Wednesday, December 18, 2013

Learning how to teach Tor from the Harvard bomb threat

Learning how to teach Tor from the Harvard bomb threat "Unfortunately for the guy sending the threat (and fortunately for the rest of us who aren’t fond either of bombs or of students who make unreasonable attempts to escape from final exams), the choices he made made him vulnerable to the one known attack against someone trying to hide using Tor: a timing attack. If you have 1) a record of who’s using Tor and when on your campus, 2) the information that a message got to your machine through Tor, 3) and the time stamp on the message sent, it becomes not too hard to tell from the timing which user sent that message. Most of the time Tor users are somewhat protected by the fact that the place they’re using the Internet from (the local Internet cafe, their own Internet service provider) and the place they’re sending a message to (I dunno, someone else’s Gmail account) are not under the control of the same people. When you put both together in the hands of the same Internet service provider, it gets much easier to figure out that the person with stuff going into Tor at time X is the same person whose stuff comes out of Tor a short time later."

No comments: