Several Tor Exit Nodes Vulnerable To OpenSSL Heartbleed Vulnerability, and blackliste

[Silviu]

Several Tor Exit Nodes Vulnerable To OpenSSL Heartbleed Vulnerability, and blacklisted 380 vulnerable Tor exit nodes.

Half of the Internet fall victim to the biggest threat, Heartbleed bug and even the most popular online anonymity network Tor is also not spared from this bug.

Tor is one of the best and freely available privacy software, runs on the network of donated servers that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship.

When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes, which can be anywhere in the world. An Exit relay is the final relay that Tor encrypted traffic passes through before it reaches its destination.

But some of these Tor exit nodes are running on the servers with the affected version of OpenSSL installed which are vulnerable to the critical Heartbleed Flaw. This means an attacker can grab the hidden information from the Tor network which is actually restricted by the Tor service, making it no more anonymising service.

Heartbleed is a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server’s memory, potentially revealing users data in the plaintext, that the server did not intend to reveal.

By exploiting Heartbleed bug on the affected nodes, anyone could find the internal information relating to Tor network that could compromise the security and privacy of the whole network.

In response to this threat, Tor Project leader as well as Tor’s co-developer Roger Dingledine, has rejected 380 vulnerable exit nodes suggesting on the Tor mailing list that the exit nodes running the vulnerable versions of OpenSSL should be blacklisted from the network.

"If the other directory authority operators follow suit, we'll lose about 12% of the exit capacity and 12% of the guard capacity," he writes on the software's mailing list.

Tor promises anonymity to its network users by using proxies to pass encrypted traffic from the source to destination, but the heartbleed bug gives all the hackers privilege to exploit a vulnerable exit node in order to obtain the traffic data, making its users exposed on the Internet.

The first list of rejected exit nodes is released by the Dingledine and he stressed that the affected nodes will not be allowed back on the network even after being upgrade.

“I thought for a while about trying to keep my list of fingerprints up-to-date (i.e. removing the !reject line once they've upgraded their openssl), but on the other hand, if they were still vulnerable as of yesterday, I really don't want this identity key on the Tor network even after they've upgraded their OpenSSL,” Dingledine wrote.

Tor service was also targeted by the U.S. intelligence agency NSA, revealed by a classified NSA document titled ‘Tor Stinks’ leaked by Edward Snowden. The document shows the interest of NSA in tracking down all Tor users and monitoring their traffic.

Also the recent allegations on the agency using the Heartbleed bug from years to gather information suggests the agency may have used it to track down Tor users. Although the NSA denied the claims of exploiting the Heartbleed bug in order to gather any type of information.

Sursa: The Hacker News: Hacking and Security News

[fusername]

Daca am inteles eu bine cum funcrioneaza TOR, cuvantul cheie este "Onion" (ceapa). O metafora care se explica logic asa:

# Etapa 0 ? conectarea ?se stabileste nr. de noduri/salturi din retea pana la "exit point"=nx;

# Etapa 1 ? in browserul client se introduce cererea si se cripteaza pe nx straturi;

# Etapa 3 ? se expediaza cererea catre primul nod care decripteaza primul strat (catre urmatoarele noduri informatia ramane incapsulata in celelalte nx-1 straturi);

# ...

# Ultima etapa ? cererea ajunge la nodul nx unde se decripteaza ultimul strat si se trece in clear text.

Raspunsul urmeaza traseul invers (la serverul nx primeste primul strat de securizare... in browserul client se decripteaza toate straturile "nx" la numar).

E ca si cum ai impacheta ceva in mai multe foi de ceapa (incearca sa zdrobesti foile si lacrimezi si tot nu vezi nimic clar) si trimiti prin mai multi intermediari care, fiecare poate decoji o singura foaie de ceapa fara sa lacrimeze prea tare (sa introduca erori). Aici mi se pare ca sta siguranta din TOR.

Acum sa pun si problema pe care sunt sigur ca nu o inteleg:

Cum poate patrunde cineva intr-un strat sau doua de criptare (cu un supercomputer, eu stiu?) din TOR si sa dezvaluie informatia in clear text fara vreun bug in TOR Browser (care este default Firefox)? Ma gandesc ca o exploatare Heartbleed nu implica in niciun fel Firefox. Sau ma insel?

Momentan mi se pare ca vulnerabilitatea Heartbleed asociata cu TOR = praf in ochi aruncat naivilor.

Edited April 18, 2014 by fusername