Re: [Tails-dev] How the traffic confirmation attack on Tor a…

Delete this message

Reply to this message
Autor: intrigeri
Data:  
Para: jurre
CC: The Tails public development discussion list
Assunto: Re: [Tails-dev] How the traffic confirmation attack on Tor affects Tails
Hi,

Jurre van Bergen wrote (30 Jul 2014 22:06:08 GMT) :
> Scope and severity
> ===========


> The attack is targeted at people who visit Tor hidden services and
> expose the ip-adress of the user. An attacker could run a number of Tor
> relays to modify traffic and learn the identity that way. It's not clear
> at this point in time how much attackers have learned and what they have
> learned. The attackers likely couldn't see full-application traffic like
> which websites were visited.


> There is a possibility that attackers have learned the ip-address of
> Tails users who visited Tor hidden services between January 30 and July
> 4, when the bad relays have been taken out of the Tor network, should
> assume affected.


> We recommend you read the full advisory[2] by Tor for the technical
> story behind the attack.


Thanks a lot!

I think it would be worth balancing this with something like (Roger on
tor-talk's): "The particular traffic confirmation channel they used
wasn't a big deal. (Or said another way, fixing it doesn't make a big
impact on whether this sort of attack is possible.)"