back to article Tor attack nodes RIPPED MASKS off users for 6 MONTHS

The Tor Project has warned users about a subtle attack aimed at partially uncloaking their activities on the anonymising network. The attack, which ran from late January until early July, when it was thwarted, bears hallmarks attributed to a an attack slated for description in a cancelled Black Hat conference presentation. …

  1. Robert Helpmann??
    Childcatcher

    No ACs Allowed

    Anonymous internet usage in Russia is surging...

    I think the real question governments should ask is not how to stop anonymous internet use, but why it is needed. Soon, there will be slogans around the world echoing the gun rights people here in the States: when anonymous surfing is made illegal, only criminals will surf anonymously.

    1. Khaptain Silver badge

      Re: No ACs Allowed - Adverse effect

      I believe that gun sales have gone up since all of the recent anti-gun campaigning.

      In fact 2013 actually set the highest ever record to date, and here we are talking legal gun sales... I can't even begin to imagine the black market figures. (I suppose we could ask that Califonian statesmen though)

      1. Wzrd1

        Re: No ACs Allowed - Adverse effect

        "I believe that gun sales have gone up since all of the recent anti-gun campaigning."

        First, let me introduce myself to you.

        I'ma competition shooter, hunter and general enthusiast on things that go bang or even boom.

        I'm not a villiage idiot.Indeed, I am far from it, coutesy of the US DoD testing.

        I'm known for my utter inability to quit.

        If you can't figure it out, you *are* athe village idiot.

        As an owner of a full dozen firearms, *I* consider our system of giving harm upon a vilageidiot or insane, erm, insane in the extreme.

        I guard our rights fo a level that resembles religion.

        But.not being the village idiot, I also recognize that the insane ned not apply for a canon, shotgun, rifle, pistl or even a sharp spoon.

        Meanwhile, my firearms are under lock and key.

        And,to be blunt, wonder how my family's right to life is secondary to my family's right to *life* and enjoyment of life.Your "defending" your defending your life is interesting, as it opposes our very right to live, Or, more improtantly, why your right exceds the right of my family to survive your random gunfire.

        Please excuseme if I ama bit of in laguage.

        My spacebar is FUBAR, it's late and I'm massicely insulted by my "peers".

        "Peers" who wish to join me as a peer. Nothing of which they've submitted wouldleet them wash my dirty socks,

        I've served. I've losts damned good friends.

        The moron brigade lost nothing more than a few keystrokes.

        I'l respect them a *little* when I can visit my buddy, who was burned, literealy in halfin a veritcal measure.

        Our mutual friends shreded.

        Until then, he can wash my dirty underpants. The dirtiness is secondary do previous wounds, which the VA budget prohibits, scondary to theloses of the teat tard.

        Hmm, thought of tea tard, saw what is real and left teat tard.

        As for nuclear arms, they're of the nature of using a hand grenade to defend your home.

        It'll be effective, but the home isn't wirthy of living in.

        1. JJKing

          Re: No ACs Allowed - Adverse effect

          Me thinks the asylum door was left open and this one was carried out as others escaped. Doesn't appear capable of finding the door by themself.

        2. LionelB

          Re: No ACs Allowed - Adverse effect

          http://s.mlkshk.com/r/XAM7

          Bottom right corner...

      2. chivo243 Silver badge

        Re: No ACs Allowed - Adverse effect

        Head over to Chicago's south or west side, if you really want to see black market guns in action. There's some homies there that can set you up proper.

        Just remember, <insert device here> aren't evil, it is the end user of that device that is evil.

        Asking Chuck Heston won't give any understandable answers, as he is part of the gun lobby. And the NRA guys may be protecting their rights, but in the same action they are protecting the black market, which is bad, N'kay?

        1. JJKing

          Re: No ACs Allowed - Adverse effect

          But now we can at least pry "it" from Chucky's cold dead hands.

    2. Mark 85 Silver badge

      Re: No ACs Allowed

      when anonymous surfing is made illegal, only criminals will surf anonymously.

      Which is a slightly <ahem> different variation of "if you have nothing to hide, you have nothing to fear".

      1. Trevor_Pott Gold badge

        Re: No ACs Allowed

        What do you have to fear if we have the ability to hide?

        1. Ross K

          Re: No ACs Allowed

          What do you have to fear if we have the ability to hide?

          You might think you have the ability to hide when in fact your anonymity has been compromised?

          Without putting on my tinfoil hat, I have to wonder how many other Tor vulnerabilities are out there...

      2. Ole Juul

        Re: No ACs Allowed

        Which is a slightly <ahem> different variation of "if you have nothing to hide, you have nothing to fear".

        Wouldn't that be the other way around?

        If you have nothing to fear, you have nothing to hide.

        1. Anonymous Coward
          Anonymous Coward

          Re: No ACs Allowed

          "..If you have nothing to fear, you have nothing to hide.."

          +1

          Why am I posting as Anonymous? No, actually it's just a middle finger. Their overlords know me.

    3. Wzrd1

      Re: No ACs Allowed

      Well, I'll suggest national interests, then suggest this:

      The problem isn't achievening critical mass, but that of one retaining supercritical mass.

      This is accomplished by-------, with _____________ with a secondary method of ************.

      Do you *honestly* desire that blanked information being available for one and all?

      I most certainlydo not.

      There are also embarassing matters, such as the UK convincing a US president to overthrow a democratic government, to which we now, for some inconsiderable reason, have problems...

      Add in information sources that would end up dead, if their information to become public, erm, it *should* be a no-brainer.

      But then, it *is* a democracy.

      If you can figure it out, clue me in. I have no clue, but do know those, erm, solutions and more.

      It's both that simple *and* that complex.

      Hanged if I can figure it out. I can only mange to vote for someone I don't consider the village idiot.

      May *your* mileage fare better.

      1. Trevor_Pott Gold badge

        Re: No ACs Allowed

        "The problem isn't achievening critical mass, but that of one retaining supercritical mass.

        This is accomplished by-------, with _____________ with a secondary method of ************.

        Do you *honestly* desire that blanked information being available for one and all?"

        Yep. Absolutely. You see, nuclear weapons aren't a threat. Mostly because the number of people crazy enough to use them are vanishingly small and secondly because we (generally) take care to make sure that getting hold of fissionables (required for all current practical designs) are virtually impossible to get hold of*.

        OTOH, if we know what materials are used for the various designs - and remember that even the stuff in the Teller-Ulam design is largely speculative - we can put the entire world's best and brightest towards finding ways to detect nuclear weapons in an inactive state, before they go off.

        Let's look at the Teller-Ulam design for a second. It supposedly uses a small implosion device (U235 on the physically large ones, plutonium on more modern miniaturized ones), to turn the polystyrene into a plasma. That plasma is basically supposed to compress a secondary implosion device, but this one has fusion catalysts (Lithium 6, Deuterium, etc) which then make bada-big-boom.

        Everyone knows to hide your fissionables, your tampers, and even your fusion materials (assuming you aren't making those in house). How many people know exactly what flavour of polystyrene foam actually produces enough plasma pressure to set the fusion device off?

        Could we build a device that tracks the chemical signature of those compounds? What range would they have? How rare are they in industrial use and could we use Big Data techniques to look for odd accumulation of those materials where they shouldn't be? For that matter, what would happen if you threw Google at the problem of determining which other foams could be used to achieve the same results and started looking for ways to find those?

        And Teller-Ulam is ancient! $deity knows what modern designs look like, or what innovative ways we could find to detect them, or the components used in their creation.

        Any idiot can build a gun-type nuke. (Though why you would, as a terrorist, is beyond me. If you're that fucked up, just build a dirty bomb. It's way easier.) A good physicist could probably fill in the gaps on what's publicly available for a Teller-Ulam design and make a basic fusion bomb. I don't see us getting wiped out left right and center.

        Eventually, the secrets for post Teller-Ulam designs will leak, and/or the final pieces required to build a Teller-Ulam weapon without requiring some brainpower will get out to the crazies. You can't keep secrets like that forever.

        I, for one, would rather that we had all of humanity working on how to detect the damned things before they go off rather than praying that security through obscurity will save us until we die of old age.

        And that's before we start facing reality on pure fusion weapons. Dear gods man, we're about 10 years away from being able to miniaturize superconductors enough that it would be possible to build a beam-target/inertial confinement hybrid device about the size of a semi truck that would make it through any radiation scanner you care to name.

        Before you laugh and say neither beam-target or ICF has yet to produce a sustainable reaction, remember that they are trying to create very small reactions and sustain them over time. For bada-big-boom all you need is one large reaction that lasts nanoseconds. And Large reactions have never been the problem. (Give me a hohlraum large enough and I can blow up the world!)

        And what about beam-beam fusion, hmm? Build a target with just enough containment to hold a few kilos of fusion-target plasma relatively loosely, build a couple of linear accelerators (or hybrids, if you have the space and the know-how), load them into semis, back them up and point them at the ball of semi-contained plasma...

        Look, bada-big-boom is easy. Getting the materials is hard. Building the thing without being noticed is hard. Getting it from construction site to target - and remember, on the ground is nowhere near as useful as 300m in the air...you want that plasma shockwave, it's what does the damage - is not only hard, it's damned near impossible.

        The knowledge is out there already, if you are willing to pay enough, or are smart enough. So let's not hide the "how". Let's make the "how" known and focus on detection and prevention. Yes, it's more costly than "security through obscurity". You actually have to give a bent fuck about things like "tracking fissionable". But it's a hell of a lot less likely to end in a horrible news report played out to a terrified world saying some city was wiped out because we thought our secrets were secure when they damned well weren't.

        If the NSA can't keep Snowden out of the cookie jar then how the hell is it reasonable to assume that every nuclear country out there has managed to keep it all secret? North Korea got the bomb, so did China, Pakistan, India, Israel, Iran...and in the case of some of those places they've done more than simply re-use someone else's design. They've improved upon it.

        So, I ask you, do you still want to keep everything secret? Really? And why do you trust those who guard those secrets - or try to detect the results of those secrets - more than the collective knowledge of all the white hats out there?

        I'm legitimately curious as to your rationale, because if I can come up with a few feasible ways to make bada-big-boom - and I don't have an education to speak of - imagine what a proper nerd could do. That's really what it keeps coming back to, for me at least.

        *Yes, I know about the US leaving nukes strapped to a plane unobserved on a military base, but you aren't going to waltz out of a military base with a nuke on the back of your truck, and if you tried to pull the core, you'd be dead in a matter of hours.

        1. LucreLout
          Pirate

          Re: No ACs Allowed

          @Treveor_Pott

          And now I see why we're all on a list in the NSA.

          1. Trevor_Pott Gold badge

            Re: No ACs Allowed

            @LucreLout I very carefully gave no information in my comment that could not be found on Wikipedia. What's the NSA going to do, monitor every single person on Earth with a high enough IQ to do hard science? And why would they?

        2. James O'Shea
          Mushroom

          Re: No ACs Allowed

          re Trevor Pott

          many, many, MANY years ago I remember reading an article in Analog Science Fiction/Science Fact entitled "How to make an A-bomb and shake up your whole neighborhood". It was the 'science fact' article for that month. In it, they described exactly how to make the gun-type bomb and more generally how to make an implosion-type bomb. They then came to real problem: getting the materials to make the damn thing. As you point out, getting the materials required is very difficult. They spent most of the article showing just how difficult it is, unless the bombers are a government or a very large corporation and have a _lot_ of spare cash. And how people would, like, you know, tend to notice what was going on unless they went to a _lot_ of trouble (translation: spent a lot more cash) and had a _lot_ of space to hide things in. And gun-type bombs would, unless our boys are complete idiots, work correctly the first time, but implosion-type bombs really should be tested. At which point _lots_ of people will find out about their little hobby. Of course, our would-be bombers could just fire one off without testing it, but it'd be a tad embarrassing if the thing didn't work... the problem with gun-type bombs is that they're big, and unwieldy, and have relatively low yields. Should someone want big boom, they go with implosion-type bombs. Preferably multi-stage implosion-type bombs, they could get all the boom they might want. As you also point out, delivering the bomb is also a problem, though a solvable one; Ryder Trucks are, after all, the Terrorist's Choice of bomb-delivery platforms in the US. (See further Federal Building, Oklahoma City, and first attack, World Trade Center, New York City...) yeah, it's a ground-burst, and so reduces the effect, which merely means that the bombers get to build a bigger bomb. Assuming they live that long, which is unlikely. Uranium and plutonium are hard, dense, toxic, heavy metals which burn real nice; that they're radioactive is just icing on the 'hard to handle' cake. Just grinding and polishing the various pieces into the correct shapes is incredibly difficult (translation: expensive) unless you have workers who are expendable. Lots of workers who are expendable.

      2. Cynic_999 Silver badge

        Re: No ACs Allowed

        Why should anyone trust a government with secrets more than any other group of people? Governments are comprised of politicians. Do you really believe that all, or even most politicians are honest and would not wish to do anything that would cause harm to innocent people?

    4. Shaha Alam

      Re: No ACs Allowed

      "when anonymous surfing is made illegal, only criminals will surf anonymously."

      don't you mean:

      "when anonymous surfing is made illegal, anonymous usage will be criminalised."

      the former suggests the service is used by someone with history of criminality. the latter implies the use of the service is what criminalises them. massive distinction in the context of pervasive government spying, curtailments to free speech, Big Brother politics and all the over overbearing laws the government uses to control the population.

      not sure if this was the point you were already making...

  2. Rabbit80

    UK police perhaps?

    We have recently seen 660 people arrested for child porn images in an operation that lasted 6 months and targeted the dark web.. could this be linked?

    1. Anonymous Coward
      Anonymous Coward

      Re: dark web

      No idea what is "dark" about it. Same old sites. Maybe its racist ...

    2. Cynic_999 Silver badge

      Re: UK police perhaps?

      No, that was achieved when the LEA found where Freedom Hosting was located a year ago and took them over. They then installed a javascript exploit on TOR servers that previously hosted child porn so that people who accessed those servers with a browser that had a particular javascript vulnerability would send their real IP address and their network card's MAC address to an FBI server. A TOR update that fixed the vulnerability was coincidentally released a week or so before the FBI's exploit went live, otherwise I suspect that many more people would have got caught in the trap.

  3. Khaptain Silver badge
    Angel

    Secret alternative solution

    The Ethernet Leaves Nigh Ephemeral Tracks

  4. emmanuel goldstein

    MY PREDICTION...

    tor will be around long after Putin has been consigned to the dust-bin of history.

    off topic, but does anyone else find the new iPhone ad (crayons are dangerous) particularly nauseating?

    1. pewpie

      Re: MY PREDICTION...

      Off-topic answer: San Francisco

  5. solo

    Anonymity for society

    I don't expect government (and their paedophile geniuses) to leave their funded channels open for Anonymous communication. My only concern is 99% of the public should be aware that Internet is neither for intimate talks, nor for sharing revolutionary thoughts. You have bedrooms and meeting halls for that.

    PS - Sometimes I get a chilling fear that search engines knowingly lead us maniacs to addictive forums (e.g. El Reg) so that we start believing that all out there are aware of the risks.

  6. kalsolette

    Quite likely from a western governemt that becries freedom.

  7. gollux

    One of the first of many firsts...

    Which will be repeated many times in the future.

    Your TORnograpy isn't safe, your criminal activity isn't safe, your underground political activity isn't safe, your wish for anonymity isn't safe.

    It's becoming increasingly easy to trap the paranoid, spread news that they can be paranoid in total anonymity and they will come sucking at the honeypot in droves.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021