The Register® — Biting the hand that feeds IT

Feeds

Tor software updated after hackers crack into systems

Privacy-conscious users of the Tor anonymiser network have been urged to upgrade their software, following the discovery of a security breach. Two of seven directory authorities and a metrics data server were compromised in a hack discovered earlier this month, Tor developer Roger Dingledine explains. The three servers were …

This topic is closed for new posts.
Anonymous Coward
Black Helicopters

Tor is an irrelevance in the UK

If you run an exit node the UK government will shut you down using the best Daily Mail tactics available. Count the exit nodes in the UK compared to say Germany or Austria.

Just for fun, install the Tor and Privoxy clients, use Google. You'll get a different view of the world. Without it you get the view some spod in the government deems fit.

China isn't the only country being censored.

Make July 4th Exit Node Day in the UK.

Anonymous Coward
Grenade
Reply Icon

Keep taking the tablets

The Government is not censoring Google. Google search results are different based on the territory Google thinks you're coming from, in an attempt to better sell you stuff through advertising.

You'll get the same thing if you go to Google in the uk, it will redirect to google.co.uk, search for something, then open another browser window, and click on the "Go to Google.com" link on the google.co.uk site, and search for the same thing.

Different results appear. This is not the UK Government determining results. You are mental.

Trevor Marron
FAIL
Reply Icon

Total bollocks

My exit node has been continuously up (bar software upgrades) for over three years.

Anonymous Coward
Anonymous Coward

Tor reaps what it helps to sow?

Hmm.... I support the principle of anonymity on the web but Tor had best sort its own security because it provides a portal for some very nasty characters indeed.

Virtually every hit our our web server receives via Tor routers is a spambot, hacker or malware agent of some kind.

Take any IP address from the list of Tor exit nodes available here...

http://torstatus.kgprog.com/tor_exit_query.php

and check it in Project Honeypot's database of horrors

http://www.projecthoneypot.org/search_ip.php

and it will light up like a lantern. I'm amazed there's any bandwidth left for the dissidents, p%^dos and terrorists.

Anonymous Coward
Joke
Reply Icon

Oooo! Be Careful,

Next thing a chorus of freetards will be strawmanning your view into "the innocent have nothing to hide.";-)

Anonymous Coward
Thumb Down
Reply Icon

How?

How exactly are they supposed to provide an anonymizing service and simultaneously tell the nasty characters and dissident paedophile terrorists apart? Unfortunately those are mutually exclusive goals as far as I can tell. The Tor Project, does all the can, by publishing a list of exit nodes (optionally filtered by which IPs and Ports they permit). Basically they're saying, "Hey look, these people are anonymous, block them if you feel you must." Of course they'd prefer you didn't, and suggest some less heavy-handed approaches, but you can't say they don't make it easy to protect yourself.

Anonymous Coward
WTF?

many countries are being censored

In Italy there is certainly a blacklist, anyway I thought the whole point behind Tor was that it is necessary to hide/dilute the traffic generated from the clusters at mxxx.gov.uk etcetera with 'ordinary' pr0n and lusers. does this mean that our security authorities don't mind their traffic being profiled? Tor should be given away like AOL disks!

remember that the European Commission considers eMail so open that it's assumed users DO encrypt their eMail, when in fact most don't. in the same 'human rights' context you could certainly argue that Tor should equally be assumed as necessary for normal online-browsing privacy.

Matthew Anderson

wot no firewalls?

By the sounds of it the attackers were simply port scanning for available vulns and the Tor servers came up on their lists, probably amongst hundreds of other IP's on the ranges they were scanning.

These won't have been windows machines (although possible WS2003) and of course shows that all systems, no matter what operating system they are using, have a degree of vulnerability. (yes even when kept up-to-date with all available patches)

<insert penguin joke here>

However had they been Windows machines you can just imagine the outcry from nix and apple fanboys alike. *sigh*

Anonymous Coward
Anonymous Coward
Reply Icon

Mind that brush while you're tarring ...

"However had they been Windows machines you can just imagine the outcry from nix and apple fanboys alike. *sigh*"

Why so general and sweeping with that comment? I don't usually see this behaviour from *nix users except for a certain breed of Linux user. When was the last time you saw a load of frothing-at-the-mouth 13 year old OpenBSD users swarming on a forum, for example?

However there is one other type of comment which is almost always made on articles like this, and it goes something like, "Had they been Windows machines you can just imagine the outcry from nix and apple fanboys alike. *sigh*"

Matthew Anderson
FAIL
Reply Icon

letters and/or digits

Sweeping for a very good reason, you obviously don't read Ell Reg often enough.

Anonymous Coward
FAIL
Reply Icon

There's a reason for that.

How often do you read about Windows vulns on El Reg, and how often do you read about *nix vulns?

Also, is Ell Reg the french version that reports on high fashion?

Bill Neal
Joke

Really?

Roger Dingledine, really?

Peter Gathercole
Thumb Down

Could be more open...

... like telling us which (embarrassing) vector was used to gain access to the servers in the first place! You would think that they would be extra careful with these systems.

Richard Sloan
Coat

Death by spellcheck

"The latest security problems is less serious but sill merits attention. "

"but sill merits"

"sill"

Another vulnerability with windows?

This topic is closed for new posts.