NSA Trying Hard To Compromise Tor, But It's Still Mostly Safe
from the good-news dept
The latest from the Guardian out of the Ed Snowden leaks shows that the NSA and GCHQ have been trying desperately to target Tor, even though Tor is largely funded by the US government. The good news is that they basically haven’t been able to attack the underlying Tor network, but rather rely on exploits elsewhere, such as within Firefox to try to target certain individuals.
Top-secret NSA documents, disclosed by whistleblower Edward Snowden, reveal that the agency’s current successes against Tor rely on identifying users and then attacking vulnerable software on their computers. One technique developed by the agency targeted the Firefox web browser used with Tor, giving the agency full control over targets’ computers, including access to files, all keystrokes and all online activity.
But the documents suggest that the fundamental security of the Tor service remains intact. One top-secret presentation, titled ‘Tor Stinks’, states: “We will never be able to de-anonymize all Tor users all the time.” It continues: “With manual analysis we can de-anonymize a very small fraction of Tor users,” and says the agency has had “no success de-anonymizing a user in response” to a specific request.
Another top-secret presentation calls Tor “the king of high-secure, low-latency internet anonymity”.
In response to all of this the NSA put out one of its typically bland and empty statements about how what it does is “authorized by law” and it should be no surprise that it’s seeking information on bad people.