Changes between Version 47 and Version 48 of TorWeeklyNews/2014/31


Ignore:
Timestamp:
Aug 6, 2014, 12:02:05 PM (4 years ago)
Author:
lunar
Comment:

sent

Legend:

Unmodified
Added
Removed
Modified
  • TorWeeklyNews/2014/31

    v47 v48  
    55'''Subject:''' Tor Weekly News — August 6th, 2014
    66
    7 '''Status:''' Frozen. Language and technical fixes only. New items should go in [wiki:TorWeeklyNews/2014/32 next week's edition]. Expected publication time: 2014-08-06 12:00 UTC.
    8 
    9 {{{
    10 ========================================================================
    11 Tor Weekly News                                         August 6th, 2014
    12 ========================================================================
    13 
    14 Welcome to the thirty-first issue of Tor Weekly News in 2014, the weekly
    15 newsletter that covers what is happening in the Tor community.
    16 
    17 Tor and the RELAY_EARLY traffic confirmation attack
    18 ---------------------------------------------------
    19 
    20 Roger Dingledine ended several months of concern and speculation in the
    21 Tor community with a security advisory posted to the tor-announce
    22 mailing list [1] and the Tor blog [2].
    23 
    24 In it, he gave details of a five-month-long active attack on operators
    25 and users of Tor hidden services that involved a variant of the
    26 so-called “Sybil attack”: the attacker signed up “around 115 fast
    27 non-exit relays” (now removed from the Tor network), and configured them
    28 to inject a traffic header signal consisting of RELAY_EARLY cells to
    29 “tag” any hidden service descriptor requests received by malicious
    30 relays — a tag which could then be picked up by other bad nodes acting
    31 as entry guards [3], in the process identifying clients which requested
    32 information about a particular hidden service.
    33 
    34 The attack is suspected to be linked to a now-cancelled talk that was
    35 due to be delivered at the BlackHat security conference [4]. There have
    36 been several fruitful and positive research projects involving
    37 theoretical attacks on Tor’s security, but this was not among them. Not
    38 only were there problems with the process of responsible disclosure,
    39 but, as Roger wrote, “the attacker encoded the name of the hidden
    40 service in the injected signal (as opposed to, say, sending a random
    41 number and keeping a local list mapping random number to hidden service
    42 name)”, thereby “[putting] users at risk indefinitely into the future”.
    43 
    44 On the other hand, it is important to note that “while this particular
    45 variant of the traffic confirmation attack allows high-confidence and
    46 efficient correlation, the general class of passive (statistical)
    47 traffic confirmation attacks remains unsolved and would likely have
    48 worked just fine here”. In other words, the tagging mechanism used in
    49 this case is the innovation; the other element of the attack is a known
    50 weakness of low-latency anonymity systems, and defending against it is a
    51 much harder problem.
    52 
    53 “Users who operated or accessed hidden services from early February
    54 through July 4 should assume they were affected” and act accordingly; in
    55 the case of hidden service operators, this may mean changing the
    56 location of the service. Accompanying the advisory were two new releases
    57 for both the stable and alpha tor branches (0.2.4.23 and 0.2.5.6-alpha);
    58 both include a fix for the signal-injection issue that causes tor to
    59 drop circuits and give a warning if RELAY_EARLY cells are detected going
    60 in the wrong direction (towards the client), and both prepare the ground
    61 for clients to move to single entry guards (rather than sets of three)
    62 in the near future. Relay operators should be sure to upgrade; a
    63 point-release of the Tor Browser will offer the same fixes to ordinary
    64 users. Nusenu suggested [5] that relay operators regularly check their
    65 logs for the new warning, “even if the attack origin is not directly
    66 attributable from a relay’s point of view”. Be sure to read the full
    67 security advisory for a fuller explanation of the attack and its
    68 implications.
    69 
    70    [1]: https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html
    71    [2]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
    72    [3]: https://www.torproject.org/docs/faq#EntryGuards
    73    [4]: https://blog.torproject.org/blog/recent-black-hat-2014-talk-cancellation
    74    [5]: https://lists.torproject.org/pipermail/tor-relays/2014-August/005046.html
    75 
    76 Why is bad-relays a closed mailing list?
    77 ----------------------------------------
    78 
    79 Damian Johnson and Philipp Winter have been working on improving the
    80 process of reporting bad relays [6]. The process starts by having users
    81 report odd behaviors to the bad-relays mailing list.
    82 
    83 Only a few trusted volunteers receive and review these reports. Nusenu
    84 started a discussion on tor-talk [7] advocating for more transparency.
    85 Nusenu argues that an open list would “likely get more confirm/can’t
    86 confirm feedback for a given badexit candidate”, and that it would allow
    87 worried users to act faster than operators of directory authorities.
    88 
    89 Despite being “usually on the side of transparency”, Roger Dingledine
    90 described [8] being “stuck” on the issue, “because the arms race is so
    91 lopsidedly against us”.
    92 
    93 Roger explains: “we can scan for whether exit relays handle certain
    94 websites poorly, but if the list that we scan for is public, then exit
    95 relays can mess with other websites and know they’ll get away with it.
    96 We can scan for incorrect behavior on various ports, but if the list of
    97 ports and the set of behavior we do is public, then again relays are
    98 free to mess with things we don’t look for.”
    99 
    100 A better future and more transparency probably lies in adaptive test
    101 systems run by multiple volunteer groups. Until they come to existence,
    102 as a small improvement, Philipp Winter wrote [9] it was probably safe to
    103 publish why relays were disabled, through “short sentence along the
    104 lines of ‘running HTTPS MitM’ or ‘running sslstrip’”.
    105 
    106    [6]: https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays
    107    [7]: https://lists.torproject.org/pipermail/tor-talk/2014-July/034198.html
    108    [8]: https://lists.torproject.org/pipermail/tor-talk/2014-July/034219.html
    109    [9]: https://lists.torproject.org/pipermail/tor-talk/2014-July/034216.html
    110 
    111 Monthly status reports for July 2014
    112 ------------------------------------
    113 
    114 Time for monthly reports from Tor project members. The July 2014 round
    115 was opened by Georg Koppen [10], followed by Philipp Winter [11],
    116 Sherief Alaa [12], Lunar [13], Nick Mathewson [14], Pearl Crescent [15],
    117 George Kadianakis [16], Matt Pagan [17], Isis Lovecruft [18], Griffin
    118 Boyce [19], Arthur Edelstein [20], and Karsten Loesing [21].
    119 
    120   [10]: https://lists.torproject.org/pipermail/tor-reports/2014-July/000598.html
    121   [11]: https://lists.torproject.org/pipermail/tor-reports/2014-July/000599.html
    122   [12]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000601.html
    123   [13]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000603.html
    124   [14]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000604.html
    125   [15]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000605.html
    126   [16]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000608.html
    127   [17]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000609.html
    128   [18]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000610.html
    129   [19]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000611.html
    130   [20]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000612.html
    131   [21]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000614.html
    132 
    133 Lunar reported on behalf of the help desk [22] and Mike Perry for the
    134 Tor Browser team [23].
    135 
    136   [22]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000602.html
    137   [23]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000607.html
    138 
    139 Miscellaneous news
    140 ------------------
    141 
    142 Anthony G. Basile announced a new release of tor-ramdisk, an i686 or
    143 x86_64 uClibc-based micro Linux distribution whose only purpose is to
    144 host a Tor server. Version 20140801 [24] updates Tor to version
    145 0.2.4.23, and the kernel to 3.15.7 with Gentoo’s hardened patches.
    146 
    147   [24]: http://opensource.dyc.edu/pipermail/tor-ramdisk/2014-August/000132.html
    148 
    149 meejah has announced [25] a new command-line application. carml [26] is
    150 a versatile set of tools to “query and control a running Tor”. It can do
    151 things like “list and remove streams and circuits; monitor stream,
    152 circuit and address-map events; watch for any Tor event and print it (or
    153 many) out; monitor bandwidth; run any Tor control-protocol command; pipe
    154 through common Unix tools like grep, less, cut, etcetera; download TBB
    155 through Tor, with pinned certs and signature checking; and even spit out
    156 and run xplanet configs (with router/circuit markers)!” The application
    157 is written in Python and uses the txtorcon library [27]. meejah
    158 describes it as early-alpha and warns that it might contain “serious,
    159 anonymity-destroying bugs”. Watch out!
    160 
    161   [25]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007295.html
    162   [26]: https://github.com/meejah/carml
    163   [27]: https://txtorcon.readthedocs.org/
    164 
    165 Only two weeks left for the Google Summer of Code students, and the last
    166 round of reports but one: Juha Nurmi on the ahmia.fi project [28], Marc
    167 Juarez on website fingerprinting defenses [29], Amogh Pradeep on Orbot
    168 and Orfox improvements [30], Zack Mullaly on the HTTPS Everywhere secure
    169 ruleset update mechanism [31], Israel Leiva on the GetTor revamp [32],
    170 Quinn Jarrell on the pluggable transport combiner [33], Daniel Martí on
    171 incremental updates to consensus documents [34], Noah Rahman on
    172 Stegotorus enhancements [35], and Sreenatha Bhatlapenumarthi on the Tor
    173 Weather rewrite [36].
    174 
    175   [28]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000600.html
    176   [29]: https://lists.torproject.org/pipermail/tor-reports/2014-August/000606.html
    177   [30]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007282.html
    178   [31]: https://lists.eff.org/pipermail/https-everywhere/2014-August/002199.html
    179   [32]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007284.html
    180   [33]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007285.html
    181   [34]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007287.html
    182   [35]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007288.html
    183   [36]: https://lists.torproject.org/pipermail/tor-dev/2014-August/007293.html
    184 
    185 The Tails team is looking for testers to solve a possible incompatibility
    186 in one of the recommended installation procedures. If you have a running
    187 Tails system, a spare USB stick and some time, please help [37]. Don’t
    188 miss the recommended command-line options [38]!
    189 
    190   [37]: https://mailman.boum.org/pipermail/tails-testers/2014-July/000059.html
    191   [38]: https://mailman.boum.org/pipermail/tails-testers/2014-July/000060.html
    192 
    193 The Citizen Lab Summer Institute [39] took place at the University of
    194 Toronto from July 28 to 31. The event brought together policy and
    195 technology researchers who focus on Internet censorship and measurement.
    196 A lot of great work was presented including but not limited to a
    197 proposal to measure the chilling effect, ongoing work to deploy
    198 Telex [40], and several projects to measure censorship in different
    199 countries. Some Tor-related work was also presented: Researchers are
    200 working on understanding how the Tor network is used for political
    201 purposes. Another project makes use of TCP/IP side channels to measure
    202 the reachability of Tor relays from within China [41].
    203 
    204   [39]: https://citizenlab.org/summerinstitute/2014.html
    205   [40]: http://freehaven.net/anonbib/cache/usenix11-telex.pdf
    206   [41]: https://arxiv.org/pdf/1312.5739.pdf
    207 
    208 The Electronic Frontier Foundation wrote two blog posts to show why Tor
    209 is important for universities and how universities can help the Tor
    210 network.  The first part [42] explains why Tor matters, gives several
    211 examples of universities already contributing to the Tor network, and
    212 outlines a few reasons for hosting new Tor nodes. The second part [43]
    213 gives actual tips on where to start, and how to do it best.
    214 
    215   [42]: https://www.eff.org/deeplinks/2014/08/tor-campus-part-i-its-been-done-and-should-happen-again
    216   [43]: https://www.eff.org/deeplinks/2014/08/tor-campus-part-ii-icebreakers-and-risk-mitigation-strategies
    217 
    218 Tor help desk roundup
    219 ---------------------
    220 
    221 Users occasionally ask if there is any way to set Tor Browser as the
    222 default browser on their system. Currently this is not possible,
    223 although it may be possible in a future Tor Browser release [44]. In the
    224 mean time, Tails provides another way to prevent accidentally opening
    225 hyperlinks in a non-Tor browser.
    226 
    227   [44]: https://bugs.torproject.org/12763
    228 
    229 Easy development tasks to get involved with
    230 -------------------------------------------
    231 
    232 Tor Launcher is the Tor controller shipped with Tor Browser written in
    233 JavaScript. Starting with Firefox 14 the “nsILocalFile” interface has
    234 been deprecated and replaced with the “nsIFile” interface [45]. What we
    235 should do is replace all instances of “nsILocalFile” with “nsIFile” and
    236 see if anything else needs fixing to make Tor Launcher still work as
    237 expected. If you know a little bit about Firefox extensions and want to
    238 give this a try, clone the repository [46], make the necessary changes,
    239 run “make package”, and tell us whether something broke in interesting
    240 ways.
    241 
    242   [45]: https://bugs.torproject.org/10573
    243   [46]: https://gitweb.torproject.org/tor-launcher.git
    244 
    245 Upcoming events
    246 ---------------
    247 
    248  Aug.  6 19:00 UTC | little-t tor development meeting
    249                    | #tor-dev, irc.oftc.net
    250                    |
    251  Aug. 11 18:00 UTC | Tor Browser online meeting
    252                    | #tor-dev, irc.oftc.net
    253                    | https://lists.torproject.org/pipermail/tbb-dev/2014-August/000100.html
    254                    |
    255  August 18         | Roger @ FOCI ’14
    256                    | San Diego, California, USA
    257                    | https://www.usenix.org/conference/foci14
    258                    |
    259  August 20-22      | Roger @ USENIX Security Symposium ’14
    260                    | San Diego, California, USA
    261                    | https://www.usenix.org/conference/usenixsecurity14
    262 
    263 
    264 This issue of Tor Weekly News has been assembled by Lunar, harmony,
    265 Matt Pagan, Philipp Winter, David Fifield, and Roger Dingledine.
    266 
    267 Want to continue reading TWN? Please help us create this newsletter.
    268 We still need more volunteers to watch the Tor community and report
    269 important news. Please see the project page [47], write down your
    270 name and subscribe to the team mailing list [48] if you want to
    271 get involved!
    272 
    273   [47]: https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews
    274   [48]: https://lists.torproject.org/cgi-bin/mailman/listinfo/news-team
    275 }}}
     7'''Status:''' [https://lists.torproject.org/pipermail/tor-news/2014-August/000057.html sent]