Embed Size (px)
Citation preview
Tor-The Target of User’s Online Anonymity Avkash Kathiriya
Tor – The Target of User’s Online Anonymity?
“TOR”: this is the buzzing word around the security evangelists nowadays, especially after Snowden
revelations.
TOR Introduction: Tor (The Onion Router) was originally designed and implemented by U.S. Naval
research laboratory keeping U.S. navy in mind. Primarily it was designed with the intent of having
anonymity in the government communication. Today, it is used by huge variety of people for various
purposes inheriting anonymity.
But, nowadays integrity of “this” “anonymity” of Tor is under question for several reasons. One of
them is NSA-National Security Agency. Yes, it is said to be under attack by NSA.
It’s being carried out by “SID-Systems Intelligence directorate” which is app vulnerability branch of
NSA. According to NSA presentation shared by Edward Snowden, NSA has developed techniques
exploiting Tor browser bundle. This technique identifies the Tor users on Internet and executes the
exploit against Firefox web browser. This trick is referred as CNE, Computer Network Exploitation.
=================================================================================
Going Step By Step, first step is to identify the Tor users over the internet. This is not the tough task
for NSA at all having partnership with US telecom firms under program codenamed Stormbrew,
Fairview, Oakstar and Blarney.
There are many NSA tools available which has the capability of identifying the Tor users by
monitoring internet. NSA uses the system called “XKeyscore”, a tool which collects information of
Tor users provides with analysis of all the activity of those users.
Doing data analysis for Tor traffic on such an enormous amount of internet traffic is carried out with
the tools codenamed such as Turbulence, Turmoil and Tumult.
Going towards next step, after identifying these Tor users on internet NSA uses some secret internet
servers to redirect these users to another secret internet servers codenamed “FoxAcid”, to infect
their computer. FoxAcid works as a platform between target machine and the attacks developed by
NSA.
Once the target system compromised successfully, it setbacks connection to FoxAcid server where
it’s being targeted for another round of attacks for acquiring long term control over target machine
to send the required information back to NSA.
Though these types of attacks are not actual exploitation of Tor browser but yes it targets the Tor
users.
There are also some hidden systems called Quantum, which tricks target users to visit FoxAcid
servers. These Quantum systems are placed on internet backbone.
Tor-The Target of User’s Online Anonymity Avkash Kathiriya
Tor-The Target of User’s Online Anonymity Avkash Kathiriya
Sources:
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption
http://gizmodo.com/the-nsas-been-trying-to-hack-into-tors-anonymous-inte-1441153819
http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity
