Possible Flaw in TOR Network


The Tor network, which allows for anonymous browsing on the internet, may have been cracked by researchers.

From Gizmodo:

Tor believes this attack came from researchers at Carnegie Mellon’s Computer Emergency Response Team, not an identity thief (or, uh, the government). CERT researchers abruptly canceled a highly anticipated talk they were going to give about the possibility of deanonymizing Tor at the Black Hat conference this year, kicking off speculation that they’d successfully pulled it off.

From Ars Technica:

The campaign exploited a previously unknown vulnerability in the Tor protocol to carry out two classes of attack that together may have been enough to uncloak people using Tor Hidden Services, an advisory published Wednesday warned. Tor officials said the characteristics of the attack resembled those discussed by a team of Carnegie Mellon University researchers who recentlycanceled a presentation at next week’s Black Hat security conference on a low-cost way to deanonymize Tor users. But the officials also speculated that an intelligence agency from a global adversary might have been able to capitalize on the exploit.

, , ,

Comments are closed.