Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites


#1

[Read the post]


#2

Just wanted to remind folks that just because you are using https (TLS) does not mean your traffic is not being decrypted.
If an exit node is being run by bad guys then they are probably also using mitmproxy, SSLsplit, something like qlproxy and Diladele, or some other cert replacement routine to perform a man in the middle attack.
Check your certificates when you connect to sites from a TOR.


#3

Love the article though more background on the tech for the legally policy wonky SJW mutants would help.

Wikipedia darknet article:

A darknet (or dark net) is an overlay network that can only be accessed with specific software, configurations, or authorization, often using non-standard communications protocols and ports. Two typical darknet types are friend-to-friend networks (usually used for file sharing with a peer-to-peer connection) and privacy networks such as Tor. The reciprocal term for an encrypted darknet is clearnet or surface web when referring to search engine indexable content.

Some sort of non-standard packets exchanged on non-standard ports, and . . . a magic browser? :slight_smile:

It reminds me of confirming that “the cloud” is just other computers.


#4

Very few people can use Tor or other security tools effectively and still need an intellectual infrastructure to make it work. My sense of it is that the fight is long lost, and what’s currently being fought for is the ability of a technical elite few to have truly secure networks. For the vast majority of users, if it isn’t simple, it isn’t secure. This has rather far-reaching implications for political dissidents and other sensitive populations who often aren’t versed in the technology, having often chosen other experiences that lead them to political activity.

TL;DR: The revolution needs its own IT department.


#5

Of course, most of those users don’t give two shits and happily upload massive amounts of personal data to Facebook and Google, to be monetized by those companies as well as handed over to the Feds on demand…


#6

By the way, if anyone else will be at DEFCON where these researchers are presenting their results, let me know. I’ll be there (eighth year in a row!) for my work as always. I’ll even have some of my team with me (well, hopefully not joined at the hip, by God).

Someday @doctorow or @frauenfelder will pay me to report on hijinks there, assuming Cory isn’t going this year.


#7

This brings to mind all those “First steps to make Unbuntu/Windows/OSX/etc after a new installation” articles out there. Look, if there are guides on how to make the OS secure post install, then the OS developers can damn well read those guides too and start shipping operating systems that default to secure instead of the other way around.


#8

This topic was automatically closed after 5 days. New replies are no longer allowed.