6.2 Tor Flaws Part 2

00:07

Hello, peoples of the Interwebs. This is tensed over and welcome to the next video on our comprehensive guide to the tour browser.

00:15

On this episode, we're continuing into weaknesses of the Tor browser and the network.

00:22

My name is Tempest over again, and before we get much father into this course, let's look over these pre Rex

00:29

and have a change in their store antennae. This is your first to do with me. Welcome aboard. I would recommend going back and watching the previous videos as a deal with a great set where we are now.

00:40

As you can read here. Basic networking is a plus, but not required. Also, basically, just having need Andorra wants to be anonymous online, especially since I S. P s or service providers can log all your doing. And they will,

00:56

due to the fact we're in discussions now of the Deep Web, Dark Lab and Dark Net. I'm going to give you the proper schools, teach you how to use them and advise on how to safely navigate the deep Web dark Web dark.

01:07

With that said, this is not an endorsement of going there illegally at your place of work or home.

01:14

Nor, unfortunately, if anything should happen to you, your equipment or any other possessions is cyber or myself liable. Please be careful.

01:29

On July 30th 2014 the TOR project issued a security advisory relay early traffic Confirmation Attack in which the project discovered a group of relays that tried to Deanna Mize Onion service users and operators in summary attacking Onion Service directory Note. Change the headers of cells being related,

01:47

taking them as everyday or really early cells

01:49

differently to encode additional information and sent them back to the requesting user operator. If users are operators guard or entry no, it was also party attacking relays. Attacking relays might be able to capture the I P address of the user operator along with the Onion service information that user operator was requesting.

02:07

The attacking relays were stable enough to achieve being designated as suitable as head and service directories and suitable as entry guards. Therefore, both the Onion service users and the Onion Service's might have used US relays as guards and hidden service directory notes.

02:23

The project discovered that the attacking notes joined the network early in the year on January 30th

02:29

and the project removed them on July 4th, although when the attack began, was unclear. The project imply that between February and July, onion service users and operators I P addresses might be exposed

02:46

in 2015. The administrators of Agora, a dark net market, announced they were taking in the side off line in response to recently discovered security. Vulnerability and tour did not say what the barn built. He waas, but Wired speculated it was the circuit fingerprinting attack presented at the used Nick's Security Conference

03:06

circuit configuration attack.

03:07

We're also called circuit Fingerprinting is a new vulnerability found in the tourist guard Gateway, which can be exploited to detect whether user is accessing one of tourist hidden service is tours guard *** wage could be masqueraded. Packet coming from the user could be made to travel through Attackers. Malicious set up notes, I think, as an entry note.

03:25

This includes a serious of passive attacks which allow spies unmasked tour users

03:30

with 88% accuracy. Even without decrypting, the TOR traffic

04:00

operators of Internet sites had the ability to prevent traffic from tor exit notes or to offer reduced functionality to tor users. For example, it is not only possible to edit Wikipedia when using tour or when using an I P address. Also used by Tor exit note. Due to the use of the tour block Media Wicky extension.

04:18

Unless an exemption is obtained,

04:20

BBC blocks the I P addresses of all known tour guards and exit node from its eye player service. However, relays and bridges are not blocked.

04:29

This is true as well. And use a VPN and try to access amazon dot com. That marketplace site won't load when it detects a VPN being used trying out for yourselves and see if they work.

05:03

In March 2011 researchers with the Rocancourt French Institute for Research and Computer Science Automation

05:11

I. N. R. I. A. Documented an attack that is capable of revealing the I P addresses of BitTorrent users on the tor network. The bad Apple attack exploits tourist design and takes advantage of insecure application used to associate the simultaneous use of secure application with the I P address of the tour user

05:30

in question.

05:31

One method of attack depends on control of an exit note or hijacking tracker responses,

05:36

while a secondary attack method is based on part on the statistical exploitation of distributed hash table tracking, according to the study. Results presented in a bad Apple attack research paper are based on an attack and the wild launched against the tor network by the authors of the study Attack targeted six exit notes, lasted for 23 days

05:57

and revealed a total of 10,000 i p addresses of active tour users.

06:01

This study is significant because it is a first documented attack designed to target P to P file sharing applications on tour.

06:11

BitTorrent may generate as much as 40% of all traffic on tour. Furthermore, the bad Apple attack that's effective against insecure use of any application over tour. Not just bit torrent points. Take home here. DOn't use BitTorrent with tour You could just use a VPN and a virtual machine if you're concerned about privacy.

06:30

So now what

06:31

Correspondent Earlier vulnerabilities that I've talked about and if you I didn't have time to get into it is improving security in one way or another. Human user errors can lead to detection

06:45

when improperly used tour is not secure. For example, toward warns users that not all traffic has protected only the traffic routed through Tor browser is protected.

06:55

Users are also weren't to use H T T. P s versions of websites or onion websites not to torment or don't do it not to enable brother plug ins, not open documents downloaded through Tor while online and to use safe bridges,

07:10

he says. We're also warned that they cannot provide their name or other revealing information on Web forums over tour

07:15

and stay anonymous at the same time.