Chinese hackers deanonymize TOR and VPN users

This almost certainly doesn't apply to well run darknet markets, but interesting anyway. The gentleman in the picture looks like he could be a DNM shopper ;-)

http://www.nytimes.com/2015/06/13/technology/chinese-hackers-circumvent-popular-web-privacy-tools.html


Comments


[2 Points] datdnmtrowaway:

This is a pretty basic attack, it's not really a vulnerability in tor or VPNs.

It relies on people logging into large Chinese sites which know your identity via tor, - bad idea. These sites and/or the Chinese government could easily check if you're connecting via a tor exit node and raise some red flags against your real identity.

Just like we shouldn't login to a personal gmail or amazon account in tor assuming you ever logged into it outside of tor, or it has any personal info...

Also, it's relying on the other sites being visited having code injected into them. eg. not sanitizing the input of comments or other comments.


[1 Points] MLP_is_my_OPSEC:

Facebook has been doing something similar for a while now to mine user data while they have FB open in another tab.


[1 Points] Derrick4Real:

Damn...China just pwnd the entire Federal Personnel system...twice this week (announced this week, happened earlier in the year).

They are really going HAM!