HackDig : Dig high-quality web security articles for hacker

Did Carnegie Mellon Attack Tor for the FBI?

2015-11-18 12:45

There's pretty strong evidence that the team of researchers from Carnegie Mellon University who canceled their scheduled 2015 Black Hat talk deanonymized Tor users for the FBI.

Details are in this Vice story and this Wired story (and these two follow-on Vice stories). And here's the reaction from the Tor Project.

Nicholas Weaver guessed this back in January.

The behavior of the researchers is reprehensible, but the real issue is that CERT Coordination Center (CERT/CC) has lost its credibility as an honest broker. The researchers discovered this vulnerability and submitted it to CERT. Neither the researchers nor CERT disclosed this vulnerability to the Tor Project. Instead, the researchers apparently used this vulnerability to deanonymize a large number of hidden service visitors and provide the information to the FBI.

Does anyone still trust CERT to behave in the Internet's best interests?


Source: 3637.2//golb/:5102,moc.reienhcs.www:gat

Read:2184 | Comments:0 | Tags:No Tag

“Did Carnegie Mellon Attack Tor for the FBI?”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud