Friday, January 22, 2010

Tor Project servers compromised

Two of the Tor Project's directory servers were compromised earlier this month, along with another system of lesser importance, that was used to analyze the usage metrics and provide the according graphs for the network. This security breach was announced by Roger Dingledine, the Tor Project leader, on the project's mailing list.

This is of great importance because, by using the information maintained by the two directory servers, an attacker could have gathered important information about the structure of the Tor Network. However, the attackers wouldn't be able to find out the network destinations accessed by specific users, since that requires a consensus between four directory servers at present.
Another potential attack would have been on the Tor source code, which is was hosted on one of the affected machines. The project's members have done some comparisons as of yet, and it appears that the source code wasn't modified in any way.
From the analysis of the servers, it appears that the attackers were only attracted by the high bandwidth connections of the three servers, which they used to launch attacks on the other servers, as Roger Dingledine points out: "We've been very lucky the past few years regarding security. It still seems this breach is unrelated to Tor itself. To be clear, it doesn't seem that anyone specifically attacked our servers to get at Tor. It seems we were attacked for the cpu capacity and bandwidth of the servers, and the servers just happened to also carry out functions for Tor." Since the breach was discovered, the project maintainers have taken the servers down and reinstalled them.
Even if the attack wasn't directed specifically at the Tor Network, users are encouraged to upgrade to the latest stable or development version of the software, 0.2.1.22 or, respectively, 0.2.2.7-alpha, which are available from the project's download page.

1 comment:

  1. Once you install, Tor browser in your system whenever you go to online, all of your internet traffic is encrypted and routed through a secure network of anonymous nodes until it reaches its destination.

    The easy way to install Tor (works with ubuntu, mint, or any debian based distributions)
    How To Install TOR Browser Bundle on linux
    http://namhuy.net/979/how-to-install-tor-browser-bundle-on-linux.html

    ReplyDelete