[Noisebridge-discuss] Tor hacked and mapped by the French, or so they say

[L E]

My post was a prod to get Jacob or,  say, you, to reply with this very analysis, to the blogosphere itself (bogosphere?)



>________________________________
>From: Andy Isaacson <adi at hexapodia.org>
>To: L E <lexein-esc at yahoo.com>
>Cc: NoiseBridge Discuss <noisebridge-discuss at lists.noisebridge.net>
>Sent: Monday, October 24, 2011 6:59 PM
>Subject: Re: [Noisebridge-discuss] Tor hacked and mapped by the French, or so they say
>
>On Mon, Oct 24, 2011 at 06:12:03PM -0700, L E wrote:
>> Tor hacked and mapped by the French, or so they say
>> http://seclists.org/fulldisclosure/2011/Oct/780
>> http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html
>
>This is classic "science by press release", the researchers haven't
>published their research but they're happy to talk to the press and brag
>about what an awesome attack they've created.
>
>So, we (being the rest of the world) don't have any idea what they're
>talking about beyond the poorly translated fragments that have made it
>through their media interviews; but their claims appear to be that
>
>0. They don't claim (AFAICS) to have found a new code execution,
>privilege escalation, private key disclosure, execution control, or
>other significant bug in Tor itself.  The most generous reading I've
>found is that they may have a new network metadata disclosure, but even
>that is questionable.
>
>1. If you run software (such as Tor) on an insecure operating system,
>then an attacker can hack the OS and cause the software to malfunction.
><sarcasm> Shocking news! </sarcasm>
>
>2. They claim that they can find out more information about the Tor
>network than they claim is intended to be published by the network.
>Since they haven't explained what information, exactly, they can find
>out, that's a difficult claim to verify.  Since Tor protects various
>different pieces of information to differing levels, it's entirely
>possible that this might be true in some unimportant way; or it's
>possible that they found a new mapping technique that provides
>interesting insight; or it's possible that they've found some critical
>flaw that completely destroys the security of the network.
>
>Or it might be possible that they simply didn't understand that the
>information they found is intended to be public.  Since they didn't ask
>anyone in the Tor community to review their results before going to the
>press (AFAIK), it's hard to say.
>
>3. (the most far-fetched): They claim that they can decrypt Tor traffic
>by compromising a small percentage (<30%) of the network.  Since Tor is
>designed to be resilient against decryption attacks unless the attacker
>controls your entrance, middle, and exit nodes; and since the network
>would simply cease to function if you disabled (DDoS or legal DoS) a
>significant fraction of the exit node bandwidth; this claim seems
>ludicrous based on the existing information.
>
>There's a thread on tor-talk:
>
>https://lists.torproject.org/pipermail/tor-talk/2011-October/021730.html
>
>Looking forward to any actionable information, and shaking my head at
>the gullibility of the news cycle once again,
>-andy
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20111024/6adf702c/attachment-0003.html>