Delivery-Date: Thu, 03 Jul 2014 15:42:15 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,HK_RANDOM_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,
	T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id BA5A91E0CF5
	for <archiver@seul.org>; Thu,  3 Jul 2014 15:42:12 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E7A412E91E;
	Thu,  3 Jul 2014 19:42:06 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 37D432BC0E
 for <tor-talk@lists.torproject.org>; Thu,  3 Jul 2014 19:28:18 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id fbAaJYnHiKhB for <tor-talk@lists.torproject.org>;
 Thu,  3 Jul 2014 19:28:18 +0000 (UTC)
Received: from mail-lb0-x22e.google.com (mail-lb0-x22e.google.com
 [IPv6:2a00:1450:4010:c04::22e])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id CEBCA2973B
 for <tor-talk@lists.torproject.org>; Thu,  3 Jul 2014 19:28:14 +0000 (UTC)
Received: by mail-lb0-f174.google.com with SMTP id u10so500353lbd.5
 for <tor-talk@lists.torproject.org>; Thu, 03 Jul 2014 12:28:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=mZab4hgHUAw3gXikZU7x/AZIt/R63/MDywx1Y7qNCKE=;
 b=QHaEhDIDqK/opYcYsngiBn0lH1ZMNf7/MSfIO9l5E1mIB0fLSa7DU3RuPQmrC3ASM0
 pZhuSfm661yhxEJjL7/F7SOwN0DZEMBO7T6s/8BNsQrUKjsdb7jtHN42m3J3VpEQ/Fd5
 lkugbRt6M/yC5xdZ9G9PticBXlxtXdZtTbWtlM7OvErU8TJV+oO9ioYcXYvfaeVbden8
 JMLh51o4qMahS4mqegta4UOXgO79NzOr66Vp5auPl/065ooOqIKnekffw2UulOhloq28
 ++cPLQkjG69GXwqe8nWdnq8c2dN7voBq/RczUG7slH6OPrXN+Y2Gqw/WCCx3d3rJ2s/t
 tc6A==
MIME-Version: 1.0
X-Received: by 10.112.149.102 with SMTP id tz6mr4553612lbb.27.1404415691496;
 Thu, 03 Jul 2014 12:28:11 -0700 (PDT)
Received: by 10.152.144.201 with HTTP; Thu, 3 Jul 2014 12:28:11 -0700 (PDT)
In-Reply-To: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@mail.gmail.com>
References: <CAD2Ti28UgXbB6wEry3VZjaWg4-8j7Ddi6stAfP7y+DrXWQn-0A@mail.gmail.com>
Date: Thu, 3 Jul 2014 15:28:11 -0400
Message-ID: <CAAKrFTxUxqQKc=YyOHo9mtvzY9MCZSA3Bap2Hn-0TZ039J69uA@mail.gmail.com>
From: Matthew Kaufman <mkfmncom@gmail.com>
To: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Cc: cypherpunks@cpunks.org
Subject: Re: [tor-talk] BlackHat2014: Deanonymize Tor for $3000
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

https://www.blackhat.com/us-14/briefings.html#you-dont-have-to-be-the-nsa-to-break-tor-deanonymizing-users-on-a-budget


On Thu, Jul 3, 2014 at 2:05 PM, grarpamp <grarpamp@gmail.com> wrote:

> You Don't Have to be the NSA to Break Tor: Deanonymizing Users on a Budget
> Alexander Volynkin / Michael McCord
>
> [...]
> Looking for the IP address of a Tor user? Not a problem. Trying to
> uncover the location of a Hidden Service? Done. We know because we
> tested it, in the wild...
>
> In this talk, we demonstrate how the distributed nature, combined with
> newly discovered shortcomings in design and implementation of the Tor
> network, can be abused to break Tor anonymity. In our analysis, we've
> discovered that a persistent adversary with a handful of powerful
> servers and a couple gigabit links can de-anonymize hundreds of
> thousands Tor clients and thousands of hidden services within a couple
> of months. The total investment cost? Just under $3,000. During this
> talk, we will quickly cover the nature, feasibility, and limitations
> of possible attacks, and then dive into dozens of successful
> real-world de-anonymization case studies, ranging from attribution of
> botnet command and control servers, to drug-trading sites, to users of
> kiddie porn places. The presentation will conclude with lessons
> learned and our thoughts on the future of security of distributed
> anonymity networks.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

