On Wed, 04 Jan 2012 19:24:56 +0000 "Geoff Down" <geoffd...@fastmail.net> wrote: > Let's try that again... > http://pastebin.com/jBPFsUSg > "We did crack Tor's encryption to reveal 190 IP addresses of > individuals using Tor for Child Pornography"
"There are two recent stories claiming the Tor network is compromised. It seems it is easier to get press than to publish research, work with us on the details, and propose solutions. Our comments here are based upon the same stories you are reading. We have no insider information. The first story has been around 'Freedom Hosting' and their hosting of child abuse materials as exposed by Anonymous Operation Darknet. We're reading the press articles, pastebin urls, and talking to the same people as you. It appears 'Anonymous' cracked the Apache/PHP/MySQL setup at Freedom Hosting and published some, or all, of their users in the database. These sites happened to be hosted on a Tor hidden service. Further, 'Anonymous' used a somewhat recent RAM-exhaustion denial of service attack on the 'Freedom Hosting' Apache server. It's a simple resource starvation attack that can be conducted over low bandwidth, low resource requirement connections to individual hosts. This isn't an attack on Tor, but rather an attack on some software behind a Tor hidden service. This attack was discussed in a thread on the tor-talk mailing list starting October 19th." >From 24 October 2011: https://blog.torproject.org/blog/rumors-tors-compromise-are-greatly-exaggerated -- Andrew http://tpo.is/contact pgp 0x74ED336B _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk