Skip to main content

Researchers Unveiled a New, Serious Vulnerability In Tor

posted onJuly 30, 2015
by l33tdawg

Journalists and citizens living under repressive regimes alike depend on the encrypted Tor browser to surf the web anonymously. But in certain cases, an attacker can figure out which dark web site a user is trying to access by passively monitoring Tor traffic, and even reveal the identity of servers hosting sites on the Tor network.

For users, this means that an attacker can see that you’re using Tor to visit WikiLeaks’ hidden service—perhaps you want advice on leaking a sensitive government document—and match it up with your IP address. For hidden service providers, this means that the server hosting WikiLeaks’ site would be revealed to the attacker.

Importantly, the attack doesn’t require the decryption of any traffic—only that it be monitored —and the exploit only requires control of a node where users enter the Tor network. An attacker could even set one of these nodes up herself.

Source

Tags

Tor Security Privacy

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th