The attack has only affected V3 and not the older versions.
#Attack tor network Patch#
The Tor team has now announced an experimental patch to solve the problem, but this patch needs to be applied to both the server side and the client side for it to work. Due to the outage some service in the Tor network launched temporary v2 onion links that helped them to return online, the Tor Project team is working hard to provide a fix for this problem, even if it is a temporary one.
![attack tor network attack tor network](https://csinfotechblog.files.wordpress.com/2014/11/exit-node-serving-onionduke-malware.png)
#Attack tor network Offline#
On January 11, 2021, V3 onion services were offline for for 12 hours. Utilising this defence improves the security and anonymity of Tor users, but at the same time it does not impose unacceptable high costs on the Tor network.The Tor network has been experiencing attacks since January 6, 2021, this attack has caused all v3 onion domains to go offline. The proposed defence can protect against such attacks, is usable, easy to implement and easy to deploy. To the author’s best knowledge this work presents for the first time a general defence directly defending end-to-end confirmation attacks against the Tor network. The ultimate goal of the thesis is to better protect Tor users against end-to-end confirmation attacks. Instead the defence requires higher bandwidth from Tor nodes. At the same time Tor is not slowed down by the defence from a user’s perspective. Experiments on the live Tor network and large-scale simulations of Tor show that the proposed defence can protect against end-to-end confirmation attacks. This also studies the costs associated with the defence in order to better understand if it is worthwhile to deploy the defence to the Tor network. In a second step the thesis develops a defence against end-to-end confirmation attacks based on dummy traffic and examines the level of protection this can provide to users. This builds the necessary foundation to better protect against them. It confirms by experiments on the live Tor network that end-to-end confirmation attacks are still a valid and serious threat against Tor.
![attack tor network attack tor network](https://user-images.githubusercontent.com/5946444/68077112-79c3cf00-fdbe-11e9-8b0c-910572eda7de.png)
This thesis investigates end-to-end confirmation attacks against the current size Tor network with the goal to better understand the threat such attacks pose to users. For this reason it is necessary to not rely on one protection mechanism alone in order to keep Tor users safe and provide the anonymity they expect from Tor. What is the real threat today for users by end-to-end confirmation attacks? In addition, current research shows that Tor’s approach to defend such attacks has its own limitations. However, it is not known how effective they actually can be against the current size Tor network.
![attack tor network attack tor network](https://www.extremetech.com/wp-content/uploads/2015/07/tor-onion.png)
Successful end-to-end confirmation attacks were demonstrated in the past and researchers assume that such attacks are generally possible against the Tor network. Instead Tor makes it harder for an attacker to come into the position to execute such an attack.
![attack tor network attack tor network](https://i0.wp.com/motherboard-images.vice.com/content-images/contentimage/23566/1436797700578361.jpeg)
Currently, Tor does not directly defend against such end-to-end confirmation attacks, because proposed defences put to much load onto the network. If an attacker can control or observe the nodes where traffic is entering and leaving the network, one can correlate traffic and confirm that a user connected to a particular destination, for instance a Web site. The network consists of voluntarily operated nodes distributed around the world and routes user traffic over three randomly chosen nodes in order to conceal which destinations a user is accessing. Tor is an anonymity network designed for interactive applications such as Web browsing or instant messaging.