Author: intrigeri Date: To: jurre CC: The Tails public development discussion list Subject: Re: [Tails-dev] How the traffic confirmation attack on Tor affects
Tails
Hi,
Jurre van Bergen wrote (30 Jul 2014 22:06:08 GMT) : > Scope and severity
> =========== > The attack is targeted at people who visit Tor hidden services and
> expose the ip-adress of the user. An attacker could run a number of Tor
> relays to modify traffic and learn the identity that way. It's not clear
> at this point in time how much attackers have learned and what they have
> learned. The attackers likely couldn't see full-application traffic like
> which websites were visited. > There is a possibility that attackers have learned the ip-address of
> Tails users who visited Tor hidden services between January 30 and July
> 4, when the bad relays have been taken out of the Tor network, should
> assume affected. > We recommend you read the full advisory[2] by Tor for the technical
> story behind the attack.
Thanks a lot!
I think it would be worth balancing this with something like (Roger on
tor-talk's): "The particular traffic confirmation channel they used
wasn't a big deal. (Or said another way, fixing it doesn't make a big
impact on whether this sort of attack is possible.)"
