Privacy advocates are leering of the Tor network lately, as published research has shown a significant number of network’s exit relays have been compromised recently. Additionally, on September 15, the Hacker Factor Blog has posted a new report about Tor that shows IP addresses being exposed. The paper named “Tor 0-day” says that it is an open secret in the internet service community:
For over the years, many digital currency advocates have been utilizing Tor and virtual private networks (VPNs) to be unidentified while sending bitcoin transactions. The Tor Project was released 17 years ago in 2002, and then it always claimed to obfuscate internet traffic for the end-user. The software written in C and Python has leveraged a volunteer overlay network consisting of thousands of diverse relayers. This network’s basics are destined to screen a user’s activity on the internet and permit unmonitored private communications.
Since Covid-19 started and during the months that followed, several individuals are exposed to a few of Tor’s weaknesses. A Tor susceptibility that was revealed in August was the large-scale use of malicious relays. A paper is written by the researcher dubbed “Nusenu” said that 23% of Tor’s current exit capacity is recently compromised. Nusenu had also cautioned about this issue months ago in December 2019, and then his research fell on deaf ears. Simultaneously, following Nusenu’s critique, another scathing report called “Tor 0-day” and detailed that IP addresses can be perceived when they were linked straight to Tor or leverage a bridge.
The paper “Tor 0day” have stressed that it is pretty much an “open secret” among those who know that users ‘are not anonymous on Tor. “The research is a part one of a new series. A follow up will circulate a data that can define “a lot of susceptibilities for Tor.” The hacker has described a part one how to “detect people as they connect to the Tor network (both directly and through bridges)” and why the attacks have been defined as “zero-day attacks.”
The blog post also showed how to identify Tor users’ real network address by tracking Tor bridge users and discovering all the bridges. The study has revealed that anyone who leverages the Tor network should be very suspicious of these types of zero-day attacks, and the worse is “none of the exploits in [the] blog entry are new or novel,” the researcher strained. The Hacker Factor Blog author quotes a paper from 2012 that identifies an “approach for deanonymizing hidden services” with parallel Tor exploits cited.
“These exploits represent a fundamental flaw in the current Tor architecture,” part one of the series notes. “People often think that Tor provides network anonymity for users and hidden services. However, Tor really only provides superficial anonymity. Tor does not protect against end-to-end correlation, and owning one guard is enough to provide that correlation for popular hidden services.”
Furthermore, the blog post said that the next article in the series would be a ruthless evaluation of the entire Tor network. It didn’t take too much imagination to understand that in 17 years, individuals with an incentive have likely reckoned out how to deanonymize Tor users.
“Someone with enough incentive can block Tor connections, uniquely track bridge users, map exit traffic to users, or find hidden service network addresses,” the first “Tor 0-day” paper accomplishes. “While most of these exploits require special access (e.g., owning some Tor nodes or having service-level access from a major network provider), they are all in the realm of feasible and are all currently being exploited.” The paper also states that:
Meanwhile, another privacy project in the works called Nym aimed to offer secrecy online and claimed it would be healthier than Tor, VPNs, and I2P (Invisible Internet Project).
Nym’s website also said that Tor’s anonymity features could be negotiated by individuals capable of “monitoring the entire network’s ‘entry’ and ‘exit’ nodes.” As a distinction, the Nym project’s ‘lite paper’ detailed that the Nym network “is a decentralized and tokenized infrastructure providing holistic privacy from the network layer to the application layer.”
Nym also utilizes a mixnet that aimed to protect a user’s network traffic, and varies and is compensated for the mixing process.
“The intensive but useful computation needed to route packets on behalf of other users in a privacy-enhanced manner—rather than mining,” the lite paper enlightens. Additionally, Nym is compatible with any blockchain as the “Nym blockchain maintains the state of credentials and the operations of the mixnet.”
The Nym team recently invoked that a tokenized testnet experiment is leveraging bitcoin (BTC) for rewards. The announcement states that many people have set up mixnodes, and they had to close the testing ground because it had disappeared over 100 mixednodes. Even though individuals can set up a mixnodes to prepare for the next round, Nym development team’s website details.