Dark web users unmasked: Trackers could reveal the identities of criminals who think

[dat feel]

Dark web users unmasked: Trackers could reveal the identities of criminals who think they're hidden

mrz is fucked

@fuckgoebbelz did you really think you had complete anonymity

[Sfcelcope]

I feel sorry for Mrz

[rougeprodigy]

I always had a gut feeling the security of Tor was a little questionable.

[fuckgoebbelz]

That is not concerning, they are banking on you having an insufficient technical background to understand the severity of the attack and then are presenting it as if it means that Tor is less anonymous than it really is. They are essentially saying that you can place clearnet tracking beacons on hidden services, like those invisible single pixel tracking images, by embedding them into forums and such on the darknet. That allows a basic degree of intelligence to be gathered about such a site, because people will load the tracker through Tor Browser if it is hotlinked from a darknet site. It doesn't mean they can deanonymize people just gather statistics about darknet sites. Tor Browser already protects from browser fingerprinting so there will be a substantial crowd of users with the same browser fingerprint anyway, further limiting the usefulness of this attack.

[dat feel]

device and browser fingerprints can be extremely specific though

and i remember when they busted a darknet forum by injecting a file that was tied to a verizon server or whatever, it was there for months before the admin caught it, do you remember the details?

but since you're using tails, you're using everything out of the box with no modifications, so in theory that makes it very hard to fingerprint something like that

[fuckgoebbelz]

device and browser fingerprints can be extremely specific though

and i remember when they busted a darknet forum by injecting a file that was tied to a verizon server or whatever, it was there for months before the admin caught it, do you remember the details?

but since you're using tails, you're using everything out of the box with no modifications, so in theory that makes it very hard to fingerprint something like that

Tor Browser takes measures against creating a unique fingerprint, particularly with javascript disabled and not resizing the browser window, there is just a massive crowd to blend into. Yes FBI has done numerous attacks against the Tor CP sites, their earliest attacks were primitive things like flash bypasses, their more recent attacks are more concerning, though the ones we've actually seen so far would not have been successful against people who took basic measures like not enabling javascript, keeping their tor browser up to date, and importantly also having a secure isolated environment to run Tor Browser in, like the attacks I'm aware of all targeted people with glaring problems in their operational security. The exception to this would be the RELAY_EARLY attack, but that was traffic analysis rather than application layer hacking. They've also done stylometric attacks allegedly, though as always you need to wonder if they ever parallel construct. I've never seen them do an attack that would have deanonymized me though, because I used WiFi access points in addition to Tor, and moved around frequently, so even something like RELAY_EARLY would have only gotten the IP address of my access point, so I had some degree of protection from that attack even though it would have been a near compromise at best.

Of course my primary layer of security is always being in countries without laws against doing whatever I want to.

This attack also only works against people going to poorly configured hidden services, which is unfortunately a lot of people. People are mistaken oftentimes and think that using Tor by itself is enough to magically protect them from all possible threats. Many people operating hidden services have no idea what they're doing, they're just barely competent enough to configure a web server and know how to install Tor and can figure out making the web server a hidden service, but they don't know anything what-so-ever about actual computer security beyond this, or have a very basic understanding of it only. The same for operational security as well, I mean some people are operating hidden services out of their own houses on their personal equipment, and although I hear professionals name scenarios in which they consider this to be advisable, I personally would never lower my own operational security by such an extent that the deanonymization of my hidden service is the deanonymization of me, I would only ever operate a server that was completely unlinkable to me paid for anonymously in some data center using fake information.

Someone who knows what they're doing will disable hotlinking of images on their hidden service, I mean that is a basic thing you would keep in mind when setting up a hidden service if you had a developed enough security sense to think about the problem. Otherwise you allow an attacker to force your users to open circuits to arbitrary destinations which can be used toward traffic confirmation attacks is my biggest concern with the ordeal, and if I were on a given site and cared enough I would instruct their administration in properly configuring this, as I did for a drug forum many years ago that originally allowed the hotlinking of images until I explained this risk to them.