Independent researcher George Tankersley and CloudFlare security team member Filippo Valsorda again showed how Tor users are not as secure as they wish.
Speaking during the Hack in the Box conference in Amsterdam, the researchers said motivated users can subvert anonymous access to the service. Hackers can identify the original location of users by operating rogue HSDir (hidden service directory) nodes that are required - with two sets of three needed to connect to the hidden service - with four days of operation to be marked as a "trusted" HSDir node.
A malicious HSDir instead of an exit node can be used in the process, making it easy to attack hidden service users.
"If you run a hidden service that does not need location hiding, you are unnecessarily exposing your users to this risk," according to the researchers. "It would probably be better to let them use Tor on your TLS-enabled clearnet site."
Scientists create the best police AI using data scrapped from the dark web
Apple releases the most important software update of 2024 for iPhone models
Twitter admits to 'security incident' that leaked private tweets to the public
Apple apologies for new iPad Pro ad that 'missed the mark' and pulls it from airing on TV
People are falling in love with this AI chatbot and getting their hearts broken
Assassin's Creed Shadows hits 2 million players, beats Origins and Odyssey launch performance
EU launches crackdown on pricing tricks in games like Fortnite and Call of Duty
Battlefield 6 gameplay leaks: new map, vehicles, rolling mechanics, gunplay
GTA 6 being delayed could 'tank companies', and studios are avoiding it like the plague
Razer's 'Project Ava' joins the AI copilot race, but the tech still has a lot to prove
ASUS TUF Gaming Radeon RX 9070 OC Edition Review - RDNA 4 Impresses, But the Price Doesn't
ASUS ROG Swift OLED PG27UCDM Gaming Monitor Review - 27-inch 4K 240Hz for $1099
Alienware AW2725Q Gaming Monitor Review - 4K 240Hz for $899
Samsung 9100 Pro 4TB SSD Review - A New Contender
DapuStor Roealsen6 R6101 7.68TB Enterprise SSD Review - Boss of 1-DWPD Storage
Acer Predator GM9000 2TB SSD Review - High Performance Efficiency
ASUS TUF Gaming GeForce RTX 5070 OC Edition Review - 1440p Gaming that's Built to Last
SAPPHIRE Radeon RX 9070 XT NITRO+ Review - RDNA 4's Most Impressive GPU
TeamGroup T-Force GC Pro 2TB SSD Review - 13,000 MB/s on the Cheap
MSI GeForce RTX 5070 GAMING TRIO OC Review - Fantastic OC Performance
GIGABYTE X870E Motherboards and AMD Ryzen 9000X3D Processors - A Perfect Match
GIGABYTE's AMD B850 Motherboards Are All PCIe 5.0 Supported and Ready to Unleash Full Potential
MSI B850 & X870/X870E motherboards unlock AMD Ryzen's full potential with DIY-friendly features
Why your next work laptop should be a Venom BlackBook Zero 14 Phantom
ADATA's Lancer CUDIMM ARGB Memory Introduces a New Horizon of Speed