anon101
@ltdomains.com
 from:
Cabal 
| The hack of the year
"In August, Swedish hacker Dan Egerstad gained access to sensitive embassy, NGO and corporate email accounts. Were they captured from the clutches of hackers? Or were they being used by spies? Patrick Gray investigates the most sensational hack of 2007."
»www.theage.com.au/news/security/···522.html |
|
caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
Spokane, WA
 ·WebBand
| said by anon101 :"In August, Swedish hacker Dan Egerstad gained access to sensitive embassy, NGO and corporate email accounts. Were they captured from the clutches of hackers? Or were they being used by spies? Patrick Gray investigates the most sensational hack of 2007." » www.theage.com.au/news/security/···522.html Sounds like a review for a Tom Clancy novel...
--
My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages |
|
anon101
@ltdomains.com | reply to anon101
It's a nice article on how one can sniff TOR traffic easily like that hacker did which brings up a question of why would anyone set a free TOR node that would costs thousands of dollars to maintained, could it be spies. |
|
Sindows 7
join:2006-09-13
Hope, BC
1 edit | reply to anon101
I always thought Tor (The Onion Router) was a trap.....free software that can hide illegal acts is like such an obvious trap. |
|
pinkcarpet
join:2007-11-16 | .. Sarcasm?
Tor is open source and you have as much privacy as your node is offering.
»www.torproject.org/download.html.en |
|
33591094
join:2002-11-19
Canada
| reply to Sindows 7
said by Sindows 7 :I always thought Tor (The Onion Router) was a trap.....free software that can hide illegal acts is like such an obvious trap. Well, it's a "trap" if used stupidly, so...... |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
 ·Callcentric
 ·RoadRunner Cable
·AT&T CallVantage
2 edits | reply to anon101
I always wondered how those TOR servers and exit nodes and fat pipes were paid for, who paid and who controlled them.
All this guy had to do was sniff the exit nodes he created and filter the packets for interesting keywords and domains. There were no legal issues for him since all he did was view traffic on his own servers.
I have no doubt that there are lots of clueless TOR users who configure their systems wrong and have less than a full understanding of the TOR system. The folks who think that they have the silver bullet are most at risk. A false sense of security is worse than no security at all.
As he said, TR has its uses, but only if the user understands the application and its limitations. According to the guy, about half of TOR users don't.
Link to a more complete MP3 interview and detail can be found here as well as in the OPs article.
The first few minutes are other topics, but after that there's a good interview and follow-up discussion.
It's also interesting that the major use of TOR (about half per interviewee) is to surf porn sites.
Maybe I should set up an exit node and see what goes through my system. This sounds like fun 
--
My Flickr Gallery |
|
beenshutdown
join:2007-09-10
Fresno, CA
| An interesting follow up. He was raided, hardware was confiscated, arrested, interrogated and let go the other day.
»www.smh.com.au/news/security/pol···481.html |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage
| The title of that story should be "What happens when you stir the pot". Sounds like some embarrassed politicians are looking to discourage public disclosure of bureaucratic incompetency and poor security practices.
--
My Flickr Gallery |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ | reply to anon101
Well, so much for the security all those TOR users brag about which they claim hides their online file sharing of copyrighted content. |
|
fatness
subtle
Janitor
join:2000-11-17
fishing
·EarthLink
Host:
Earthlink DSL
TekSavvy
Forum Feature Requ..
Need Site Help?
Rants, Raves, and ..
| reply to beenshutdown
quote:
After informing the governments involved of their security failings and receiving no response, Egerstad published 100 of the email accounts, including login details and passwords, on his website for anyone curious enough to have a look.
quote:
Egerstad was soon back to his regular routine but, on Monday morning, his apartment, located 650 kilometres from Stockholm, was raided by four agents from Swedish National Crime (which Egerstad calls "our FBI") and Swedish Security Police ("our CIA").
Nice priorities there.
quote:
The raid occurred around the same time a feature article on Egerstad's hack appeared in the Next IT section in The Age and The Sydney Morning Herald, but it is unlikely the story sparked the raid.
Ha ha. 
--
Sure, that'll work.. |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
·Vonage
| reply to anon101
This isn't really *new* news, other than the specific incident. It has been discussed previously how easy it is to sniff a TOR server:
»Tor hack proposed to catch criminals
HD Moore, the lead developer of the Metasploit Project, has created a rough set of tools that allows anyone operating a Tor server to attempt to track the source of network data. Moore originally created the software to block file sharers from eating up his computer's bandwidth, but soon targeted potential child pornographers who appeared to be using the network, he said.....
For his part, Moore intends to turn the tools over to law enforcement for their own use, he said.....
The Tor Project has already taken steps to inform its users. On Thursday, the project added a warning to its documentation and further outlined what users need to do to protect their anonymity online.
"Tor by itself is NOT all you need to maintain your anonymity," the site read. "There are several major pitfalls to watch out for."
The list of threats is not small: misconfigured applications, using any of a number of browser plugins, visiting sites that have set cookies, and a lack of encryption from the Tor network to the destination server.
If nothing else, the list underscores that, in the digital world, anonymity is not easy.
»www.securityfocus.com/news/11447
--
10,019 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore
|
|
