Password Leak: How the White-hatter Did It

A couple of weeks ago I wrote a material about embassies having low security. Security expert Dan Egerstad has disclosed a vulnerability back then and just to show them that their system was flawed, he posted their e-mail passwords online (where exactly it is not known). And we are talking about more than 100 cases here, embassies for Russia, Uzbekistan, Kazakhstan, India and Iran.

I was quite astonished to find out that embassies have such problems, but I couldn't help wondering how he did it. It seems that the security professional has volunteered his own servers to route traffic for the Tor Project, as SecurityFocus informs.

What was really unexpected was the fact that the people on the same network were transmitting data in an unencrypted form. What were they thinking? It's a good thing that Egerstad disclosed this before something bad happened as a lot of transited info was confidential.

The problem is that people who are using Tor are not doing it in the right way, as Egerstad suggested. The Tor project works in the usual onion routing mode and only the final server will decrypt the data before sending it to its destination on the Web. That's where the Egerstad came in, eavesdropping on the cyber-conversations. The security professional loaded the Tor software onto three servers in Sweden, one in the U.S. and one in Asia and volunteered the systems as exit nodes, as SecurityFocus informs. That sounds pretty clever, but this is not the first time such things happen because of Tor.

While reading on the same site, I found out that even though out of about one thousand exit nodes, the researcher had control over 5, he still collected a lot of data, and by that I mean the e-mail credentials for more than 1.500 government workers, corporate employees and others that were using the Tor network.