TOR issues updated software after server breach

Project leaders say the servers don't appear to have been attacked in a way that compromised TOR

Jeremy Kirk (IDG News Service)
25 January, 2010 06:28
Comments

The TOR Project is advising users to upgrade to a new version of the software following a hack that compromised three of its servers.

TOR, short for "The Onion Router," is a worldwide network of servers that are used to help anonymize people's Web surfing. Web traffic is randomly routed through many servers, masking critical information such as someone's true IP (Internet Protocol) address.

TOR is often used by people who want to enhance their privacy while surfing the Internet, as IP addresses are an important piece of information to collect when monitoring Internet traffic.

Web sites will record the IP address of the last exit point out of the TOR network, which could make it appear users have an IP address from a Brazilian ISP when they are actually in Germany.

The attack did not appear to be specifically aimed at disrupting TOR or compromising people's privacy, wrote Roger Dingledine, the project's director.

Two of the seven directory authorities, which hold a list of nodes in the TOR network, were hacked along with another server that recorded statistics about TOR.

"It appears the attackers didn't realize what they broke into," Dingledine wrote. "It seems we were attacked for the CPU capacity and bandwidth of the servers, and the servers just happened to also carry out functions for TOR."

The project's operators have refreshed identity keys for the two directory authorities, which means people also need to upgrade their TOR clients to versions Tor 0.2.1.22 or 0.2.2.7-alpha.

"We've taken steps to fix the weaknesses identified and to harden our systems further," Dingledine wrote.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: etwork

References show all

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Tape Media and Imation DataGuard T5R Reseller Promotion. Ends June 30, 2012

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Featured Resources

Red Light In the Control Centre Saves Hours of Chaos

First Focus’ core business is supporting customers’ networks, technical infrastructure and staff. While technical emphasis is on Microsoft server and workstation environments, many clients also run hybrid Mac, Linux and Unix environments, and First Focus has significant expertise in seamlessly integrating these technologies with Microsoft-based networks.

Most Popular Resource Papers

Market Potential-Strategy Guide to the Active Archive Market

The active archive market is a growing segment where tape is seen as part of a disk or network fileystem. This means that to an end user disk and tape are “blended” and whether file is held on disk or tape is “invisible” to the end user. The active archive market is the fastest growing space in the storage industry and allows direct end user access to tape through a file system front end.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management