Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,330 --> 00:00:06,910
Web site traffic fingerprinting against Tor traffic it is possible that Tor is vulnerable to attack
2
00:00:06,910 --> 00:00:13,900
called Website Traffic fingerprinting which you may recall I mentioned in the section on VPN.
3
00:00:13,890 --> 00:00:21,060
It is a passive eavesdropping attack that looks at the size and timing of encrypted data streams where
4
00:00:21,060 --> 00:00:28,560
although the adversary only sees encrypted traffic the adversary can still guess what web page is being
5
00:00:28,560 --> 00:00:33,300
visited because all web pages have specific traffic patterns.
6
00:00:33,300 --> 00:00:38,780
They can only guess if they know the pattern of the web page in advance though.
7
00:00:38,820 --> 00:00:42,640
So if you're going to pages they were not aware of.
8
00:00:42,690 --> 00:00:44,920
They wouldn't have a patent for it.
9
00:00:44,940 --> 00:00:49,080
The content of the transmission is still encrypted and hidden.
10
00:00:49,200 --> 00:00:57,270
But to which web page you connect to or even the site because they know the page isn't private or secret
11
00:00:57,270 --> 00:00:57,970
anymore.
12
00:00:58,110 --> 00:01:05,160
There are multiple research papers as I've mentioned from what I've read I think the attacks against
13
00:01:05,190 --> 00:01:12,990
Tor are overstated and not a problem yet but something definitely to watch.
14
00:01:13,350 --> 00:01:19,420
And this is the latest paper that I'm familiar with on the topic of Tor fingerprinting.
15
00:01:19,620 --> 00:01:21,410
And for more information on this.
16
00:01:21,450 --> 00:01:31,170
There are some links here to mitigate this you could use multiple chained anonymizing services and or
17
00:01:31,260 --> 00:01:38,700
offsite connections which we will discuss later exit node eavesdropping this has been mentioned in a
18
00:01:38,700 --> 00:01:42,450
couple of videos told by design there's nothing to make private.
19
00:01:42,450 --> 00:01:48,040
The data that comes out of the exit no to the final destination to surf the web.
20
00:01:48,150 --> 00:01:55,140
Anyone running an exit node will be able to see on encrypted traffic and much worse inject into that
21
00:01:55,140 --> 00:01:55,830
traffic.
22
00:01:55,830 --> 00:02:02,180
Things like zombie super cookies to track all malware to try to exploit your device.
23
00:02:02,190 --> 00:02:09,540
The obvious mitigation to this is ending scription TLR us for example and PGE pay etc..
24
00:02:09,660 --> 00:02:15,870
Tor does however provide end to end encryption when you're using hidden services or the darkness or
25
00:02:15,870 --> 00:02:16,830
the dark web.
26
00:02:16,850 --> 00:02:24,300
The dot on Ewan's is there is encryption they're making these more private to use than using the surface
27
00:02:24,300 --> 00:02:27,660
web traffic analysis attacks.
28
00:02:27,660 --> 00:02:35,370
Tor has been shown in the past to be susceptible to analysis of the traffic by passive observer.
29
00:02:35,370 --> 00:02:42,510
If they can see enough relays and this is the last report that I've found on the subject if you want
30
00:02:42,510 --> 00:02:49,620
to read more about traffic analysis attacks toy is susceptible to man in the middle and man on the side
31
00:02:49,620 --> 00:02:50,300
attacks.
32
00:02:50,310 --> 00:02:52,370
This is not really a witness of Tor.
33
00:02:52,390 --> 00:02:58,740
But the weakness of the fundamentals of the Internet and adversary with sufficient means and reach can
34
00:02:58,830 --> 00:03:03,790
intercept your requests and respond to them before the destination.
35
00:03:03,810 --> 00:03:11,100
Fooling you into thinking you are communicating with the real destination the NSA are known to do this
36
00:03:11,100 --> 00:03:11,130
.
37
00:03:11,130 --> 00:03:14,680
This is a known technique of the quantum system.
38
00:03:14,700 --> 00:03:22,440
Your client would then be subject to active attacks such as trying to exploit vulnerabilities in your
39
00:03:22,440 --> 00:03:32,280
browser and in a zombie super cookies to track you Tor is susceptible like anything else to vulnerabilities
40
00:03:32,610 --> 00:03:35,650
in the underlying technology that it uses.
41
00:03:35,730 --> 00:03:41,490
And one such vulnerability could be discovered to erode the anonymity of the service.
42
00:03:41,490 --> 00:03:46,670
A previous example of a widespread bug is the Heartbleed bug.
43
00:03:46,890 --> 00:03:52,560
If you don't run your toll connection permanently It's obvious to an observer when you're attempting
44
00:03:52,560 --> 00:03:55,790
to do something private or anonymous.
45
00:03:55,800 --> 00:04:00,870
This can draw close attention to when you are using Tor.
46
00:04:01,590 --> 00:04:03,960
As we avoid discussed but it is a weakness.
47
00:04:03,960 --> 00:04:06,210
Relays and bridges can be blocked.
48
00:04:06,210 --> 00:04:11,480
It is trivial to block all relays preventing people from using Tor.
49
00:04:11,490 --> 00:04:18,790
It is also not so difficult to block hidden bridges using tools like Zad map.
50
00:04:18,900 --> 00:04:21,000
Not really a weakness but an issue.
51
00:04:21,000 --> 00:04:28,290
Ports are blocked some ports are blocked by some relays on Tor ports you might need to use for example
52
00:04:28,290 --> 00:04:33,470
to get through a firewall could be blocked by many of the relays.
53
00:04:33,480 --> 00:04:41,490
You will then have to use a circuit that is often slower directory authorities or a single point of
54
00:04:41,490 --> 00:04:43,200
security failure if at all.
55
00:04:43,200 --> 00:04:44,990
This is a known issue.
56
00:04:45,030 --> 00:04:53,970
If these directory authorities are compromised then Tor is fully compromised DNS leaking when using
57
00:04:53,970 --> 00:04:57,960
other applications with Tor you risk protocol leaks.
58
00:04:57,960 --> 00:05:03,070
This has been demonstrated many times in many applications including Thunderbird.
59
00:05:03,090 --> 00:05:12,240
Years ago and bit torrent now and while on a topic no bit turns on Tor bit torrents can leak your IP
60
00:05:12,240 --> 00:05:12,940
address.
61
00:05:12,970 --> 00:05:16,030
There's a blog post on it here and a research paper.
62
00:05:16,140 --> 00:05:23,210
If you want to understand more about how bit torrents leak on tour you get captured.
63
00:05:23,210 --> 00:05:30,810
Pop up slowing you down and your language can be preset incorrectly when you're visiting various sites
64
00:05:30,810 --> 00:05:33,250
and doing searches.
65
00:05:33,360 --> 00:05:40,740
The signs you use and access your accounts with can flag you as being suspicious or having suspicious
66
00:05:40,830 --> 00:05:47,180
activity and then block lock or suspend your accounts because you are using Tor.
67
00:05:47,260 --> 00:05:53,670
Maybe the IP address of the exit node has a tainted history or they may know you are using tool and
68
00:05:53,670 --> 00:05:59,640
they don't like that or they will see you're from a country that you're not normally from.
69
00:05:59,640 --> 00:06:06,000
All of this could be seen as suspicious activity on your account block locked suspended.
70
00:06:06,000 --> 00:06:07,100
That's happened to me.
71
00:06:07,110 --> 00:06:08,540
It's a pain.
72
00:06:08,790 --> 00:06:11,100
If you see this you are all here.
73
00:06:11,100 --> 00:06:14,170
This is a list of services blocked by Tor.
74
00:06:14,280 --> 00:06:15,220
That is a problem.
75
00:06:15,230 --> 00:06:21,610
Tor is blocked by some web site some destinations that you do want to visit.
76
00:06:21,630 --> 00:06:29,580
There is no UDP on Tor talk doesn't currently support UDP although it does provide a DNS port if you
77
00:06:29,580 --> 00:06:38,610
require UDP who provides a limited workaround for using UDP and the final weakness is speed.
78
00:06:38,610 --> 00:06:49,200
Tor is slower than some privacy stroke anonymizing services such as VPN and the clarinet that Tor is
79
00:06:49,200 --> 00:06:55,030
getting much better and much faster and the latency issues are improving.
8795
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.