Tor attack: devs say intelligence agencies are most probable suspect -

Tor attack: devs say intelligence agencies are most probable suspect

Ray Walsh

Ray Walsh

January 27, 2015

For about six months of last year some unknown body or organization attacked the Tor anonymity network, taking advantage of an unknown vulnerability in the system that allowed it to de-cloak users.  Now Tor developers are saying that the timing of the attacks and the arrest of another Silk Road 2 operative, as well as the closure and prosecution of various other drug trafficking vendors, is pointing to the fact that it was most probably the FBI or NSA that carried out the intense series of attacks.

Although the hole in Tor has now been patched up and users’ of Tor are once again safe, Tor devs admit that they don’t know how much information was gathered or kept during the attack, or which users were affected. One thing that they will admit however,  is that the way in which the attack was carried out makes it possible that any information collated about IP addresses during the breach may be vulnerable indefinitely.

If you think you could have been affected by the attack yourself, or are simply interested in the more technical aspects of how the attack took place, a full description can be found in an article by Ars Technica.

The good news is that the attack was noticed by Tor operators, perhaps not exactly an absolute triumph for Tor  (which exists solely  to protect user identities,) but definitely a positive aspect of the whole occurrence.  The attack began in January of last year and continued for five months until July, when it was closed down by Tor.

Although the Tor team now have a main suspect (namely American investigatory powers who have been making arrests post-attack), they also point out that the way in which the attack was mounted means that adversary intelligence agencies, or interested parties, could also have been taking advantage of the hole in Tor.  Although this is purely speculative, as Tor have no way to know who organized the attack or who else might have made use of it, and because any information that may have been gathered puts users at risk even into the future, the attack is definitely something of a black mark on the Tor browser and its ability to keep users’ anonymous.

Perhaps that is why the new marketplace that just opened (Silk Road Reloaded) has decided to make use of the I2P network for anonymity, instead of Tor. Having said that, now that the hole in Tor has been patched up, it is probably safer than ever in terms of anonymity to use Tor to protect yourself, and the fact that the problem was eventually spotted and fixed by Tor developers does give one some confidence in the Tor team’s ability to monitor and control the Tor environment. Ultimately, who’s to say that I2P (which is generally considered even ‘deeper’, and therefore more anonymous)  is safer, just because it has not yet been successfully attacked? On the other hand, how can we be sure there is no other way in to Tor?

At the end of the day, anonymity is valuable, and is important to political dissenters, activists, journalists, and a host of other people who seek anonymity for reasons of safety and for other reasonable and legitimate purposes.  While anonymous environments cloak illegal activities, however, crime investigators are going to keep looking for ways to penetrate these services in order to catch criminals.