reasons
| being incompetence, desire/requirement to investigate
| thoroughly, or plainly using inconvenience as a way to
| discourage you from running the nodes (in the end, tor both
| creates more work for law enforcement and is a big obstacle to
| them so they'd rather not have to deal with it if possible).
|
| This is the gist of it. The details need to be discussed with a
| lawyer. And again all of this relies on the law enforcement and
| justice systems to follow the law and the law to not prohibit
| tor. Don't do this in a country in which there's risk of you
| being black-bagged or held legally responsible for running tor
| or not keeping traffic logs.
|
| Source: my poor understanding my country's and EU's laws.
| IANAL.
| 8note wrote:
| Addendum to 1. Tor also has to be legal in that country
| INTPenis wrote:
| I'm a long time exit node operator, I operate X currently and all
| are in Asia where they're most needed imho.
|
| I would not be opposed to having some sort of operator validation
| of exit nodes. Where you can actually validate who runs an
| operator node, get a person behind them. And perhaps rate those
| higher than others.
| WORMS_EAT_WORMS wrote:
| > I operate X currently and all are in Asia where they're most
| needed imho.
|
| Interesting/Awesome. Just curious, what day/event specifically
| motivated you to get started with this?
|
| To be honest, my impression -- which could be wrong -- is most
| exit node operators do so for nefarious reasons, Pr0n (hence
| your username INT-Penis), or are Fed.
|
| (to be clear, appreciate what you are doing regardless)
| dmantis wrote:
| I had ran exit node for several years because it, you know, a
| good thing to do in life. Like donating to charity or publish
| GPL code. Freedom sometime is underrated, but if you live in
| authoritarian state you may understand.
|
| Helping people around make me feel better.
| nacs wrote:
| > Pr0n (hence your username INT-Penis), or are Fed.
|
| This part of your comment is completely unnecessary and
| unwarranted.
|
| You already asked your question, just wait for an answer
| instead of jumping to uncharitable conclusions.
| maybelsyrup wrote:
| > Pr0n (hence your username INT-Penis)
|
| Wait I can't tell if you're joking, do you really think their
| username is a reliable indication that they run Tor nodes for
| pornography, and not a stupid internet pun? Because if you're
| joking I lol'd, but if you're not I ... I'm worried about
| you, I guess?
| a1vd wrote:
| The username refers probably to INTP-enis, INTP is a
| personality type (Myers-Briggs).
| ConcernedCoder wrote:
| For the uninitiated, this:
| https://www.16personalities.com/intp-personality
| NaturalPhallacy wrote:
| As a username with a stupid pun/portmanteau with a dick
| joke in it I appreciate this.
|
| I wanted to use the name NaturalsticPhallacy, because it's
| a prevalent fallacy I see people fall for, and humans have
| found dicks funny since recorded history but it's too long
| for HN so I had to shorten it to this one.
|
| I do not build or operate any sort of porn or even porn
| adjacent software or service and never have. Not that I
| wouldn't if the right job came along, but I never have and
| currently don't.
|
| But I digress. Usernames are generally best ignored. The
| content of their writing is what matters.
| WORMS_EAT_WORMS wrote:
| Yes, I am wondering why the person with the username
| containing the word "Penis" runs Tor exit nodes. It is
| curious and agree could easily be totally unrelated.
| Forbo wrote:
| Considering that I see a large number of Tor nodes running
| from the same addresses as many pool.ntp.org nodes, I think
| your view is a bit uncharitable. Some people believe in
| Internet freedom and privacy, and see Tor as a way to help
| bring that vision to the world. In my opinion, it's just
| people contributing another piece of infrastructure run as a
| public service.
| INTPenis wrote:
| I just think anonymity should be a right. I don't even
| remember when I was introduced to tor first, probably
| sometime in the early 2000s.
|
| I'm not stupid, with anonymity comes abuse. But I don't think
| that's a reason to get rid of the option to be anonymous.
|
| I'd say your impression is wrong about tor operators, I've
| met a few of them at various events. (Not including the tor
| operators who try to subvert anonymity of course, whoever
| they are.)
|
| But the tor network is absolutely mostly used for illegal
| activity. I can't be dishonest about this, that would mean
| denying human nature. Give humans a way to be anonymous and
| they will absolutely abuse that.
|
| But I've also met one reporter in person who thanked me for
| the tor network, that's enough for me.
| Analemma_ wrote:
| To be honest I just take it for granted that all exit relays are
| either run by Feds or at least compromised by Feds. If you use
| Tor for anything you wouldn't want Five Eyes to know about,
| you're an idiot.
| xvector wrote:
| Isn't Tor designed to ensure anonymity despite a snooping exit
| relay? I thought that even if you compromise an exit you can't
| do much without compromising the in-between relays.
| Lammy wrote:
| Designed by the US Navy to ensure anonymity of US agents
| abroad from other countries via the DoD-birthed Internet,
| sure.
| bawolff wrote:
| Its designed so that a snooping exit node can't identify you,
| but it can see all traffic.
|
| Which is why you should generally only use https when using
| tor. The last leg may be snooped on so you need to use
| encryption during it. (http is fine with hidden services
| though)
|
| Its important to keep in mind that anonoyminity and data
| integrity are separate properties. You can have one without
| the others.
| golergka wrote:
| What would you use instead?
| 2OEH8eoCRo0 wrote:
| Use a VPN and don't do anything that would get you on a
| terrorist/cybercrime/pedo list in the first place?
|
| There is no safe when it comes to determined state actors.
| yakubin wrote:
| _> don 't do anything that would get you on a
| terrorist/cybercrime/pedo list in the first place?_
|
| This is going to be difficult:
| <https://arstechnica.com/information-
| technology/2014/07/the-n...>
| large wrote:
| >Use a VPN
|
| Pretty sure that gets you on a list?
| 2OEH8eoCRo0 wrote:
| You're pretty sure? It should be easy to find a source
| for that claim then.
| munk-a wrote:
| Purchase some hardware with cash and distribute it around the
| world to tunnel through. Then expose them as public proxy
| servers (or even Tor nodes) so that a fair amount normie
| traffic passes through them.
|
| If you seriously feel paranoid about being watched then
| you'll want to own the hardware you're actually passing
| through. And I assume that any large organizations that
| demand this level of invisibility (cartels etc...) have
| essentially done this - likely locating some of those servers
| behind armed guards that will protect the physical device.
|
| That said, I think it's unlikely that Tor has been majority
| compromised at this point, but as it fades from the minds of
| folks and becomes more and more niche the probability will
| escalate.
| rsuelzer wrote:
| Given the immense barriers to setting up an exit node, I
| would find it rather surprising if the majority of exit
| nodes are not already controlled by state actors, either
| directly or by proxy. My personal opinion is that if
| anonymity on Tor is to continue, it will be the result of
| competition for control of the network between opposing
| states and not altruistic non-profits.
| itake wrote:
| >Purchase some hardware with cash and distribute it around
| the world to tunnel through.
|
| how do you keep the hardware physically secure? What
| prevents a gov actor replacing it with their own mitm
| proxy?
| cyberpunk wrote:
| I would have paid some homeless guys to get me bunch of SIM
| cards, use em once, and proxy via some hacked webcams,
| after cleaning the rest of the malware off em...
|
| I mean. That's what I uhh, would do if I was doing
| something dodgy on the internet...
|
| Edit; with a second hand android bought from a pawn shop
| running nethunter as an ap ofc...
| v8dev123 wrote:
| > what I uhh
|
| Send me your address and I uhhh
| encryptluks2 wrote:
| Use an open Wifi hotspot with a spoofed MAC.
| itake wrote:
| This didn't protect Ross Ulbricht.
| encryptluks2 wrote:
| Because he walked away from his computer and left it
| unlocked. Wear a hidden bluetooth device or something to
| lock your computer and use USBGuard if you're that
| worried.
| bawolff wrote:
| I feel that, at the point where the fbi is trying to
| distract you by making out so they could steal your
| laptop, its already too late and you are very screwed.
|
| Maybe a bluetooth autolocking thing could have delayed
| the inevitable, but it would just be a delay.
| encryptluks2 wrote:
| Not really. Wish proper encryption and a USB safe list,
| once the computer is locked there isn't much they can do.
| bawolff wrote:
| They can watch you for the rest of your life, interrogate
| you, etc.
|
| Presumably they acted the way they did because they had
| reasonable belief that their plan would work. If Ross
| behaved differently i assume they would have a different
| plan of action
| flatiron wrote:
| IIRC he was still sitting at the computer. They just
| distracted him to turn around and then they swiped it.
| jandrese wrote:
| They literally snuck up behind him and swiped it out of
| his hands. He was seated with his back to the door, one
| of his many opsec failures.
| encryptluks2 wrote:
| Regardless, USBGuard and a hidden bluetooth device to
| automatically lock when it leaves a certain radius would
| have likely prevented any issues.
| brobinson wrote:
| Neither did linking his dark web identity to his real
| life identity via multiple forum posts or his other 1,000
| opsec failures.
| xvector wrote:
| I suspect those "opsec failures" are just parallel
| construction. The FBI almost certainly used a zero day on
| him and then waited to see how they could construct a
| feasible explanation for having identified him from
| there.
| hnnnnnnng wrote:
| I agree with this. They just wait to find a small
| breadcrumb trail and then use that construct a case. The
| identifying the suspect is done through hidden means.
| maybelsyrup wrote:
| > almost certainly used a zero day on him
|
| I "like" this explanation, but are you going with your
| gut on that or do you have any concrete signs that point
| in that direction?
| xvector wrote:
| Parallel construction is not new for US intelligence when
| it comes to solving high-profile crime. We know US
| intelligence both hoards and uses zero days, especially
| on users of Tor. As such, we can be reasonably certain
| that parallel construction is used to capture
| cybercriminals in high-profile cases, since it immensely
| simplifies solving the crime to a matter of using the
| exploit and merely observing for gaps in opsec.
|
| Furthermore, using a zero-day on Ulbricht would be
| optimal as he is no security researcher. You are unlikely
| to "burn" a zero-day unless you are using it in a dragnet
| sort of fashion while a vigilant security researcher is
| watching.
|
| By definition, it's hard to find proof of parallel
| construction. However, former intelligence officials have
| confirmed its use as a "bedrock technique" for catching
| criminals [1].
|
| [1]: https://en.wikipedia.org/wiki/Parallel_construction
| maybelsyrup wrote:
| This is really interesting, and sad. Thanks.
|
| > simplifies solving the crime to a matter of using the
| exploit and merely observing for gaps in opsec
|
| By this logic, could one get away with a "crime"
| indefinitely given good enough (perfect?) opsec?
| bawolff wrote:
| Even if that's true, Ross certainly made it easy for them
| na85 wrote:
| Arguably it did protect him, but Ulbricht compromised
| himself by making several major opsec blunders including
| linking his personal Gmail address to his pseudonyms.
| therein wrote:
| Try public WiFi + spoofed MAC + directional antenna.
|
| What if you live 3 blocks away from a public library but
| a few floors higher? With direct line of sight and some
| wireless networking gear?
|
| Would they really try to triangulate the client packets?
| It is a large leap past "oh he is in the library, let's
| go find him". You aren't triangulating the AP, you need
| to logically isolate the packets from the client,
| calculate their dB and somehow triangulate on just that.
| NaturalPhallacy wrote:
| >Would they really try to triangulate the client packets?
| It is a large leap past "oh he is in the library, let's
| go find him".
|
| This is smart, and a good idea. But it really just adds a
| step. Once they go to the library and don't find him,
| they'll start looking for something 'smart'. And doing
| 'smart' things like this really get the hackles of the
| feds up because they start thinking exciting things like
| 'state actor', and "I'll get a promotion out of this".
|
| The best place to hide something is right out in the
| open. Preferably behind a SEP field.
|
| Not hating on your idea, just exploring it further.
| Analemma_ wrote:
| I don't really do anything worth hiding from state-level
| attackers, but if I did I wouldn't do it over the internet at
| all.
| gruez wrote:
| so you'll do it in meatspace where there are witnesses and
| facial recognition/ALPR cameras everywhere?
| vinay_ys wrote:
| There's one kind of tech that's good enough to protect
| your privacy from corporations that want to profile your
| behavior or keep you safe from malicious hackers who want
| to steal your data by luring you into digital spider
| nets.
|
| Then there's another kind of tech (and tactics and
| practices) that could hope to keep you safe when you are
| targeted by state-level actors in both digital space and
| meat space.
|
| Tor barely belongs in the former category.
| motohagiography wrote:
| Trying to figure out what makes MITM'd exit nodes valuable.
|
| Sure, as an attacker it's interesting, but cost vs. how
| interesting isn't clear. The law enforcement case for specific
| investigations makes some sense, general counter intelligence
| value of keeping track of which web sites are attracting people
| who take precautions, maybe there is a general list of suspected
| dissident minds states maintain?
| avidiax wrote:
| Part 1 says that they use SSL-stripping attacks to replace
| cryptocurrency addresses with their own address, allowing them
| to capture e.g. transfers to a crypto mixer.
|
| https://nusenu.medium.com/how-malicious-tor-relays-are-explo...
| jandrese wrote:
| The thing that confuses me about that is if you have not
| installed the malicious MITM's root cert in your browser
| isn't that going to fail?
|
| Or are these MITM's somehow signing stuff with well known
| root certs? That seems like it would be a much bigger story.
| Or are TOR users really accepting self-signed certs when
| passing around their bitcoin addresses?
|
| Maybe there are bitcoin clients that don't validate the chain
| when doing TLS? Given the sorry security posture of so many
| exchanges this is somewhat more plausible.
| michaelmcmillan wrote:
| Most sites redirect all http traffic to https to make sure
| the traffic is encrypted.
|
| Here's an example with HN (notice the protocol in the
| req/res): $ curl -v
| http://news.ycombinator.com [...] < HTTP/1.1
| 301 Moved Permanently < Location:
| https://news.ycombinator.com/
|
| However, the first request is over http, before it gets
| redirected and encrypted. This is where the malicious relay
| node would intercept and change the response.
| tialaramex wrote:
| _This_ is actually what 's going on. It's what HSTS and
| HSTS preloading protects you against, it's why Chrome is
| moving to just assuming HTTPS when you type domain names
| without specifying, and it's why Firefox now has "HTTPS
| only mode" where it goes further and just rewrites all
| HTTP as HTTPS (even in random links you follow) and gives
| you an interstitial caution page to decide if you really
| want to try HTTP when HTTPS fails.
|
| People have all these fancy high-tech Hollywood-style
| theories about how they imagine things being attacked,
| but the reality is _almost always_ far more boring.
| [deleted]
| bawolff wrote:
| Ssl stripping usually means replacing https links with http
| (when on http) and blocking TLS so users retry with http.
|
| Moral of the story, if you a are a site operator use HSTS.
| And if you're on tor, you should maybe consider configuring
| things so you only use tls.
| jandrese wrote:
| That makes sense. I know the MITMproxy they mentioned re-
| signs the traffic, but it will not work unless you install
| its self-generated cert so I thought it was weird that the
| malicious exit nodes were using it.
|
| Also, if someone is running a bitcoin exchange that has
| port 80 open for anything more than a redirect I would not
| do business with them.
| swiley wrote:
| You can just tell people to install the cert.
|
| Verizon puts an MITM proxy from Mcaffe on people's
| routers (with their consent) that does this.
| michaelt wrote:
| They MITM connections that aren't encrypted and prevent
| them from becoming so.
|
| Many bitcoin mixers are not HSTS preloaded. And to avoid
| creating a trail, TOR Browser doesn't save frequently
| visited sites, history for autocomplete, cached redirects,
| or cached HSTS headers between sessions.
|
| And as Tor users prize secrecy, many don't bookmark their
| bitcoin mixer. Instead they key in the address manually -
| and sometimes they're used to doing without the
| https://www. prefix. And by convention, browsers use http
| when you do that.
|
| The exit node then removes the http-to-https redirect, and
| presents the bitcoin mixer over http, with the bitcoin
| addresses replaced.
|
| The result looks like this: https://imgur.com/otaBerJ
|
| No MITM of encrypted connections needed.
|
| It's almost impossible for the Tor project to detect this,
| as the attackers only target a small whitelist of sites -
| so the Tor project can only detect attackers by guessing
| the sites on the attack whitelist.
| Lammy wrote:
| > you have not installed the malicious MITM's root cert in
| your browser
|
| PROTIP: Your browser already comes with all the malicious
| root certs a Five-Eyes-aligned attacker would ever need.
| The Tor Browser uses Mozilla's Root Store if you want to go
| see what's in it. To pick a random example look at
| VeriSign's root, the company that runs dot-com and dot-net,
| and manages dot-gov. Do you think they might be Best Fwends
| with the DoD/NSA/etc?
| https://www.ntia.doc.gov/page/verisign-cooperative-
| agreement
|
| I also think it's a pretty safe bet that many many other
| roots are compromised many times over even if nobody ever
| willingly cooperated with anything.
| vbezhenar wrote:
| There's certificate transparency, it's required for all
| certificates, so if any root will issue fake certificate,
| you can catch and report it. So I'm not sure if that's a
| pretty safe bet.
| tialaramex wrote:
| Logging (for Certificate Transparency) isn't a policy
| requirement. In fact last time I looked, there are
| (special purpose, typically in industrial settings so
| their clients aren't web browsers) Intermediates under
| some roots that just aren't outfitted to be capable of
| logging at all. Their existence is not a policy
| violation.
|
| Clients (most particularly, popular browsers such as
| Chrome) can and do require SCTs (effectively proof the
| certificate was logged) to accept a certificate, but that
| just means if you issue a certificate under a trusted
| root without logging it, it just won't work in such
| browsers until somebody logs it.
|
| You can even do this intentionally, if you're Google for
| example you get yourself (unlogged) certificates for
| shiny-new-product.google.example and shiny-new-
| product.example on Monday, and you don't need to worry
| that some eagle-eyed journalist spots that in the logs
| before your official product launch on Thursday evening,
| live in front of millions of people. You can log the
| certificate yourself minutes before launch, then attach
| the SCTs and it'll work.
|
| [Google even got this _wrong_ once, mistakenly using a
| certificate they didn 't have enough SCTs for due to a
| bug. Chrome rejected these certificates and so, for a
| brief period until they fixed the problem, Google's own
| sites didn't work in Chrome]
|
| Now, that last part is technically not trivial to do
| correctly (chances are your existing web dev tooling
| can't do SCT stapling, or at least you'd need to go read
| a bunch of instructions that you aren't going to bother
| with) and so when you get a Let's Encrypt cert, or you
| buy something cheap from a reseller, it is already logged
| for you, the SCTs are baked inside the certificate you
| get -- but that's just because there isn't a big market
| for unlogged certificates, not because such certificates
| can't or mustn't exist.
| tialaramex wrote:
| This invokes a really stupid conspiracy theory, to
| achieve a very marginal goal, in a space where it would
| be easy to produce evidence if it was real and yet of
| course no effort is made to even look for such
| evidence...
|
| > To pick a random example look at VeriSign's root
|
| But why though? Verisign is not in fact operating a
| trusted CA, so that makes as much sense for an example as
| looking at some root you just minted on your laptop.
|
| Most likely, as so often with conspiracy theorists, you
| didn't stop to see if the facts line up with your
| beliefs, after all "VeriSign" is named right there in a
| certificate Mozilla trusts, surely that's a smoking gun
| right?
|
| Er, no. DigiCert owns the business behind that,
| collecting rights to names for a whole bunch of long
| obsolete CAs. The "smoking gun" CA that has the
| "VeriSign" branding is only trusted by Mozilla to sign
| S/MIME email certificates, something you likely couldn't
| care less about and certainly won't be using in the Tor
| Browser.
|
| This all reminds me of what ekr said about this years
| ago, the most likely explanation for why we do not see
| practical attacks on security protocols like TLS is that
| it's almost _always_ easier to find a weaker link
| elsewhere, see the parts of this thread explaining much
| simpler tricks that we know work.
| Lammy wrote:
| I am not any sort of conspiracy theorist and am very
| offended at your insult. Why do you go online if you
| aren't going to be nice to others? Intent is obviously
| unknowable, but here you are doing exactly that to me.
| vorpalhex wrote:
| The NSA is probably not stealing your bitcoin.
| fpgaminer wrote:
| The concern here isn't state actors; just lowly exit node
| operators looking to skeeze a buck. Check the other
| comments for how it's actually done.
|
| More importantly, I think your fear about state actors
| abusing trusted root certificates is unfounded. As soon
| as a malicious cert is found, the issuing root cert will
| be nuked from orbit by all the major browser vendors.
| It's not a viable option for state actors, especially
| when they have much better options (like the NSA tapping
| Google's internal networks, for example).
| makomk wrote:
| Hopefully the Tor operators have improved their process for
| handling this since a few years ago when the e-mail address
| for contacting them about malicious exit nodes went to
| someone whose email provider bounced any emails containing
| the names of some of the main targets for these attacks and
| who didn't seem to be able to understand the attack once you
| did somehow get through to them...
| geek_at wrote:
| These days I mainly use tor for hidden services. It's hard to use
| it for normal surfing anyways
| arthurcolle wrote:
| yeah captcha's are so user hostile
| belorn wrote:
| I use it for so many different purpose:
|
| 1) When I want to make sure a site doesn't get saved to my
| network/client profile on search engines and content sites.
|
| 2) When I need to verify that something is up/down compared to
| what I or a customer is seeing.
|
| 3) When I need to force IPv4 (tor is ipv4 only)
|
| 4) Hidden services.
|
| 5) Hotel/Airport wifi.
| wolverine876 wrote:
| > 5) Hotel/Airport wifi.
|
| Remember that Tor only routes TCP. It's not a substitute for
| a VPN in many circumstances.
| dotBen wrote:
| Why don't you just use a VPN for this (self hosted or 3rd
| party like NordVPN)? Especially given the additional risk of
| tor users being attacked, which the author refers to in the
| opening paragraphs of the post.
| AlexAndScripts wrote:
| Nord VPN is incredibly bad for a multitude of reasons. Look
| for a reputable VPN, and ignore the shills.
| dotBen wrote:
| Just to say, I'm not a shill for NordVPN - no affiliation
| with them. I was wanting to reiterate a hosted option vs
| self-install and it was the first one that came to mind.
| Noted they are not good!
| idiotsecant wrote:
| Why are they bad?
| tuco86 wrote:
| Sleazy marketing promises makes me dismiss them outright.
| zelon88 wrote:
| Stop and break that down... "Why don't you just send your
| browsing history to NordVPN instead of risking using a
| compromised exit node....."
| vbezhenar wrote:
| Exit node does not know your source IP and will only see
| your connections for 10 minutes. NordVPN knows your
| source IP and will see your entire connection history.
| belorn wrote:
| For the first usecase, the #1 problem in privacy security
| is that databases get leaked at some point in the future.
| Some VPN's has been caught logging way to much, and then
| either having to disclose it or have it leaked. Three hops
| with with no logs with my name and banking information, and
| only a gate node that has an ip address is fine enough for
| privacy sensitive visits to regular (legal) websites.
|
| For 2), Tor browser is a single executable that I can just
| start and run on any computer, even through a remote
| control if I want to very the network through a customers
| own computer. No credentials, no payments, no waiting.
|
| Don't know enough about nordvpn for 3).
|
| 4) Hidden services is tor only.
|
| 5) Nordvpn would work fine for that.
|
| Different security threat need different security measures.
| The biggest risk to my own security is not that someone
| mitm my tor connection because I do not use tor for
| services which I have an account with, and would never do
| banking on a tor connection. My bank can more or less find
| what my network is anyway by looking at my transaction and
| which of those is an ISP. Leaks from companies however
| seems so common that one get posted here on HN every month,
| and haveibeenpawned feel more relevant today than
| antivirus.
___________________________________________________________________
(page generated 2021-05-10 23:00 UTC)