Analysts with access to a target system may intentionally weaken their Tor configuration to allow traffic interception. In this video, Mike Chapple explains the process of Tor circuit shaping.
- [Instruction] Circuit reconstruction attacks … depend upon an adversary compromising large portions … of the Tor network … and then hoping that their target selects a circuit … that uses only to those compromised nodes. … But what if an attacker could control the nodes … that a victim selects … and instead of using random nodes, … the victim chooses to use only compromised nodes? … This is an attack known as circuit shaping. … The attacker compromises the victim's computer in some way … and then tampers with their Tor software … causing them to select circuits … built exclusively from nodes that are under … the attacker's control. … Now circuit shaping isn't easy. … It requires either hacking into the victim's computer … and altering the Tor software that's already there. … Or tricking the end user into installing … a compromised version of Tor, … but if it's successful … this attack will completely undermine the security … of all Tor communications from that system. … As an end user, the best protection against circuit shaping …
- What is the dark web and who uses it?
- The purpose of the Tor Browser
- Cryptography and perfect forward secrecy
- Installing the Tor Browser
- Accessing the standard internet with the Tor Browser
- Safeguarding privacy on Tor
- The role of hidden servers on the dark web
- Locating and accessing hidden websites
- Vulnerabilities in Tor