---------- Forwarded message ---------- From: Chris <tmail...@errtech.com> Date: Sat, 20 Aug 2016 21:06:12 -0400 Subject: Re: [tor-talk] Did Australian Authorities hack (US) computers with Tor's help? To: tor-t...@lists.torproject.org
On 2016-08-20 06:54 PM, tort...@arcor.de wrote: > Hi! > > I found two articles which may have something in common. 1. Some Tor > users (29.000) got deanonymized by authorities while up/downloading > childporn. 2. Someone claims that "Tor suddenly dump over 30 > megabloats of steaming faeces onto a file system on exit". > 1. Is it just a question of time when other deanonymisations will come > public? > https://motherboard.vice.com/read/australian-authorities-hacked-computers-in-the-us > "Australian Authorities Hacked Computers in the US > Written by Joseph Cox Contributor > August 15, 2016 // 10:10 AM EST > ... > By the very virtue of the investigation, Australian authorities likely > would not have known where the computer they wanted to hack was > located; indeed, that was the exact problem that the Tor network > presented. > > Whether the Australian authorities hacked computers in other > countries remains unclear. > > It is unclear on what authority Australian law enforcement obtained a > warrant, or whether one was obtained at all to gather IP addresses > from Piccolo and others in the US. Task Force Argos declined to answer > any questions or comment for this story. > ... > Whether using a hacking tool to grab the real IP address of a Tor user > constitutes a search in a legal sense has recently become a > contentious issue in the US. Several judges have said that suspects do > not have a reasonable expectation of privacy around their IP address > when using the Tor network, meaning that it is not protected by the > Fourth Amendment, and a hack grabbing it would not require a warrant. > The Electronic Frontier Foundation, as well as some courts, have > argued otherwise. The article seems to suggest that those taking proper security precautions would not have been impacted by this exploit. Users are warned that opening external files can compromise their security. In this case it was apparently a video file. If Tails has been designed properly this should not have been a problem for Tails users. I have not recently examined Tails, but from my understanding, in the past all traffic was routed through Tor. This would have included the video player. Most likely in that scenario if the exploit worked on Tails it would have only provided an IP address of a Tor exit node [which is not a privacy threat]. That was changed in a later version of Tails to drop traffic instead because it posed a security risk [maybe, I think most users would probably have been fine behind a NAT network assuming Tails is designed well]. This attack vector would not have worked in Tails for that reason. Now it also most likely would not have worked because the exploit almost certainly targets Microsoft's media player. The exploit (if you can call it that, given it's not designed to be privacy friendly and doesn't open up the media player or system to remote access, etc) is either a known problem that has never been fixed (not entirely sure it is an issue from a security perspective, though it is from a privacy perspective) or a new problem that should have been on the radar of any developer designing a secure privacy friendly operating system [which Microsoft Windows is not]. Microsoft Windows is a threat to your security. All proprietary software is a threat. Intel and AMD are a threat to your security. There is remote control functionality built into every Intel and AMD CPU since 2009 and 2013. It would naive to think that US companies AMD and Intel have not been ordered to insert a backdor. Intel and AMD will not release the code and have signed these components such that even if they were reversed engineered the user can't load a backdoor free version of the software. The answer to the problem is in crowd funding a new standard that has been in the works for years that modularizes critical components into a 'computer card'. By doing this it gives computer designers a less expensive way to design backdoor-free computing devices. It also lets us utilize non-Intel/AMD designed CPUs from Chinese companies. Now this is not to say China isn't a threat to users privacy and security. We know about backdoors in homegrown Chinese designed laptops. The difference is the backdoors were inserted in keyboard controller firmwares and were dependent on an OS level component to work. By modularizing the design it was possible to produce a laptop (the first ever) that we can be reasonably confident is NSA/Chinese/Russian/etc backdoor free. The keyboard and LCD controller is based off work for which we have the complete set of source code. The equivalent microcode/firmware for CPU related components are available. There is no BIOS and the bootloader and other critical driver related components we have the complete set of source code for. There are only five days left of the campaign. It is important that people contribute to it. The concept needs to succeed if we want to eventually have devices that we can be reasonably confident are secure from government(s) and other criminal elements. Here is that crowd funding campaign: https://www.crowdsupply.com/eoma68 * The people behind the project are more trustworthy than the people behind some other crowd supply campaigns. The FSF has worked with Luke (lead engineer) on ensuring the complete set of code is available. It's also the case that all code is available unlike past RYF laptops (for which there has been valid criticisms, particularly from a security stand point). Now this doesn't make this device secure in and of itself. There is a lot that has to happen. This is only going to result in a base that can be used build truly secure and privacy friendly devices. More work needs to be done at porting key software to ARM, increasing the user base to a point where fingerprinting is less effective, etc. There are significant hurdles to overcome. > " > 2. The author embedded a list of his findings in his article. > http://rixstep.com/2/2/20160817,00.shtml > "Tor 6.0.4 > ... > Why does Tor suddenly dump over 30 megabloats of steaming faeces onto > a file system on exit? > ... > Most of the junk left behind comes from an EFF extension, but this > extension has been used all along, and it serves no purpose to copy > the data out to yet another location. If this is caused by an error at > EFF, why hasn't this been corrected?" If I had to guess it's probably a bug causing some component (the plug-in) to crash. It's not abnormal for reports to be generated after a crash and written to disk. There are good reasons users whom are at serious risk should run Tails and not the Tor Browser Bundle. Tails is designed to ensure nothing gets recorded to disk (especially unencrypted). The only exception I'm aware of is related to storing data on Tor entry nodes to thwart certain types of attack (it's possible other exceptions exist). Other data can be saved to encrypted partitions. -- tor-talk mailing list - tor-t...@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk