---------- Forwarded message ----------
From: Chris <tmail...@errtech.com>
Date: Sat, 20 Aug 2016 21:06:12 -0400
Subject: Re: [tor-talk] Did Australian Authorities hack (US) computers
with Tor's help?
To: tor-t...@lists.torproject.org

On 2016-08-20 06:54 PM, tort...@arcor.de wrote:
> Hi!
>
> I found two articles which may have something in common. 1. Some Tor
> users (29.000) got deanonymized by authorities while up/downloading
> childporn. 2. Someone claims that "Tor suddenly dump over 30
> megabloats of steaming faeces onto a file system on exit".
> 1. Is it just a question of time when other deanonymisations will come
> public?
> https://motherboard.vice.com/read/australian-authorities-hacked-computers-in-the-us
> "Australian Authorities Hacked Computers in the US
> Written by Joseph Cox Contributor
> August 15, 2016 // 10:10 AM EST
> ...
> By the very virtue of the investigation, Australian authorities likely
> would not have known where the computer they wanted to hack was
> located; indeed, that was the exact problem that the Tor network
> presented.
>
>     Whether the Australian authorities hacked computers in other
> countries remains unclear.
>
> It is unclear on what authority Australian law enforcement obtained a
> warrant, or whether one was obtained at all to gather IP addresses
> from Piccolo and others in the US. Task Force Argos declined to answer
> any questions or comment for this story.
> ...
> Whether using a hacking tool to grab the real IP address of a Tor user
> constitutes a search in a legal sense has recently become a
> contentious issue in the US. Several judges have said that suspects do
> not have a reasonable expectation of privacy around their IP address
> when using the Tor network, meaning that it is not protected by the
> Fourth Amendment, and a hack grabbing it would not require a warrant.
> The Electronic Frontier Foundation, as well as some courts, have
> argued otherwise.

The article seems to suggest that those taking proper security
precautions would not have been impacted by this exploit. Users are
warned that opening external files can compromise their security. In
this case it was apparently a video file. If Tails has been designed
properly this should not have been a problem for Tails users. I have not
recently examined Tails, but from my understanding, in the past all
traffic was routed through Tor. This would have included the video
player. Most likely in that scenario if the exploit worked on Tails it
would have only provided an IP address of a Tor exit node [which is not
a privacy threat]. That was changed in a later version of Tails to drop
traffic instead because it posed a security risk [maybe, I think most
users would probably have been fine behind a NAT network assuming Tails
is designed well]. This attack vector would not have worked in Tails for
that reason. Now it also most likely would not have worked because the
exploit almost certainly targets Microsoft's media player. The exploit
(if you can call it that, given it's not designed to be privacy friendly
and doesn't open up the media player or system to remote access, etc) is
either a known problem that has never been fixed (not entirely sure it
is an issue from a security perspective, though it is from a privacy
perspective) or a new problem that should have been on the radar of any
developer designing a secure privacy friendly operating system [which
Microsoft Windows is not].

Microsoft Windows is a threat to your security. All proprietary software
is a threat. Intel and AMD are a threat to your security. There is
remote control functionality built into every Intel and AMD CPU since
2009 and 2013. It would naive to think that US companies AMD and Intel
have not been ordered to insert a backdor. Intel and AMD will not
release the code and have signed these components such that even if they
were reversed engineered the user can't load a backdoor free version of
the software.

The answer to the problem is in crowd funding a new standard that has
been in the works for years that modularizes critical components into a
'computer card'. By doing this it gives computer designers a less
expensive way to design backdoor-free computing devices. It also lets us
utilize non-Intel/AMD designed CPUs from Chinese companies. Now this is
not to say China isn't a threat to users privacy and security. We know
about backdoors in homegrown Chinese designed laptops. The difference is
the backdoors were inserted in keyboard controller firmwares and were
dependent on an OS level component to work. By modularizing the design
it was possible to produce a laptop (the first ever) that we can be
reasonably confident is NSA/Chinese/Russian/etc backdoor free. The
keyboard and LCD controller is based off work for which we have the
complete set of source code. The equivalent microcode/firmware for CPU
related components are available. There is no BIOS and the bootloader
and other critical driver related components we have the complete set of
source code for.

There are only five days left of the campaign. It is important that
people contribute to it. The concept needs to succeed if we want to
eventually have devices that we can be reasonably confident are secure
from government(s) and other criminal elements.

Here is that crowd funding campaign:

https://www.crowdsupply.com/eoma68

* The people behind the project are more trustworthy than the people
behind some other crowd supply campaigns. The FSF has worked with Luke
(lead engineer) on ensuring the complete set of code is available. It's
also the case that all code is available unlike past RYF laptops (for
which there has been valid criticisms, particularly from a security
stand point).

Now this doesn't make this device secure in and of itself. There is a
lot that has to happen. This is only going to result in a base that can
be used build truly secure and privacy friendly devices. More work needs
to be done at porting key software to ARM, increasing the user base to a
point where fingerprinting is less effective, etc. There are significant
hurdles to overcome.

> "
> 2. The author embedded a list of his findings in his article.
> http://rixstep.com/2/2/20160817,00.shtml
> "Tor 6.0.4
> ...
> Why does Tor suddenly dump over 30 megabloats of steaming faeces onto
> a file system on exit?
> ...
> Most of the junk left behind comes from an EFF extension, but this
> extension has been used all along, and it serves no purpose to copy
> the data out to yet another location. If this is caused by an error at
> EFF, why hasn't this been corrected?"

If I had to guess it's probably a bug causing some component (the
plug-in) to crash. It's not abnormal for reports to be generated after a
crash and written to disk. There are good reasons users whom are at
serious risk should run Tails and not the Tor Browser Bundle. Tails is
designed to ensure nothing gets recorded to disk (especially
unencrypted). The only exception I'm aware of is related to storing data
on Tor entry nodes to thwart certain types of attack (it's possible
other exceptions exist). Other data can be saved to encrypted
partitions.

-- 
tor-talk mailing list - tor-t...@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Reply via email to