ICYMI: Tor sniffing, router bugs and Hacking Team fallout
ICYMI: Tor sniffing, router bugs and Hacking Team fallout

Tor network exit nodes found to be sniffing passing traffic

If you are routing your traffic through the Tor network, don't make the assumption that it is always providing end-to-end security.

The very network nodes that relay anonymous Tor traffic for you, free of charge, may be sniffing or reading your data as it passes through. That's the conclusion of an investigation by a security researcher known as Chloe.

Old-school router attack wreaking havoc to networks

In further proof that the old ones truly are the best ones, attackers are using routers running RIPv1 software from the 1980s to launch reflection and amplification DDoS attacks.

According to Prolexic, part of Akamai, RIPv1 is a fast, easy way to dynamically share route information using a small, multi-router network. A typical request is sent by a router running RIP when it is first configured or powered on. From there, any device listening for the requests will respond with a list of routes and updates that are sent as broadcasts.

To mount a DDoS attack against a target, the attacker sends a query to a RIPv1 router but spoofs the originating IP address in the request. The router then sends a response, converting a small query request into a large response packet which is directed at the target server. Research indicates that attackers tend to favour routers which have a large amount of routes in their database – thus a 24 byte request can be converted into a 504 byte response payload, which is why this method is called a “reflection and amplification DDoS attack”.

In an actual attack against an Akamai customer in May, the researchers found that the attackers were most likely using enterprise-grade routers hardware. This attack method works because RIPv1 does what it was designed to do and therefore it is likely to continue to be exploited.

Hackers blow the doors off Hacking Team, expose 400GB confidential data

Italy's Hacking Team, an alleged practitioner in the dark art of citizen surveillance, has reportedly been subjected to a severe hack itself.

It's not quite the Italian Job (“You were only supposed to blow the bloody doors off!”), but the attackers got away with the company's gold in the form of 400GB of confidential data, including source code, internal documents and emails.

According to the hackers, the data reveals lists of Hacking Team's customers, including a number of governments, and is available to anyone who wants to download the 400GB of data. Hacking Team has tweeted that the torrent link contains malware but other security experts have dismissed this claim as bogus.

Harvard hacked: the impact of educational cyber-crime

University networks are becoming increasingly more attractive targets, as witness last week's attack on Harvard University in America, argues James Burns.

Can Bitcoin-based Enigma encryption succeed where HE has failed?

Davey Winder looks at how the Bitcoin-based Enigma encryption can be a success, and follow from the failure of Homomorphic Encryption.