Tor can be cracked “like eggshells”, warns US judge


A US judge has put into the public record, during a hearing in Tacoma, Washington, an interesting pair of comments about Tor.

Tor, of course, is the so-called onion router network, originally designed by the US Navy as a technique for using the public internet in an anonymous way.

End-to-end encryption, such as you get when you point your browser at an HTTPS site like Naked Security, is good for confidentiality: eavesdroppers can’t keep track of which pages you’re most interested in, or sneakily sniff out your email address when you publish a comment.

nakedsecurity.sophos.com

... Link (0 comments) ... Comment



Machine-Learning Algorithm Combs the Darknet for Zero Day Exploits, and Finds Them


The first machine-based search of online hacker marketplaces identifies over 300 significant cyberthreats every week. In February 2015, Microsoft identified a critical vulnerability in its Windows operating system that potentially allowed a malicious attacker to remotely control the targeted computer. The problem affected a wide variety of Windows operating systems including, Vista, 7, 8 and various others designed for servers and mobile computers. The company immediately issued a fix. But it didn’t take long for details of the vulnerability to spread through the hacker community.

technologyreview.com arxiv.org

... Link (0 comments) ... Comment



Core TOR Browser Developer Leaves Project, Shuts Down Critical Node Relays


Lucky Green, a core contributor to the Tor Project, has made an announcement that he would be leaving the onion router project and taking another road to continue his life from now on. The bridge authority relay Tonga managed by Green won’t be serving the Tor network after August 31, 2016. For those who don’t know, Bridge Authorities are special Tor relays which maintain a list of bridges for external bridge distribution mechanisms.

fossbytes.com cryptome.org softpedia.com

... Link (0 comments) ... Comment



Over 100 Snooping Tor Nodes Have Been Spying on Dark Web Sites


Just like the internet generally, not all of the Tor network is safe. Sometimes, people set up malicious exit nodes—the part of the network where a user's traffic joins the rest of the normal web—in order to spy on what users are up to. But there are other types of nosy nodes too. Researchers have uncovered over 100 malicious hidden service directories (HSDirs): the relays of the network that allow people to visit dark web sites.

motherboard.vice.com

... Link (0 comments) ... Comment



Tor Project Battled Over Hiring Ex-CIA Agent, Chat Logs Show


The Tor Project, the nonprofit that maintains the world's most popular anonymity software, is often protective of its public image. In particular, the organization faces regular—and often unsubstantiated—attacks about the motivations of its funders, and specifically its reliance on money from the US government. Related to that delicate PR dance are recently unearthed logs from an internal chat channel for the Tor Project, which show how staff were torn over the brief hiring of an ex-CIA official, and how that would affect the organization's image and safety of activists' family members too. Overall, the logs show an organization that is stuck between a rock and a hard place: one that wishes to develop and perhaps have greater links with government if they would be beneficial, but which then has to deal with the public's’ perception of that.

motherboard.vice.com a list of the pseudonyms used in the chat matched to core Tor Project names This is an IRC log from #tor-internal - our water cooler irc channel

... Link (0 comments) ... Comment