Tor has been embraced by lawful and unlawful users alike. It helps those who value their online privacy and dissidents who live in countries with oppressive governments, but it also provides ways for cyber criminals, terrorists and other bad guys to avoid identification. This has made breaking Tor’s anonymity a top priority for government agencies both at home and abroad.
What is Tor?
Short for The Onion Router, Tor is a network of donated servers run by volunteers around the globe. Tor works by routing traffic through a random network of computers called relays. For example, say you are located here in Maryland and want to access a web page on a server in Australia. Under normal circumstances, you type in the URL and the packets take a more-or-less direct route from your computer to the Australian server and back.
With Tor, the packets may bounce from relay to relay anywhere in the world, and at each at each step the traffic is encrypted. Each relay only knows where the packet came from and where it is going next. No single computer in the chain knows the entire route. This is what makes Tor users so difficult to identify.
In the United States:
The United States government seems to be of two minds about Tor. On one hand, Tor is a brainchild of the U.S. military. It was created to protect whistleblowers and journalists operating in restricted areas from repartitions, and in 2012, over half of the Tor Project’s revenue came from government grants.
On the other hand, the National Security Agency (NSA) has been working to unmask Tor’s users. The classified documents released by Edward Snowden in 2013 revealed the NSA has had success in separating Tor traffic from regular Internet traffic. This is due to their ability to monitor huge chunks of Internet traffic through connections to the large telecommunications companies that provide Internet access to most of the country’s population.
They have been less successful in separating one Tor user from another. Their best success has come from not from the Tor package, but from the browser it comes from. The default Tor package uses the Firefox browser, which has some vulnerabilities. Most of these vulnerabilities come from plugins like Javascript and Adobe Flash.
Most governments cannot use the NSA’s technique for separating Tor traffic from normal traffic because they lack the close ties to telecom companies or the ability to monitor large swaths of Internet activity in real time.
In Russia:
Last year the Russian Ministry of the Interior ran a contest for Russian nationals and companies with a goal of finding a workable method of de-anonymizing Tor’s users. The grand prize? A contract worth a cool 4 million rubles, equivalent to $111,000 USD. News reports indicate the contract was awarded, but the Russian government did not name the winner.
In China:
While the Chinese government has been silent on what efforts they are taking to unmask Tor users, it is known they have taken the approach of blocking access to the Tor software and public relays. The “Great Firewall of China” is capable of deep packet inspection and can identify and block non-public relays based on specific protocols unique to Tor. It is possible for Tor users in China to get around these blocks using different techniques.
What’s in Tor’s Future?
The Tor Project has a core of a small number of employees, but uses a network of volunteers and crowdsourced labor to patch vulnerabilities and keep its users anonymous. When the annual Black Hat security conference announced a panel on how to de-anonymize Tor users, the team went to work on closing the loophole before the conference even took place. It seems that for now, Tor will remain a useful tool for those who wish to keep their online activities secret, for better or worse.
- Stalking threats still very real for TV actress - 10/16/2024
- CrowdStuck thanks to CrowdStrike - 07/25/2024
- AT&T breach too big to ignore - 07/14/2024
Leave a Reply
You must be logged in to post a comment.