Silk Road forums

Discussion => Newbie discussion => Topic started by: SirNomDePlum on July 19, 2013, 11:23 am

Title: Fake entry nodes - total redirection
Post by: SirNomDePlum on July 19, 2013, 11:23 am
An interesting read -
http://security.stackexchange.com/questions/24971/how-does-tor-protect-against-fake-entry-nodes-total-redirection *Clearnet link*

Question to all the super smart cyber security people here:
Any validity to this? If yes, how to defend?

From the site:

How does Tor protect against fake entry nodes / total redirection?
up vote 7 down vote favorite
   

There is much material on how to protect yourself from malicous exit nodes, especially by using SSL and minimizing the leakage of identifying information (user-agent, screen size, etc.).

However, I was wondering why an attacker could not just setup a bunch of fake Tor entry nodes, and redirect your outgoing connections to them (assuming you must route all data through their network). They could even virtualize or fake the whole Tor network with ease.

What measures does Tor have against such attacks, and what can a user do against it?

Are there e.g. a list of hardcoded entry servers with known public keys? If so, how do I know that those priviliged servers are not operated by the NSA or the Chinese or whoever? They could be a) compromized from day one, or b) someone could have manipulated www.tor.com when I downloaded the software, and replaced the server list and checksums.

###

Question to all the super smart cyber security people here:
Any validity to this? If yes, how to defend?