CANNON NATHANIEL CIOTA: > Seeking technical information on how hidden services were de anonymized > and what updates to HS protocol was applied as a mitigation. > Thanks,
A protocol flaw allowed Guard-node and Exit-node (or that thing that does rendezvous, forgot the name) to talk to each other over a "hidden information line" on one Tor circuit. Guard-node knows the real IP, Exit-node knows traffic + destination IP or in the case of hidden services, the destination onion. If both nodes were attacker-controlled, they talked to each other via that information line, using some weird Tor control messages which were somehow transparently transported on the whole circuit. Torproject disabled that weird control message and included a detection, if any Tor client notices someone still using it, it creates a log message with the instruction to notify Torproject. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
