when connecting to the Tor network a MITM attack, such as by an ISP for instance, can apparently be performed using which can be used to route traffic to compromised nodes in a self-contained network which can then decrypt the traffic.
from the Shadow Simulator GitHub repo:
Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches.
also see https://shadow.github.io/
apparently every connection to Tor first connects to 1 of 10 and several of these are in the U.S.
i just learned of this today and am wondering if anyone has any input
when connecting to the Tor network a MITM attack, such as by an ISP for instance, can apparently be performed using [The Shadow Simulator](https://github.com/shadow/shadow) which can be used to route traffic to compromised nodes in a self-contained network which can then decrypt the traffic.
from the Shadow Simulator GitHub repo:
> Shadow is a unique discrete-event network simulator that runs real applications like Tor and Bitcoin, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches.
also see https://shadow.github.io/
apparently every connection to Tor first connects to 1 of 10 [relay authorities](https://metrics.torproject.org/rs.html#search/flag:Authority) and several of these are in the U.S.
i just learned of this today and am wondering if anyone has any input
(post is archived)