James Delahunty
3 Mar 2007 18:18
Regardless of the massive amounts of news sources and blogs that interpreted research on The Onion Router (TOR) as the meaning it was "cracked", it remains a safe (perhaps the safest) way to gain anonymity while browsing and doing many other things online. Security research done by University of Colorado computer science instead tested a previously known vulnerability in the lab.
The developers of TOR responded to the blog response, with one member of the team saying, "Blogstorms can have real world consequences. Please ponder before you write, critically examine what you read, and ask us for updates." Tor anonymizes web traffic basically by routing data from the sender, through several nodes before it gets to the receiver.
A weakness that could be exploited in Tor is how the protocol tends to route traffic to devices which claim to have high amounts of bandwidth available. By modifying the software, a malicious user could attract more traffic through the network, and by setting up several of these servers, the chances that two could be included on the same path are increased.
If two malicious servers are included at the start and end points in a path, it becomes possible to identify the sender and receiver of the communications passing through. The original research team noticed the huge reaction to the news, and so posted an FAQ and claimed, "Tor is the most secure and usable privacy-enhancing system available".
This particular attack has never been seen outside of the lab and the team made suggestions on how to combat it. The suggestions include comparing bandwidth claims made by routers against observed performance and implementing "location diversity". Tor is used for many purposes, including providing Internet users in censored countries with a way to access any information and also sometimes to anonymize activity on P2P networks.
Source:
Ars Technica