As the article notes, it’s hard to tell just how much of the unmasking comes from exit node control. An exit node will only know what public services are being accessed, without knowledge of any of the user’s addressing/location data (since each node only knows that information about the single hop in each direction). Plus, I’m not even sure exit nodes are used at all when connecting to a tor-hosted service (no need to exit the tor network, after all).
It sounds like the servers are being compromised and then being used to exploit IP-leaking vulnerabilities in how the browser/plugins and Tor network connection are configured.
I’m sure they’ve got a lot of tricks up their sleeves, but exit node control seems like the least significant of them.
As the article notes, it’s hard to tell just how much of the unmasking comes from exit node control. An exit node will only know what public services are being accessed, without knowledge of any of the user’s addressing/location data (since each node only knows that information about the single hop in each direction). Plus, I’m not even sure exit nodes are used at all when connecting to a tor-hosted service (no need to exit the tor network, after all).
It sounds like the servers are being compromised and then being used to exploit IP-leaking vulnerabilities in how the browser/plugins and Tor network connection are configured.
I’m sure they’ve got a lot of tricks up their sleeves, but exit node control seems like the least significant of them.