Marubucin aikin OrNetRadar, wanda ke lura da haɗin sababbin ƙungiyoyi na node zuwa cibiyar sadarwar da ba a sani ba ta Tor, buga rahoto akan gano babban mai ba da haɗin kumburi Tsananin Tor, wanda ke ƙoƙarin yin amfani da zirga-zirgar masu amfani.
Dangane da waɗannan ƙididdigar, a ranar 22 ga maNa gyara haɗin yanar gizo zuwa ga hanyar sadarwar Tor ta babban rukuni na maharan maƙaryata, a cikin abin da mai kai hari don samun ikon sarrafa zirga-zirga, ya rufe 23,95% na duk kira ta hanyar nodes ɗin fita.
A cikin watan Disamba 2019 na yi rubutu game da matsalar girma na maganganu masu haɗari a kan hanyar sadarwar Tor tare da iƙirarin wayar da kan jama'a da haɓaka yanayin cikin lokaci. Abun takaici, maimakon samun sauki, abubuwa sun tabarbare, musamman idan ya kasance ga mummunan aikin fitar da wuta na Tor.
A ƙwanƙolinta, kungiyar zalunci ta kunshi kusan node 380. Ta hanyar haɗa nodes dangane da imel ɗin tuntuɓar da aka jera akan sabobin tare da mummunan aiki, masu bincike Sun sami damar gano aƙalla ƙungiyoyi 9 daban-daban na mahaɗan fitarwa waɗanda ke aiki na kusan watanni 7.
Masu haɓaka Tor sunyi ƙoƙari don toshe masu karɓar baƙi, amma maharan sun dawo da ayyukansu cikin sauri. A halin yanzu, adadin mugayen rukunin yanar gizo sun ragu, amma fiye da 10% na zirga-zirga har yanzu suna wucewa ta cikinsu.
Akwai matakan kariya, kamar shigar da HSTS da HTTPS ko'ina, amma a aikace, yawancin masu amfani da gidan yanar gizo basa aiwatar dasu kuma suna barin masu amfani da su cikin irin wannan harin.
Wannan nau'in harin ba shi da takamaiman mai bincike na Tor. Ana amfani da masarrafar mugu kawai don samun damar zirga-zirgar masu amfani da kuma sanya wahalar ganowa, mahaukaci bai afkawa dukkan gidajen yanar gizon daidai ba.
Da alama suna neman farko yanar gizo masu alaƙa da cryptocurrencywatau ayyukan hadawa da yawa.
Sun maye gurbin adiresoshin bitcoin a cikin zirga-zirgar HTTP don tura ma'amaloli zuwa walat ɗin su maimakon adireshin bitcoin da mai amfani ya bayar. Adireshin Bitcoin sake rubutawa hare-hare ba sabo bane, amma girman ayyukansu shine. Ba zai yuwu a tantance ko sun shiga cikin wasu nau'ikan harin ba.
Cutar da aka yi niyyar kawar da shafin HTTPS daban-daban na ayyukan da aka yi amfani da su a kan nodewar fitarwa ana ganin su a kan hanyar farko zuwa wata hanyar da ba a ɓoye ba a kan HTTP, wanda zai ba maharan damar kutsawa cikin zaman ba tare da gurbata takaddun TLS ba (harin "Cire SSL").
Irin wannan tsarin yana aiki ga masu amfani waɗanda suka rubuta adireshin shafin ba tare da nuna "https: //" a sarari a gaban yankin ba, kuma bayan buɗe shafin kada ku mai da hankali kan sunan yarjejeniya a cikin sandar adireshin Tor browser. Don kariya daga toshewar hanyoyin zuwa shafukan HTTPS, ana bada shawarar yin amfani da preload na HSTS.
Na isa ga wasu sanannun shafukan yanar gizo masu tasiri, don haka zasu iya rage wannan akan matakin fasaha ta amfani da preload HSTS. Wani kuma ya sanya HTTPS-Duk wuraren dokoki don sanannun yankuna da abin ya shafa (HTTPS A ko'ina an girka ta tsohuwa a cikin mai bincike na Tor). Abin takaici, babu ɗayan waɗannan rukunin yanar gizon da aka kunna pre-HSTS a lokacin. Akalla ɗayan shafin yanar gizon bitcoin ya shafi aiwatar da HSTS preload bayan koyon waɗannan abubuwan.
Bayan Disamba 2019 blog post, Project Tor yana da wasu kyawawan tsare-tsare na 2020 tare da mutum mai sadaukarwa don inganta tuki a cikin wannan yanki, amma saboda sallamar kwanan nan da ta shafi COVID19, an sanya wannan mutumin zuwa wani yanki.
A saman wannan, a bayyane yake cewa hukumomin kundin adireshin sun daina cire bayanan da suka saba cirewa na 'yan makonni.
Ba a san abin da ya haifar da wannan canjin manufar ba, amma ga alama wani yana son shi kuma yana ƙara ƙungiyoyin wasan ba da sanarwa.
A ƙarshe, idan kuna son ƙarin sani game da shi, zaku iya bincika cikakkun bayanai a cikin bin hanyar haɗi.