LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Eavesdropping on Tor traffic

Eavesdropping on Tor traffic

Posted Sep 13, 2007 6:40 UTC (Thu) by jordanb (guest, #45668)
Parent article: Eavesdropping on Tor traffic

> It is a bit ironic that one would use a service meant to provide anonymity
> to log in to a system using credentials that are intended to restrict access
> to a particular user. It is a bit like renting a room at the No-Tell Motel
> using your credit card. Presumably, the users had Tor installed and running
> for other reasons and either didn't know or forgot to turn it off when
> retrieving their email. Perhaps their email client helpfully retrieves their
> email every few minutes without their intervention.

Somebody I read recently (possibly here) noted that the TOR might have been used by these people to prevent their *origin* networks from determining where they were going.

I could see embassies not wanting people to identify their employees (or informants) by their internet usage and therefore install a TOR client on their computers to hide their accessing the embassy servers. Although you'd think that if they were sophisticated enough to do that they'd go the last five feet and make sure the employee was using an SSL connection..

(Log in to post comments)

Agree

Posted Sep 13, 2007 9:46 UTC (Thu) by jhs (guest, #12429) [Link]

I think that is why most people use TOR. The owners of your origin network usually have more influence over you than foreign researchers.

This is definitely the situation here in Thailand, where the TOR web site is banned, and distributing TOR is now illegal. Most people just use it to access youtube (also banned) since if they use standard web proxies, the police could detect that they are circumventing the censors (also illegal, obviously). Breaking cybercrime laws is no light matter, since offenders tend to just disappear instead of undergoing the standard legal process.

Eavesdropping on Tor traffic

Posted Sep 13, 2007 17:14 UTC (Thu) by iabervon (subscriber, #722) [Link]

There's also the possibility that these people actually want pseudonymity; consider Superman checking his gmail account from home. Even without getting any privacy of his Superman communications, he might not want Google server admins noticing that Superman tends to read his email from Clark Kent's home.

Eavesdropping on Tor traffic

Posted Sep 14, 2007 11:39 UTC (Fri) by rloomans (guest, #759) [Link]

> Although you'd think that if they were sophisticated enough to do that they'd
> go the last five feet and make sure the employee was using an SSL connection.

That for me is the most striking point.

After that for HTTPS, SSL and TLS support in mail protocols is the best supported and implemented. Even Outlook does it tolerably well. What were the mail server *administrators* doing allowing unsecured connections?

I work for a small, admittedly fairly internet savy, company and we don't even allow unsecured IMAP on our office network, and definitely not over the open internet.

On the other hand, if they were using webmail.....

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds