Light Blue Touchpaper » Hot or Not: Revealing Hidden Services by their Clock Skew
Fuck fuck fuck. Apparently TOR has some vulnerabilities that can be exploited.
Read:
This is a feature of Tor which allows servers to be run without giving away the identity of the operator. These can be attacked by repeatedly connecting to the hidden service, causing its CPU load, hence temperature, to increase and so change the clockskew. Then the attacker requests timestamps from all candidate servers and finds the one demonstrating the expected clockskew pattern. I tested this with a private Tor network and it works surprisingly well.
You have to go to the link to read the whole deally at Light Blue Touchpaper. Good on them for giving us all the heads up.
Anyone got something better than TOR?
TheMostBoringBlogInTheWorld 
I don’t think there is any reason to move away from Tor. I explain why there is no reason to panic on my blog. All anonymity systems have weaknesses because nobody knows how to design a usable, but perfectly secure one and this is an active area of research. So of the laternatives, Tor is well analysed and has comparatively good security, but because it comes from an academic background, is more open about its flaws.
This is the most interesting and obscure vulnerablities when stacked with the Remote physical device fingerprinting publication this is wird as hell as to how someoen even would have mapped this idea out in their head in the first place adn then actually proved it is just awesome. I am just saying I think this is something only a very small percentage of data analysis or security and hacker people would think of. Awesome although hard for me to follow to be sure. Taking the idea a step further was great. Not quite on topic since I don’t currently use TOR but I guess Yoshi Kohno would have a hard tiem fingerprinting some of my devices since I turned TCP timestamps [off], and NTP and SNTP are disabled for quite a while now, maybe a year I think. Not that this really matters but I thought it was sort of related, although my NAT box may be doing it’s own thing which could be different but since it is a different device adn I can’t remember right now I’ll just say unsure. I never liked default settings on anything. I turn on and off stuff as I need it or disable, uninstall, ect. when it comes to services but I am not sure how far this gets me as far as the actual need to avoid fingerprinting devices since it shouldn’t bare to much weight on my security taking into account the big picture or the likeliness of use to a potential pen-tester of site but I should never rule anything out entirely. I didn’t do these things for fingerprinting avoidance but rather to save resources, overhead, smoe stealth in general, close ports or cripple them from attack and/or confuse attackers sometimes w/ non-functional services (fun adn to much free time) & such. Ok I went a bit offtopic. I need sleep I’m just babbling now I think. l8rz…
This is the quote I meant before from Steven J. Murdoch | September 5th, 2006 at 19:51 UTC:
Damn I screwed up tags lol I was attempting to quote from here:
http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/#comment-8
Sorry I am not a blogger lol 😛
[…] built in is fitting, it’s also laughable. Not only has Tor been found to have several vulnerabilities (despite them, it’s still a great service if you want to try to be anonymous in your surfing) […]