User:Grobinson/Notes DEFCON 2013

From MozillaWiki
Jump to: navigation, search

Links to slides/video from DEFCON 21 have not been posted yet; I will update this when they are.

Safety of the Tor network: a look at network diversity, relay operators, and malicious relays

Runa Sandvik from Tor Project.

  • How safe is the Tor network?
  • Who are the relay operators?
  • What about malicious relays?
  • What about the CIA/NSA/PRISM?

Standard Tor circuits have 3 nodes, in order from client → server:

  1. guard relay
  2. nonexit relay
  3. exit relay

Tor client downloads the list (consensus) of all relays on the network (~ 4,000 right now). Picks 3 guard nodes. Always uses one of those as first relay for the next ~3 months.


  1. if the same person controls the guard relay and the exit relay, they can correlate traffic and deanonymize users.
  2. Exit node operators can read (non end-to-end encrypted) traffic

Out of 4,000 nodes, only ~1,000 are exits and only 1,000 are guards.

With PRISM, NSA, international intelligence cooperation, etc., the concern now is who owns the links (the AS). *Users Get Routed: Traffic Correlation on Tor by Realistic Adveraries *will be published later this year. Ongoing research as to how we can change Tor to try to resist this.

Tor prefers relays with most bandwidth to offer, so Tor tends to prefer relays in US, Germany, etc. This means we have less diversity (relevant to 3-letter agency surveillance) than we might want.

Who owns the IP addresses for all of these relays? No government-owned IPs run relays. Maybe they don't need to.

There have been some notably suspicious relays in the past:

  1. tbreg
    1. nickname of Tor exit in China
    2. had ~20,000 IPs in 1 year
    3. never caught it doing anything malicious
    4. fell off the network after about 1 year
  2. trotsky
    1. low bandwith relays in eastern europe
    2. ran for ~3 weeks
    3. suspected to be a botnet (never proven); was removed from the consensus

Orbot (Android Tor client) relays popping up in the middle east is a German non-profit with the goal of increasing router (focus on exit) diversity. CCC also runs relays. DFRI in Sweden.

What would malicious relays look like?

  1. Active
  2. Passive

How bad can it get? It depends.

Tor opens a new circuit for every connection you make to reduce correlation of activity across websites.


  1. Consensus tracker
  2. Snakes on a Tor (SoaT)
    1. check for fake SSL certificates, DNS tampering, censorship, etc.
    2. worked for a while, but not longer maintained
  3. Tor Exit SSL Checker

Question about safety of running an exit. Exonorator.

De-Anonymizing Alt.Anonymous.Messages

Mix networks (remailers) Shared mailboxes. Integrating with emails with nymservers

A.A.M is theoretically the most secure (best "informatin theoretic" properties). ~190 messages/day This average has held steady for the past 5 years

53% of (anonymous) messages go through

  • Dizum
  • Zax

Over 10 years. Recently, they send 100% of all messages. No network diversity whatsoever! What type of analysis can we do?


Nested PGP messages... why?

  1. Type I-III Remailers

Nymservs - Pynchon Gate. Mixinion is a bit better than Mixmaster.

Twitter: tomrittervg

Javascript File Storage Botnet

This is cool because it is built entirely from modern (HTML5) web technologies. It does not require any exploits.

  1. Node infestation techniques
    1. Use sites you own (or at least control)
    2. Compromised sites (persistent XSS)
    3. URL shorteners
    4. Ad Distribution Networks
    5. Anonymous proxy servers
  2. Command and Control
    1. HTML5 Web Sockets
    2. Fallback to AJAX for older browsers
  3. Data Storage
    1. HTML5 Web Storage
    2. Megabytes of application data
  4. Backend
    1. RoR, MySQL (ActiveRecord), Redis

Other botnet uses:

  • Network Scanning
  • DDoS Attacks
  • Data Processing (Web Workers)

Building the file system

  • File block: piece of an uploaded file with a set max size
  • Node: A browser that is a member of the botnet
  • Server: central C&C server used to manage nodes, uploads, downloads, and block directories

File → Name, MIME Type, Data Encrypt data with AES (Base64 String). Split into blocks Nodes will be moving on an off frequently and unpredictable. We have a heartbeat.