Re: [Tails-dev] How the traffic confirmation attack on Tor a…

Delete this message

Reply to this message
Autor: sycamoreone
Data:  
Dla: tails-dev
Temat: Re: [Tails-dev] How the traffic confirmation attack on Tor affects Tails
Hi,

I like this and think it should be published soon. My 2cents of comments
on some minor typos and suggestions/questions inline.
(I you put it into Git somewhere I can also send a patch :) )

Jurre van Bergen:
> On Wednesday, July 30th, the Tor project released a security advisory[1]
> with details about a so called deanonymization attack. Tails has Tor at
> it's heart, your traffic goes over Tor when you but not limited to,


This sentence is a bit mangled. Maybe ".. at it's hearts. For example,
you traffic goes over the Tor network when you browse a website or send
an email.

> browse a website or trying to e-mail a peer. Because of this I wanted to

s/I/we/ ?
> give an overview of how Tails might be affected by this attack.
>
> Scope and severity
> ===========
>
> The attack is targeted at people who visit Tor hidden services and
> expose the ip-adress of the user. An attacker could run a number of Tor


s/ip-adress/IP address/

> relays to modify traffic and learn the identity that way. It's not clear
> at this point in time how much attackers have learned and what they have
> learned. The attackers likely couldn't see full-application traffic like
> which websites were visited.
>
> There is a possibility that attackers have learned the ip-address of


s/attackers/the attackers/ and s/ip-address/IP addresses/

> Tails users who visited Tor hidden services between January 30 and July
> 4, when the bad relays have been taken out of the Tor network, should
> assume affected.


To make a proper sentence, cut the ", should assume affected" and finish
the sentence instead with a "." ?

>
> We recommend you read the full advisory[2] by Tor for the technical


s/by Tor/by the Tor Project/

> story behind the attack.
>
> Temporary countermeasure
> ================
>
> Tor has provided an updated version, we recommend you to upgrade to the


s/Tor/the Tor Project

> latest version of Tor and this is how you do it:
>
> 1: Set up an administrative password[3]
> 2: Connect to the internet
> 3: Run the following in a "root terminal": apt-get update && apt-get
> install tor
>
> You know run the latest version of Tor which mitigates this vulnerability.


s/know/now

>
> [1]
> https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
> [2]
> https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
> [3]
> https://tails.boum.org/doc/first_steps/startup_options/administration_password/index.en.html


Best,
sycamoreone