Eavesdropping on Tor traffic
A Swedish security researcher, Dan Egerstad, recently highlighted a flaw in the way many folks are using Tor, a tool for internet anonymity. He said that he had captured user names and passwords for at least 1000 email accounts, posting the details for 100 of those. Ten days after the initial disclosure, he followed up with information on how he captured the data.
Tor (aka The Onion Router) is a system designed to hide the source and destination of internet traffic by routing it through a few intermediate nodes. Software is available for most operating systems and can run in either client or server mode. The Tor network consists of many server nodes that can route this traffic, but it also has special nodes, called "exit nodes" that are the endpoints for traffic within the Tor network. Exit nodes are the ones that actually talk to the server the client was trying to reach, thus they see any traffic exactly as it will be presented to the destination.
A Tor client picks a random path through the network, using a directory server to get a list of active nodes. For each hop along that path, it negotiates a separate session key. It encrypts the packet data, along with a destination address, once per node in the path, building up a packet with multiple layers of encrypted information. Each layer can only be decrypted by the proper intermediate node. Each intermediate node only knows about its predecessor, the destination, and the key, so with more than a few nodes, the source and ultimate destination are hidden. The exit node is the last layer of the onion, what it decrypts is the data bound for the destination.
Running an exit node for Tor has some risks associated with it, as all traffic that goes to a destination site appears to originate from the exit node host. If the destination gets attacked by a denial of service or other exploit, the exit node operator would seem to be the guilty party. For this reason, Tor servers can determine whether or not they are willing to be exit nodes. What Egerstad did was to volunteer five servers as exit nodes and monitor the traffic that went by.
What his exit nodes saw was the traffic bound for various servers, much of it in the clear. He collected authentication for email servers from many users, with the ones he released being embassy workers and members of human rights organizations. He monitored the POP3 and IMAP protocols, specifically looking for keywords associated with governments. By looking at those two protocols, he not only was able to capture passwords, his exit nodes also saw all of the email stream by as it was delivered to the users.
This should come as no real surprise, unencrypted email protocols are a security hazard; they should probably go the way of telnet, and be banished from internet usage. What is more surprising, but perhaps shouldn't be, is that people are using Tor to retrieve their email. Tor is not supposed to be a complete privacy solution, and it is not presented that way, but the difference between anonymity and privacy seem to have gotten lost.
It is a near certainty that others are doing just what Egerstad did. Governments and criminals – though it can be hard to distinguish between the two at times – both have an interest in monitoring this kind of traffic. Egerstad lists a number of suspicious exit nodes in the Tor network, any or all of which could be scanning the cleartext traffic that streams by.
In some ways, Tor is really no different than the myriad routers that internet traffic passes through; each of those presents a point where traffic could be intercepted. Tor is better in that regard, perhaps, because all but the last leg (which, of course, traverses any number of routers) are encrypted. If an encrypted protocol, SSL or an ssh tunnel for example, were used end-to-end, Egerstad's monitoring would not have worked. With proper certificate/key handling, no intermediate node, Tor or router, can decrypt the traffic.
It is a bit ironic that one would use a service meant to provide anonymity to log in to a system using credentials that are intended to restrict access to a particular user. It is a bit like renting a room at the No-Tell Motel using your credit card. Presumably, the users had Tor installed and running for other reasons and either didn't know or forgot to turn it off when retrieving their email. Perhaps their email client helpfully retrieves their email every few minutes without their intervention.
It should be noted that Tor does not do anything above the protocol level to anonymize traffic. Cookies, browser identification strings and other information can be used to identify who is using the connection to anyone with access to the traffic. Obviously, logging in makes that even easier. Another known threat to anonymity using Tor, even with end-to-end encryption, is timing analysis. If someone can monitor the timing of the packets at the client and those at the server, they can make a statistical correlation between the two.
Tor achieved another kind of notoriety, recently, as some of the storm worm spam started pushing it as a solution for internet anonymity. Unfortunately, users who followed the link landed on a fake Tor download page. Downloading the software did not result in any increase in their privacy, it simply installed one of the storm worm variants. It is certainly not the publicity that Tor wanted, but it could, perhaps, lead a few users to the real Tor. It is a dubious honor, but the storm worm herders must believe that the Tor name has some credibility in order to use it this way.
Tor is an excellent tool for what it does, but it certainly is not a solution to all internet communication privacy issues. As with most things, users need to understand what they are doing before they can gain the benefits of Tor. By managing the higher level identifying information correctly (perhaps by using something like Privoxy), one can use internet services anonymously with a reasonable level of comfort. Using end-to-end encryption makes it that much better.
| Index entries for this article | |
|---|---|
| Security | Anonymity |
| Security | Internet/Tor |
| Security | Privacy |
Posted Sep 13, 2007 6:40 UTC (Thu)
by jordanb (guest, #45668)
[Link] (3 responses)
Somebody I read recently (possibly here) noted that the TOR might have been used by these people to prevent their *origin* networks from determining where they were going.
I could see embassies not wanting people to identify their employees (or informants) by their internet usage and therefore install a TOR client on their computers to hide their accessing the embassy servers. Although you'd think that if they were sophisticated enough to do that they'd go the last five feet and make sure the employee was using an SSL connection..
Posted Sep 13, 2007 9:46 UTC (Thu)
by jhs (guest, #12429)
[Link]
This is definitely the situation here in Thailand, where the TOR web site is banned, and distributing TOR is now illegal. Most people just use it to access youtube (also banned) since if they use standard web proxies, the police could detect that they are circumventing the censors (also illegal, obviously). Breaking cybercrime laws is no light matter, since offenders tend to just disappear instead of undergoing the standard legal process.
Posted Sep 13, 2007 17:14 UTC (Thu)
by iabervon (subscriber, #722)
[Link]
Posted Sep 14, 2007 11:39 UTC (Fri)
by rloomans (guest, #759)
[Link]
That for me is the most striking point.
After that for HTTPS, SSL and TLS support in mail protocols is the best supported and implemented. Even Outlook does it tolerably well. What were the mail server *administrators* doing allowing unsecured connections?
I work for a small, admittedly fairly internet savy, company and we don't even allow unsecured IMAP on our office network, and definitely not over the open internet.
On the other hand, if they were using webmail.....
Posted Sep 13, 2007 18:06 UTC (Thu)
by copsewood (subscriber, #199)
[Link]
If you are trying to make your communications secure from extremely well-funded opponents who can obtain warrants and put radio cars and surveillance outside your door then you are going to need to adopt extreme precautions.
For the rest of us, we already have a contractual relationship based on a certain level of trust with the ISP(s) we pay to handle our communications and who therefore have a commercial interest in enhancing the integrity of these communications. These ISPs also have similar contractual relationships with peers and upstreams. This network of mutual self interest in improving the integrity of communications is the platform where I currently see the web of trust needed to make secure end-to end services (such as encrypted email) as having the best chances of being built.
> It is a bit ironic that one would use a service meant to provide anonymityEavesdropping on Tor traffic
> to log in to a system using credentials that are intended to restrict access
> to a particular user. It is a bit like renting a room at the No-Tell Motel
> using your credit card. Presumably, the users had Tor installed and running
> for other reasons and either didn't know or forgot to turn it off when
> retrieving their email. Perhaps their email client helpfully retrieves their
> email every few minutes without their intervention.
I think that is why most people use TOR. The owners of your origin network usually have more influence over you than foreign researchers.Agree
There's also the possibility that these people actually want pseudonymity; consider Superman checking his gmail account from home. Even without getting any privacy of his Superman communications, he might not want Google server admins noticing that Superman tends to read his email from Clark Kent's home.Eavesdropping on Tor traffic
> Although you'd think that if they were sophisticated enough to do that they'dEavesdropping on Tor traffic
> go the last five feet and make sure the employee was using an SSL connection.
Making your communications secure from both a content and a traffic analysis point of view at the same time is extremely hard. You certainly can't trust someone you don't know who is offering to help you with either requirement for free. This article in a sense points out what should be pretty obvious. The fact that perfect solutions don't and won't exist also shouldn't get in the way of building very good ones.Eavesdropping on Tor traffic