WingNews logo WingNews
top | item 9849327

(no title)

sarahj | 10 years ago

Some of the technical points of this article are simply wrong...

> The exit node IP address of the user was easily obtained using the two different methods discussed briefly above.

This is really not a vulnerability but simply how tor, and the internet at large, works - hidden services by design protect the service not the user (the user is protected by tor by default) - what the author actually did here was "leak" their non-hidden services IP.

> and true external IP address (see partial data example to the above). And to answer the second question, “no”, this did not involve the placement of malicious malware. Read on…

The author then goes on to state that they gave the users malicious malware to run which revealed their ip address. They justify that this was not malware by stating:

> It should be noted that this was not malware per se. It did not replicate and was run voluntarily by the user. The user was notified that a “security scan” was going to be run on their machine and they freely chose to run the scan.

The author then goes on to publish a list of tor exit nodes with tor user agents...which they could have gotten directly from the tor directory services...

And, as pointed out by others, the author never really goes on to state why they think Tor is the devil - they built a honeypot and were disgusted by the flies it attracted....I'm not really sure what they were expecting...

discuss

order

jrcii|10 years ago

The author appears to believe that "Tor is the devil" because "4,000-5,000 hidden services are running at any given time. Secondly, the content served by these sites is almost universally illegal or immoral (by my definition anyway). A conservative estimate would be maybe 1 out of 200 or so hidden service websites contain content I would deem worthy of the protection an anonymous network provides. Sites featuring free speech dumps or libraries of hard-to-find underground literature are few and far between on the Dark Web."

rnovak|10 years ago

Except that the approach the author used is in my opinion completely flawed.

The author states he started from 1 (one) seed URL, and then crawled the sites, visiting links. But that's not valid, as you'd only ever come across a possible fraction of what exists.

To be able to make any authoritative claim, he would need to scan the entire IP-space, like an actual search engine would.

I'm not condoning pedophelia or anything like it, but I think it's naive to take a simple approach and then make authoritative claims about the entirety of the TOR network.

But I also think that there were flagrant abuses that could be pursued under the CFAA. Just because something isn't "per se" malware doesn't mean it wouldn't fit the legal definition.

scott_karana|10 years ago

The author, from his comment section:

geekslop says: July 7, 2015 at 9:59 pm

Appreciate the comment RedditorThrowaway. My parenthetical headline that “tor is the devil” was facetious and apparently a failed attempt at dry humor.

mahouse|10 years ago

Are knives the devil, because knives can be used to kill people?

branchless|10 years ago

Honest question - what examples are there of literature that can only be obtained on the dark web? Perhaps I'm closeted but I'm unaware of such books.

For example right now I'm reading a sci-fi book that remains unpublished in Russia, but it's available in the west. Or the other day had a browse of "steal this book".

Genuinely curious.

christop|10 years ago

> the author never really goes on to state why they think Tor is the devil

According to the comments section, the author says "My parenthetical headline that “tor is the devil” was facetious and apparently a failed attempt at dry humor."

geek_slop|10 years ago

facetious: treating serious issues with deliberately flippant humor.