Encrypted Browser Tor Targeted By NSA
October 6, 2013

US, UK Security Agencies Reportedly Trying To Crack Tor Network

redOrbit Staff & Wire Reports - Your Universe Online

Documents released Friday by former NSA contractor Edward Snowden reveal that the US security agency is attempting to target the privacy-protecting Tor web browsing software, various media outlets have reported.

Tor, which is short for The Onion Router, is currently used by approximately 500,000 people, said Slate.com writer Ryan Gallagher. The majority of those individuals are human rights advocates or journalists attempting to mask their activity from the prying eyes of their governments – although Tor can also be used by criminal agencies or terrorist cells, which makes it of interest to federal security agencies such as the NSA.

“The Tor network is an open-source software project that renders users anonymous by relaying multiply encrypted communications across many different computers around the Internet, effectively obscuring a user's location and activity from anyone conducting surveillance or analyzing Web traffic. (Such as, say, the NSA.),” ReadWrite’s Brian Proffit said. “The network makes it much more difficult to trace site visits, messages, posts or other communications to any particular individual.”

“On Friday, newly released documents leaked by former NSA contractor Edward Snowden revealed the extent of the agency’s attempts to monitor Tor users’ Internet activity,” Gallagher added. “Top-secret slides shed light on how the NSA has worked to infiltrate the Tor anonymity network in apparent cooperation with allied agencies in Britain and the other members of the ‘Five Eyes’ network – Australia, New Zealand, and Canada. But the spies’ efforts to infiltrate Tor have not been entirely successful, which will come as welcome news to privacy advocates.”

The top-secret documents leaked by Snowden were obtained (and at least one of them, published) by The Guardian. They reveal that the NSA has had some success against Tor by identifying users, then attacking vulnerable software programs installed on their computers. According to the UK newspaper, one of the agency’s techniques targeted the Firefox web browser, using it to gain total control of a computer – complete with access to files, keystrokes, and online activity.

“Despite Tor's importance to dissidents and human rights organizations, however, the NSA and its UK counterpart GCHQ have devoted considerable efforts to attacking the service, which law enforcement agencies say is also used by people engaged in terrorism, the trade of child abuse images, and online drug dealing,” the Guardian said. “While it seems that the NSA has not compromised the core security of the Tor software or network, the documents detail proof-of-concept attacks, including several relying on the large-scale online surveillance systems maintained by the NSA and GCHQ through internet cable taps."

Ironically, Jeff John Roberts of GigaOm pointed out that the Tor technology itself was largely funded by the US government, who viewed the network as a way to establish a private communication system both for the military as well as for political dissidents living in authoritarian nations. He added that security experts said that the American government is “working at cross purposes” by simultaneously helping to build and crack secure, anonymous communications networks, even if they could be used by terrorists.