You are viewing a single comment's thread.

view the rest of the comments →

0
0

[–] DumpAcc98320948 ago  (edited ago)

Most people don't understand what they read because the article doesn't go into laymen terms and is frankly being alarmist.

FBI operated hidden services that were configured in a way to plant malware onto the victims computer that would phone home with the real IP of that user. So, to be compromised in this way, you must access a HIDDEN SERVICE that is being operated maliciously and employing this NIT technique. Honestly it sounds like Man On The Side Attack.

In the past, it has been other user error that caused the hidden service IP leak, like the user ran javascript or used a bad login portal or something like this. Not from exploiting a flaw in TOR itself.

I don't know of any HIDDEN SERVICE that is being used as part of the pizzagate investigation so most people who use TOR here will be using it to vist clearnet websites. When you use TOR to visit websites that are NOT hidden services, you will need to use an exit node that handles traffic in the clear. This is where hackers/agencies will try to do Man In The Middle attacks, but these are obvious because you will find certificate errors and with modern browsers today they will stop you from carelessly doing dumb shit like accepting fake certificates. TOR and its community regularly hunt and blacklist these malicious exit nodes. I have ran into them before and reported it. You can request new circuit/exit node easily from Tor Browser.

There is NO indication that you are able to be fingered from an exit node so long as you are using HTTPS and checking your certificates.