Digg this topic
Add to my del.icio.us Report: TOR being abused by agencies and groups |
|
|
|
|
|
Late(st) News | Zenith Picture Gallery | Most
Recent Community Topics | Tips, Tricks and Other Useful Stuff
  |
| Report: TOR being abused by agencies and groups |
 Nov 21 2007, 07:02 PM
Post
#1
|
|
 Boss, my code's compiling (xkcd)  Group: Admins Posts: 10,440 Joined: 19-September 01 Member No.: 1   |
 According to a report published by Swedish researcher Dan Egerstadt, preying eyes may be spying on your transmitted data once you flick that TOR switch on, reminding us once again that plug-in security, as one slashdot reader put it, is non-existent. More here and here.From heise Security: "By publishing his TOR hack, Swedish researcher Dan Egerstadt recently provided users with a timely reminder that The Onion Router (TOR) anonymisation network should be enjoyed with caution. By setting up five exit-nodes, Egerstad sniffed out large amounts of e-mail access data from embassies and government agencies and published some of this data on the internet. Since a user cannot know who operates the individual exit-node through which his traffic passes, TOR users are advised to always make use of additional encryption. Members of the Teamfurry community got curious and took a look at the advertised configurations of a few randomly selected TOR exit-nodes. They stumbled on some extremely interesting results. There are, for example, exit-nodes which only forward unencrypted versions of certain protocols. One such node only accepts unencrypted IMAP and POP connections (TCP ports 143 and 110) and only forwards messenger connections from AIM, Yahoo IM and MSN Messenger if they are received on ports on which traffic is handled as plain text. The same procedure is applied to Telnet and VNC connections, used for remote access to systems. Further, there are systems which are only interested in specific destinations and, for example, exclusively forward HTTP packets bound for MySpace and Google. HTTPS traffic to these destinations is, however, blocked..." --------------------    Things that I don't suck at: Photography (flickr, JPG Mag), "Don't bail; the best gold is at the bottom of barrels of crap!" -Randy Pausch I have people-skills goddamnit! What is wrong with you people!!! | www.skyrill.com |
 |
 
|
|
Nov 23 2007, 02:16 AM
Post
#2
|
|
|
SuperNova III Member Group: Support Team Posts: 2,141 Joined: 2-November 02 From: Toronto Member No.: 302  |
it's free so stop grumbling about the code being unsecure! whoever uses his credit card through anonymizers, is stupid or may be it's not as obvious to others as it is to us? what else did they complain about? damn, already forgot!
cool educating stuff there anyway  thanx
|
|
|
|
|
Nov 26 2007, 01:06 AM
Post
#3
|
|
 No way... It compiles? SHIP IT!  Group: Moderators Posts: 609 Joined: 27-December 04 From: Thunder Bay, Ontario Canada Member No.: 2,133 |
Well using your creditcard number on Windows is just like giving it to a random guy in a back alley, you never know were it will go. Also if you really wanted to become safe I would use a VPN instead of TOR.
lol I bet old Bill uses it thinking jobs can't spy on him heh -------------------- -Mad_cow |
|
|
|
|
|
Lo-Fi Version | Time is now: 19th May 2013 - 02:21 AM |
