Anonymous_User Absent Member.
Absent Member.
2757 views

TOR and Privoxy

Any one using these?

What's your opinions?


--
Jay Calderwood
http://jaycalderwood.blogspot.com

....The road to happiness is forgiveness... Now that my one and only true
love is back in my arms, I am happy.
I now know the mistakes I have made and will not make them again.

(MATT 6:14-16 KJV) For if you forgive men when they sin against you,
your heavenly Father will also forgive you.
But if you do not forgive men their sins, your Father will not forgive
your sins.
Labels (1)
0 Likes
14 Replies
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

Jay Calderwood ha scritto:

> Any one using these?
>
> What's your opinions?


Go for it.

Rogue Nodes Turn Tor Anonymizer Into
Eavesdropper's Paradise
By Kim Zetter 09.10.07 | 2:00 AM

A security researcher intercepted thousands of private e-mail messages
sent by foreign embassies and human rights groups around the world by
turning portions of the Tor internet anonymity service into his own
private listening post.

A little over a week ago, Swedish computer security consultant Dan
Egerstad posted the user names and passwords for 100 e-mail accounts
used by the victims, but didn't say how he obtained them. He revealed
Friday that he intercepted the information by hosting five Tor exit
nodes placed in different locations on the internet as a research
project.

Tor is a sophisticated privacy tool designed to prevent tracking of
where a web user surfs on the internet and with whom a user
communicates. It's endorsed by the Electronic Frontier Foundation and
other civil liberties groups as a method for whistleblowers and
human-rights workers to communicate with journalists, among other uses.
It's also used by law enforcement and other government agencies to
visit websites anonymously to read content and gather intelligence
without exposing their identity to a website owner.

But Egerstad says that many who use Tor mistakenly believe it is an
end-to-end encryption tool.

As a result, they aren't taking the precautions they need to take to
protect their web activity.

He believes others are likely exploiting this oversight as well.
"I am absolutely positive that I am not the only one to figure this
out," Egerstad says. "I'm pretty sure there are governments doing the
exact same thing. There's probably a reason why people are volunteering
to set up a node."

Victims of Egerstad's research project included embassies belonging to
Australia, Japan, Iran, India and Russia. Egerstad also found accounts
belonging to the foreign ministry of Iran, the United Kingdom's visa
office in Nepal and the Defence Research and Development Organization
in India's Ministry of Defence.

In addition, Egerstad was able to read correspondence belonging to the
Indian ambassador to China, various politicians in Hong Kong, workers
in the Dalai Lama's liaison office and several human-rights groups in
Hong Kong.

Egerstad says it wasn't just e-mail that was exposed but instant
messages passed internally between workers and any other web traffic
that crossed the network. Among the data he initially collected was
e-mail from an Australian embassy worker with the subject line
referring to an "Australian military plan."

"It kind of shocked me," he says.

Tor has hundreds of thousands of users around the world, according to
its developers. The largest numbers of users are in the United States,
the European Union and China.

Tor works by using servers donated by volunteers around the world to
bounce traffic around en route to its destination. Traffic is encrypted
through most of that route, and routed over a random path each time a
person uses it.

Under Tor's architecture, administrators at the entry point can
identify the user's IP address, but
can't read the content of the user's correspondence or know its final
destination. Each node in the
network thereafter only knows the node from which it received the
traffic, and it peels off a layer
of encryption to reveal the next node to which it must forward the
connection. (Tor stands for
"The Onion Router.")

But Tor has a known weakness: The last node through which traffic
passes in the network has to decrypt the communication before
delivering it to its final destination. Someone operating that node can
see the communication passing through this server.

The Tor website includes a diagram showing that the last leg of traffic
is not encrypted, and also warns users that "the guy running the exit
node can read the bytes that come in and out of there."

But Egerstad says that most users appear to have missed or ignored this
information. Unless they're surfing to a website protected with SSL
encryption, or use encryption software like PGP, all of their e-mail
content, instant messages, surfing and other web activity is
potentially exposed to any eavesdropper who owns a Tor server.

This amounts to a lot of eavesdroppers -- the software currently lists
about 1,600 nodes in the Tor network. Egerstad discovered the problem
about two months ago when he signed up five servers he owns in Sweden,
the United States and Asia to be Tor nodes, and started peeking at the
traffic. He was surprised to discover that 95 percent of the traffic
that passed through his Tor nodes was not encrypted.

Even more surprising was the number of embassies and other government
agencies that were using Tor, and using it incorrectly.

That prompted Egerstad to narrow his search to e-mail correspondence
with a focus on government agencies. He wrote a script to search for
..gov domains and keywords such as "embassy," "war" and "military," and
focused on sniffing port-25 traffic, the port through which e-mail
passes.

He collected between 200 and 250 accounts belonging to embassies and
government agencies that were sending passwords and the content of
correspondence in the clear.

None of them belonged to U.S. embassies or government agencies.

Among the data he found in the correspondence was a spreadsheet listing
passport numbers and personal information about the passport holders,
as well as sensitive details about meetings and activities among
government officials.

Egerstad contacted one account holder about his vulnerability but was
ignored, he says.

So on Aug. 30 he posted 100 of the accounts and passwords online to get
the word out, but kept largely mum about how he'd obtained the
information.

Since posting the data, he says only one victim has contacted him to
find out what they were doing wrong and learn how to fix it: Iran.

In addition to Iran's Ministry of Foreign Affairs, the country's
embassies in Ghana, Kenya, Oman and Tunisia were swept up by Egerstad's
experimental surveillance.

Shava Nerad, the development director for the nonprofit group that
supports Tor, admits the group needs to produce better documentation
for users to make the risks of the system clearer.

But she adds that people in high-risk environments, such as embassies,
should understand those risks already and should be encrypting their
communication on their own.

"If you're in a position like that handling sensitive data and you're
working for the government," she says, "it is irresponsible to send
that data unencrypted. They should institute practices that educate
their users and ensure the privacy of the data by going through
encrypted VPNs."

Egerstad says he has shut down his Tor nodes.

--
brainonomous
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

brain,

That hoovers....



--
Jay Calderwood
http://jaycalderwood.blogspot.com

....The road to happiness is forgiveness... Now that my one and only true
love is back in my arms, I am happy.
I now know the mistakes I have made and will not make them again.

(MATT 6:14-16 KJV) For if you forgive men when they sin against you,
your heavenly Father will also forgive you.
But if you do not forgive men their sins, your Father will not forgive
your sins.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

brain wrote:

> Jay Calderwood ha scritto:
>
>> Any one using these?
>>
>> What's your opinions?

>
> Go for it.
>
> Rogue Nodes Turn Tor Anonymizer Into
> Eavesdropper's Paradise
> By Kim Zetter 09.10.07 | 2:00 AM


Good info

Doug
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

> "Jay Calderwood" <jeromecalderwood@gmail.com> wrote
> in message news:ZhaGi.157$Qs3.146@kovat.provo.novell.com...
>
> Any one using these?
>
> What's your opinions?




It's an absolute nightmare trying to stop the student's
from using it. I wish it would curl up and die in fire.


--
AZC


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

Andrew Z Carpenter wrote:

> It's an absolute nightmare trying to stop the student's
> from using it. I wish it would curl up and die in fire.


look into openDNS - it may be of benefit.

--
http://brokertech.parallel42.ca/blog
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

Rick Chisholm <rchisholm@SPAMsouthlandonline.com> wrote in news:fVbGi.263
$Qs3.200@kovat.provo.novell.com:

> look into openDNS - it may be of benefit.
>


Is it faster now? Last time I tried it the resolves were so slow it was
like using a 33.6 modem not some multimegabit cable modem. I suspect they
need a NZ server in their dns pool to fix that.
Pings from NZ to SF are slow unless you have KAREN.
http://www.karen.net.nz/home/
The .edu trump the public yet again...

--
Ciao, Dave
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

exceptionally fast for us - I totally love it!
--
http://brokertech.parallel42.ca/blog
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

> "Rick Chisholm" <rchisholm@SPAMsouthlandonline.com> wrote
> in message news:fVbGi.263$Qs3.200@kovat.provo.novell.com...
>
> look into openDNS - it may be of benefit.




How exactly?


--
AZC


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

Andrew Z Carpenter wrote:


> How exactly?


blocking access to anonymous proxies...

http://www.opendns.com/support/article/191

--
http://brokertech.parallel42.ca/blog
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

> "Rick Chisholm" <rchisholm@SPAMsouthlandonline.com> wrote
> in message news:MiwGi.1001$Qs3.363@kovat.provo.novell.com...
>
> blocking access to anonymous proxies...
>
> http://www.opendns.com/support/article/191




Funnily enough I was already using OpenDNS on my own workstation and at
home, but wasn't aware of the benefits of setting up an account and rolling
it out across the campus.

Done and dusted!

This is gonna be so much fun next week.....

Thanks Rick 😉


--
AZC


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

np!

started using here a while ago and I am very happy with it - although it
takes away some of the work the squid proxy was doing.
--
http://brokertech.parallel42.ca/blog
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

> "Rick Chisholm" <rchisholm@SPAMsouthlandonline.com> wrote in
> message news:yiyGi.1382$Qs3.785@kovat.provo.novell.com...
>
> started using here a while ago and I am very happy with it -
> although it takes away some of the work the squid proxy was
> doing.




I don't mind that. My squid box was running at a load of
between 2 and 3 at busy times.



--
AZC


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: TOR and Privoxy

> "Rick Chisholm" <rchisholm@SPAMsouthlandonline.com> wrote
> in message news:fVbGi.263$Qs3.200@kovat.provo.novell.com...
>
> look into openDNS - it may be of benefit.




That's filtered out most of the CGI Proxy sites, but TOR just
breezes right through it. It must be sending it's DNS requests
somewhere else. 😕


--
AZC


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.