The Hacker News Logo
Subscribe to Newsletter

Several Tor Exit Nodes Vulnerable To Heartbleed Bug

Several Tor Exit Nodes Vulnerable To Heartbleed Vulnerability
Half of the Internet fall victim to the biggest threat, Heartbleed bug and even the most popular online anonymity network Tor is also not spared from this bug.

Tor is one of the best and freely available privacy software, runs on the network of donated servers that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship.

When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes, which can be anywhere in the world. An Exit relay is the final relay that Tor encrypted traffic passes through before it reaches its destination.

But some of these Tor exit nodes are running on the servers with the affected version of OpenSSL installed which are vulnerable to the critical Heartbleed Flaw. This means an attacker can grab the hidden information from the Tor network which is actually restricted by the Tor service, making it no more anonymising service.

Heartbleed is a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server’s memory, potentially revealing users data in the plaintext, that the server did not intend to reveal.

By exploiting Heartbleed bug on the affected nodes, anyone could find the internal information relating to Tor network that could compromise the security and privacy of the whole network.

In response to this threat, Tor Project leader as well as Tor’s co-developer Roger Dingledine, has rejected 380 vulnerable exit nodes suggesting on the Tor mailing list that the exit nodes running the vulnerable versions of OpenSSL should be blacklisted from the network.

"If the other directory authority operators follow suit, we'll lose about 12% of the exit capacity and 12% of the guard capacity," he writes on the software's mailing list.

Tor promises anonymity to its network users by using proxies to pass encrypted traffic from the source to destination, but the heartbleed bug gives all the hackers privilege to exploit a vulnerable exit node in order to obtain the traffic data, making its users exposed on the Internet.

The first list of rejected exit nodes is released by the Dingledine and he stressed that the affected nodes will not be allowed back on the network even after being upgrade.

I thought for a while about trying to keep my list of fingerprints up-to-date (i.e. removing the !reject line once they've upgraded their openssl), but on the other hand, if they were still vulnerable as of yesterday, I really don't want this identity key on the Tor network even after they've upgraded their OpenSSL,” Dingledine wrote.

Tor service was also targeted by the U.S. intelligence agency NSA, revealed by a classified NSA document titled ‘Tor Stinks’ leaked by Edward Snowden. The document shows the interest of NSA in tracking down all Tor users and monitoring their traffic.

Also the recent allegations on the agency using the Heartbleed bug from years to gather information suggests the agency may have used it to track down Tor users. Although the NSA denied the claims of exploiting the Heartbleed bug in order to gather any type of information.

Also Read: How a 19-Year-Old Teenager arrested for Exploiting the most critical Heartbleed Bug to steal private information from the Canada Revenue Agency (CRA) website.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.