Jump to content

Search the Community

Showing results for tags 'tor'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 11 results

  1. The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. This new system is up and running in the Tor protocol version 0.4.7.7, the latest stable release available since last week. Congestion Control "will result in significant performance improvements in Tor, as well as increased utilization of our network capacity," say the maintainers of the project. Tor and congestion Tor (The Onion Router) is a volunteer-run overlay network consisting of thousands of relays that serve as bouncing points for encrypted user network traffic and exit nodes that are essentially the gateways to the public internet. The project's mission is to conceal users' real location and browsing interests, aiming for ultimate internet user privacy and anonymity. One of the downsides of such a system is slow browsing speeds, which are crippled by traffic congestion on the Tor network's nodes and the queues on the exit relays. Regulating traffic congestion on the Tor network is challenging without making concessions on the privacy-preserving mechanisms. However, after nearly two decades of looking for solutions, the project finally introduced Congestion Control. The new system implements three algorithms, namely Tor-Westwood, Tor-Vegas, and Tor-NOLA, which collectively help reduce memory consumption and stabilize and minimize queue delay and latency: Tor Westwood - minimizes packet loss in large pipes Tor-Vegas - estimates queue length and introduces balancing elements Tor-NOLA - works as a bandwidth-delay estimator. Results and implementation The Tor project has run simulations to compare versions 0.4.6 and 0.4.7, and the results are impressive across the board with smoother and improved browsing free of speed limitations and bottlenecks, without adding any burden on end-to-end latency. Throughput graph comparison (Tor) However, for the entire community to benefit from the improvements, exit relay operators will have to upgrade to 0.4.7 of the Tor protocol. Operators of internal Tor nodes do not need to upgrade but will have to set bandwidth limits. That's because traffic patterns will change as Congestion Control is expected to utilize relays at their full capacity. The more clients upgrade to version 0.4.7 (or later), the more apparent the performance increase on the network will become for everyone, but the first results are already notable. Increase in advertised relay bandwidth (Tor) "Because our network is roughly 25% utilized, we expect that throughput may be very high for the first few users who use 0.4.7 on fast circuits with fast 0.4.7 Exits until the point where most clients have upgraded. At that point, a new equilibrium will be reached in terms of throughput and network utilization." "For this reason, we are holding back on releasing a Tor Browser Stable with congestion control until enough Exits have upgraded to make the experience more uniform. We hope this will happen by May 31st" - the Tor Project For the next major stable release, version 0.4.8, the Tor project plans to implement a traffic splitting mechanism that should improve network speeds even more. Tor project upgrades network speed performance with new system
  2. Does Tor provide more benefit or harm? New paper says it depends Tor use is likely more harmful in “free countries,” researchers say. Tor isn’t so sure. Enlarge Westend61 / Getty Images 93 with 67 posters participating The Tor anonymity network has generated controversy almost constantly since its inception almost two decades ago. Supporters say it’s a vital service for protecting online privacy and circumventing censorship, particularly in countries with poor human rights records. Critics, meanwhile, argue that Tor shields criminals distributing child-abuse images, trafficking in illegal drugs, and engaging in other illicit activities. Researchers on Monday unveiled new estimates that attempt to measure the potential harms and benefits of Tor. They found that, worldwide, almost 7 percent of Tor users connect to hidden services, which the researchers contend are disproportionately more likely to offer illicit services or content compared with normal Internet sites. Connections to hidden services were significantly higher in countries rated as more politically “free” relative to those that are “partially free” or “not free.” Licit versus illicit Specifically, the fraction of Tor users globally accessing hidden sites is 6.7, a relatively small proportion. Those users, however, aren’t evenly distributed geographically. In countries with regimes rated “not free” by this scoring from an organization called Freedom House, access to hidden services was just 4.8 percent. In “free” countries, the proportion jumped to 7.8 percent. Here’s a graph of the breakdown: Enlarge / More politically “free” countries have higher proportions of Hidden Services traffic than is present in either “partially free” or “not free” nations. Each point indicates the average daily percentage of anonymous services accessed in a given country. The white regions represent the kernel density distributions for each ordinal category of political freedom (“free,” “partially free,” and “not free.” In a paper, the researchers wrote: The Tor anonymity network can be used for both licit and illicit purposes. Our results provide a clear, if probabilistic, estimation of the extent to which users of Tor engage in either form of activity. Generally, users of Tor in politically “free” countries are significantly more likely to be using the network in likely illicit ways. A host of additional questions remain, given the anonymous nature of Tor and other similar systems such as I2P and Freenet. Our results narrowly suggest, however, users of Tor in more repressive “not free” regimes tend to be far more likely to venture via the Tor network to Clear Web content and so are comparatively less likely to be engaged in activities that would be widely deemed malicious. The estimates are based on a sample comprising 1 percent of Tor entry nodes, which the researchers monitored from December 31, 2018 to August 18, 2019, with an interruption to data collection from May 4 to May 13. By analyzing directory lookups and other unique signatures in the traffic, the researchers distinguished when a Tor client was visiting normal Internet websites or anonymous (or Dark Web) services. The researchers—from Virginia Tech in Blacksburg, Virginia; Skidmore College in Saratoga Springs, New York; and Cyber Espion in Portsmouth, United Kingdom—acknowledged that the estimates aren’t perfect, In part, that’s because the estimates are based on the unprovable assumption that the overwhelming majority of Dark Web sites provide illicit content or services. The paper, however, argues that the findings can be useful for policymakers who are trying to gauge the benefits of Tor relative to the harms it creates. The researchers view the results through the lenses of the 2015 paper titled The Dark Web Dilemma: Tor, Anonymity and Online Policing and On Liberty, the essay published by English philosopher John Stuart Mill in 1859. Dark Web dilemma The researchers in Monday’s paper wrote: These results have a number of consequences for research and policy. First, the results suggest that anonymity-granting technologies such as Tor present a clear public policy challenge and include clear political context and geographical components. This policy challenge is referred to in the literature as the “Dark Web dilemma.” At the root of the dilemma is the so-called “harm principle” proposed in On Liberty by John Stuart Mill. In this principle, it is morally permissible to undertake any action so long as it does not cause someone else harm. The challenge of the Tor anonymity network, as intimated by its dual use nature, is that maximal policy solutions all promise to cause harm to some party. Leaving the Tor network up and free from law enforcement investigation is likely to lead to direct and indirect harms that result from the system being used by those engaged in child exploitation, drug exchange, and the sale of firearms, although these harms are of course highly heterogeneous in terms of their potential negative social impacts and some, such as personal drug use, might also have predominantly individual costs in some cases. Conversely, simply working to shut down Tor would cause harm to dissidents and human rights activists, particularly, our results suggest, in more repressive, less politically free regimes where technological protections are often needed the most. Our results showing the uneven distribution of likely licit and illicit users of Tor across countries also suggest that there may be a looming public policy conflagration on the horizon. The Tor network, for example, runs on ∼6,000–6,500 volunteer nodes. While these nodes are distributed across a number of countries, it is plausible that many of these infrastructural points cluster in politically free liberal democratic countries. Additionally, the Tor Project, which manages the code behind the network, is an incorporated not for profit in the United States and traces both its intellectual origins and a large portion of its financial resources to the US government. In other words, much of the physical and protocol infrastructure of the Tor anonymity network is clustered disproportionately in free regimes, especially the United States. Linking this trend with a strict interpretation of our current results suggests that the harms from the Tor anonymity network cluster in free countries hosting the infrastructure of Tor and that the benefits cluster in disproportionately highly repressive regimes. A “flawed” assumption It didn’t take long for people behind the Tor Project to question the findings and the assumptions that led to them. In an email, Isabela Bagueros, executive director of the Tor Project, wrote: The authors of this research paper have chosen to categorize all .onion sites and all traffic to these sites as “illicit” and all traffic on the “Clear Web” as ‘licit.’ This assumption is flawed. Many popular websites, tools, and services use onion services to offer privacy and censorship-circumvention benefits to their users. For example, Facebook offers an onion service. Global news organizations, including The New York Times, BBC, Deutsche Welle, Mada Masr, and Buzzfeed, offer onion services. Whistleblowing platforms, filesharing tools, messaging apps, VPNs, browsers, email services, and free software projects also use onion services to offer privacy protections to their users, including Riseup, OnionShare, SecureDrop, GlobaLeaks, ProtonMail, Debian, Mullvad VPN, Ricochet Refresh, Briar, and Qubes OS. (For even more examples, and quotes from website admins that use onion services on why they use Tor: https://blog.torproject.org/more-onions-end-of-campaign) Writing off traffic to these widely-used sites and services as “illicit” is a generalization that demonizes people and organizations who choose technology that allows them to protect their privacy and circumvent censorship. In a world of increasing surveillance capitalism and internet censorship, online privacy is necessary for many of us to exercise our human rights to freely access information, share our ideas, and communicate with one another. Incorrectly identifying all onion service traffic as “illicit” harms the fight to protect encryption and benefits the powers that be that are trying to weaken or entirely outlaw strong privacy technology. Secondly, we look forward to hearing the researchers describe their methodology in more detail, so the scientific community has the possibility to assess whether their approach is accurate and safe. The copy of the paper provided does not outline their methodology, so there is no way for the Tor Project or other researchers to assess the accuracy of their findings. The paper is unlikely to convert Tor supporters to critics or vice versa. It does, however, provide a timely estimate of overall Tor usage and geographic breakdown that will be of interest to many policymakers. Does Tor provide more benefit or harm? New paper says it depends
  3. The Motion Picture Association says that circumvention services such as VPNs, DNS masks and Tor networks can pose a direct threat to legitimate streaming services. In comments submitted to the US Trade Representative, the movie industry group highlights various other piracy challenges around the globe. The Motion Picture Association (MPA) represents several of the largest movie industry companies. Traditionally its members were restricted to top Hollywood studios such as Disney and Warner Bros, but last year streaming giant Netflix joined as well. The newcomer hasn’t changed the MPA’s main goal, which is to deter piracy around the globe. The group tackles copyright infringement directly by going after site owners and app developers, but it’s also heavily involved in lobbying efforts. Foreign Trade Barriers This week the MPA sent an overview of global copyright-related challenges to the US Trade Representative (USTR). The submission was sent in response to a request for comments in preparation for the Government’s yearly report on foreign trade barriers. The 85-page document provides a detailed overview of several major US trading partners. The US Government can use this as input for international discussions, hoping to improve the situation for US film companies. While many of the concerns and complaints are not new, there are a few that stand out, starting with the MPA’s concern about ‘circumvention services’ such as VPNs and the Tor Network, which can be used by ‘geolocation pirates’. Problematic VPN and Tor Use Whether the term piracy is appropriate here is up for debate, as the targeted users pay for legitimate streaming services. However, they can use tools such as VPNs to access them in locations where the platforms and content are not licensed. For example, if Netflix is not available in country X, people could use a VPN to make it appear they come from country Y, where the service is legally available. This is a problem, MPA notes, particularly in the United Arab Emirates (UAE). “Circumvention services, such as VPNs, DNS masks or Tor networks, are widely available in the UAE and are used to access and stream content from Internet-based TV and Video-On-Demand services that legitimately operate in different territories, but have not been licensed for the UAE. “This poses a direct threat to legitimate platforms which are currently offering the same content in the UAE,” MPA adds. The submission doesn’t state why this is a particular concern in the UAE, where Netflix is legally available. Nor does it mention which services are accessed without permission there. What stands out most is that the MPA brands these content-neutral tools as ‘circumvention services,’ which is a negative term in copyright circles. Also, the submission suggests that it’s a problem that these services are available, but what would the solution be? Banning VPNs and Tor would be excessive, as these have plenty of legitimate uses too. Pirate Bay Problems Besides the VPN and Tor problem, the MPA’s submission highlights more traditional piracy challenges as well. The Pirate Bay is mentioned a few times, for example, to highlight that German domain registrars are not as cooperative as the anti-piracy group would like. “Several German domain name registrars remain uncooperative, and as such, create a safe haven for internet access through notoriously rogue domain names, such as The Pirate Bay domain names,” the group writes. “Even when domains are disconnected by registrars, they fail to ‘freeze’ the domain, thus enabling the infringers to transfer the domain to a new registrar and continue the illicit activities.” The Pirate Bay is also highlighted in relation to Sweden. Despite the criminal convictions of several of the site’s founders, the notorious torrent site remains available. According to the MPA, Sweden must update its copyright law to properly tackle these and other piracy challenges. “Swedish law must also change in order to curb organized commercial piracy, as evidenced by the difficulties thwarting The Pirate Bay – an operation the court system has already deemed illegal. “These necessary changes should include better tools for the police and aim to stop illegal sites that keep running after being raided by the police, and even after being convicted by a court of law,” the MPA notes. Scene Raids and P2P Groups The MPA also mentions the recent Scene raids, which were partially linked to Sweden. Several topsites were taken down and the movie industry is keeping an eye on the situation to make sure that they don’t come back. “The Scene was substantially disrupted in August 2020 via a global action. However, the opportunity for new groups to take their place remains, and the MPA continues to monitor the landscape to confirm that the group does not resurface,” MPA writes. In the Western Hemisphere, there are plenty of piracy concerns as well. Here, the MPA highlights more activity among P2P release groups, which operate more openly than those from The Scene. “Internet release groups have been identified in Argentina, Brazil, Chile, Ecuador, Guatemala, Mexico, and Peru. These groups are overtly profit driven and utilize different distribution channels to release illicit content. “Rather than closely-held topsites, some of these groups operate public websites and work at the P2P level,” the MPA adds, noting that these groups also recruit operatives in Russia and the United States. Positive Notes The above are just a few of the topics that were highlighted in the MPA’s submission. While the group mostly focuses on shortcomings, it also signals some positive developments here and there. The MPA is most positive about Australia, which “developed excellent tools to fight online piracy” including pirate site blocking. The movie industry group says it will provide more guidance to the Australian Government to improve even further. — A copy of the MPA’s comments regarding the 2021 National Trade Estimate Report on Foreign Trade Barriers is available here (pdf) Source: TorrentFreak
  4. Pirate Tor Browser Updated 2020 by Team-LiL Revamped look , links in folders in toolbar Night mode Connecting to Tor Network Pirate Tor Browser is a bundle package of the Updated Tor client , Updated FireFox Portable browser (with Updated foxyproxy addon) and some custom configs , all has been revamped and Updated , Self extracting archive custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world. it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. For those wanting to reach torrent webpages they cant reach on a normal browser try the updated pirate browser.. portable.. you might have seen the first version that the pirate bay shared in 2013 pirate browser 0.6b http://piratebrowser.com/ alternate download still working now its been updated and revamped.. better updated links added , updated and added some good extensions to hide yourself online , Pirate Tor Browser version 08 build 9.0.5 latest updates to date Pirate.Browser.0.6b - 10/08/2013 - ( First version made by pirate bay org no longer updated ) Better.Pirate.Browser.0.7.(56.0.2) - 27/10/2017 - ( No longer updated by Team-LiL due to Quantum update ) Pirate.Tor.Browser.0.8.(9.0.5) - 11/02/2020 - ( still being updated by Team-LiL ) whats in recent update 11/02/2020 updated version build* updated some browser extensions* updated shortcut url's* Team-LiL HomePage http://lilfellauk.wordpress.com/pirate-tor-browser/ please update to newer version .
  5. Pirate Tor Browser Updated 2020 by Team-LiL Revamped look , links in folders in toolbar Night mode Connecting to Tor Network Pirate Tor Browser is a bundle package of the Updated Tor client , Updated FireFox Portable browser (with Updated foxyproxy addon) and some custom configs , all has been revamped and Updated , Self extracting archive custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world. it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. For those wanting to reach torrent webpages they cant reach on a normal browser try the updated pirate browser.. portable.. you might have seen the first version that the pirate bay shared in 2013 pirate browser 0.6b http://piratebrowser.com/ alternate download still working now its been updated and revamped.. better updated links added , updated and added some good extensions to hide yourself online , Pirate Tor Browser version 08 build 9.0.9 latest updates to date Pirate.Browser.0.6b - 10/08/2013 - ( First version made by pirate bay org no longer updated ) Better.Pirate.Browser.0.7.(56.0.2) - 27/10/2017 - ( No longer updated by Team-LiL due to Quantum update ) Pirate.Tor.Browser.0.8.(9.0.9) updated - 09/04/2020 - ( still being updated by Team-LiL ) whats in recent update 09/04/2020 * means updated updated version build * updated some browser extensions updated shortcut url's updated proxyfoxy patterns Team-LiL HomePage http://lilfellauk.wordpress.com/pirate-tor-browser/ DOWNLOAD version 0.8.(9.0.9)
  6. The Tor Project has raised $86,000 for a Bug Bash Fund that will be used to pay developers to quickly fix critical bugs such as vulnerabilities or privacy issues that leak personal information about a Tor user. Last month, the Tor Project announced that any donations made to the organization in August 2019 would be added to a Bug Bash Fund that would be used to pay for developers to fix critical bugs that come up. The types of issues that the Tor Project considers critical includes vulnerabilities, privacy issues such as when the browser may leak an IP address, issues with signing certificates for Tor addons, or to evaluate and upgrade the Tor browser to new Firefox ESR releases. To rapidly fix these issues, Tor must pay developers to analyze the issue, fix the code, and implement it in the Tor browser. As part of this donation drive, the Tor Project was able to raise $86K that will be used to pay for these costs and quickly fix issues that pop up. For anyone who contributed money to the Bug Smash Fund, the Tor Project stated that you can track how that money is being used as they will tag any bug tickets that utilize this money with the "BugSmashFund" tag. Source
  7. Censorship of news on the internet by the government has long been a point of controversy. Indeed, we have had points in the past where the BBC's Vietnamese website got blocked. On other occasions, China has previously blocked BBC's services in the country, and Iran has dabbled in the same as well. In a bid to fight against censorship and restricted access, BBC announced today that it's launching a mirror of its international news website on the dark web. In a statement, the news site said: To access the website, you will need Tor, which is a web browser that allows you to access content on the dark web securely. The web address for the alternate website to the regular BBC News is bbcnewsv2vjtpsuy.onion. Unsurprisingly, the link cannot be opened in regular browsers because of the 'onion' suffix. The 'dark' version of BBC will have foreign language services like BBC Persian, BBC Russian, and BBC Arabic. UK-only content and services including BBC iPlayer will be unavailable due to broadcasting rights. As stated before, the dark web version will be the international variant of BBC, not the UK variant. Source: 1. BBC turns to the dark web in a bid to fight censorship (via Neowin) - main article 2. BBC News launches 'dark web' Tor mirror (via BBC) - reference to the main article
  8. The team behind the Tails Operating System have announced the availability of Tails 4.0, the first major released to be based on Debian 10. With the re-basing of the operating system, new software is included – two important software packages that were updated are the Linux kernel which adds support for new hardware, and the Tor Browser which was bumped to version 9.0 and stops websites identifying you based on the size of the browser windows using a technique called letterboxing. Other software packages that were updated include KeePassXC which has replaced KeePassX, OnionShare has been upgraded to 1.3.2 bringing usability improvements, the metadata cleaner tool, MAT, has been upgraded to 0.8.0 and loses its graphical interface and now appears in the right-click menu instead, Electrum has been upgraded to 3.3.8 and works in Tails again, Enigmail was updated to mitigate OpenPGP certificate flooding, and Audacity, GIMP, Inkscape, LibreOffice, git, and Tor all received upgrades too. Another major change is to the Tails Greeter. With this update, languages which have too little translations to be useful have been removed, the list of keyboard layouts has been simplified, the options chosen in the Formats settings are now applied because they weren’t before, and finally, it’s now possible to open help pages in other languages than English, when available. The final thing worth mentioning about this update pertains to performance and usability improvements. Tails 4.0 starts 20% faster, requires 250MB less RAM, has a smaller download footprint, adds support for Thunderbolt devices, the on-screen keyboard is easier to use, and USB tethering from iPhone is now supported. Unfortunately, users on previous version will have to perform a manual update to Tails 4.0 but it shouldn’t take too long to do, you can find out more information on the Tails install guide. Source: Tails OS is now based on Debian 10 and ships major Tor Browser update (via Neowin)
  9. OnionFruit Connect permits you to continue using your browser of choice to connect to the TOR network. Having the ability to use a browser that you are already comfortable with makes using TOR more of a seamless process. OnionFruit Connect will initiate the TOR service and then configures your proxy settings allowing your apps to be routed through TOR's tunnel. OnionFruit Connect will notify you that you're protected, confirming that all your internet traffic is being passed through the TOR tunnel safely encrypted. This process ensures that every site you visit gets routed through multiple servers to help mask your actions, making them difficult to track. OnionFruit Connect is easy to set up, making it simple for anyone to access TOR's network without the specific need for added configuration. It allows you to keep using your browser of choice (Google Chrome, Opera, Edge, Firefox, and many more). It also includes auto-updates, a download speed monitor, and custom landing pages. Features Simple design No admin elevation needed for most features [Experimental] DNS-over-Tor (including .onion sites) Custom traffic entry/exit country (US, GB, ES, etc.) Auto start on Windows login Custom launch pages Discord Game Status Standard, obfs4 and meek Bridge Support Regular updates with bug fixes, performance improvements and new features Screenshots What's New in OnionFruit™ 2021.530 - Sunday, 30 May 2021 Settings Remove proxy settings We've decided to remove these settings due to low usage, the client not using proxy settings itself and the lack of support for NTLM/Keberos, which is the most common corporate proxy authentication. Backend Update Dependencies Add extra safety checks for SecurDNS configs Home: https://dragonfruit.network/onionfruit/ Changelog: https://dragonfruit.network/changelog/onionfruit Guide: https://github.com/dragonfruitnetwork/onionfruit/wiki/Getting-Started Download Page: https://github.com/dragonfruitnetwork/onionfruit/releases/ Download: https://github.com/dragonfruitnetwork/onionfruit/releases/latest/download/install.exe Other Downloads: install.exe 24.9 MB OnionFruitConnect-2021.415.0-delta.nupkg 9.17 MB OnionFruitConnect-2021.416.0-delta.nupkg 637 KB OnionFruitConnect-2021.503.0-delta.nupkg 24.1 MB OnionFruitConnect-2021.530.0-delta.nupkg 946 KB OnionFruitConnect-2021.530.0-full.nupkg 24.1 MB RELEASES 454 Bytes Source code (zip) Source code (tar.gz)
  10. The National Security Agency has been trying to crack the online anonymity provided by Tor, a US-funded Internet tool designed to keep Net activity private and said to be widely used by dissidents in oppressive countries, as well as by terrorists. That's according to the latest secret intelligence documents drawn from the cache leaked by Edward Snowden and published by the UK's Guardian newspaper. The NSA hasn't been able to crack Tor outright, but through various means it's been able to "de-anonymize a very small fraction of Tor users," says an internal NSA document quoted by the Guardian. The news of the agency's interest in Tor follows a report last month on the NSA's efforts to circumvent privacy-ensuring encryption of all kinds. The New York Times said the agency has sidestepped common Net encryption methods in a number of ways, including hacking into the servers of private companies to steal encryption keys, collaborating with tech companies to build in back doors, and covertly introducing weaknesses into encryption standards. The revelations are all part of the outcry over surveillance that's been kicked up by the Snowden leaks. Tor -- originally TOR, or "The Onion Router" -- was first developed by the US Naval Research Laboratory and is currently funded in part by the US State Department and Department of Defense. To put it simply, Tor facilitates anonymous Web surfing, forum posting, instant messaging, and other Internet communication by wrapping signals in layers of encryption and then sending them on an unpredictable path through a network of routers. Each router peels off one "skin" of encryption to send the signal along, but no one router has access to all the details -- thus the signal can't be traced back to its sender. US government funding is based, in part, on the desire to help Internet users in a country like China, say, access restricted sites or communicate about prohibited subjects without fear of reprisal. But Tor might also be used by journalists (in the US and elsewhere; Americans use Tor as well) -- who are looking to protect communications. It might even be used, the Tor Project site says, "for socially sensitive communication: chat rooms and Web forums for rape and abuse survivors, or people with illnesses." Law enforcement agencies say Tor is also used by terrorists, drug dealers, and child pornographers. The newly published NSA documents say the agency will "never be able to de-anonymize all Tor users all the time" and that it's also had "no success de-anonymizing a user in response" to a specific request. But the Guardian reports that the agency secretly tries to "direct traffic toward NSA-operated servers," that it measures "the timings of messages going in and out of the [Tor] network to try to identify users," that it "attempts to degrade or disrupt" Tor so people will stop using it, and that it has implanted "malicious code on the computers of Tor users who visit particular Web sites." One NSA technique, code-named EgotisticalGiraffe, took advantage of a flaw in a version of the Firefox browser that was packaged by the Tor Project with other software designed to let people easily get up and running with the service. If people using that software bundle visited particular Web sites, the NSA placed malware on their machines that let the agency access their files and monitor their keystrokes and Web activity. That flaw has since been fixed in more recent versions of Firefox. The NSA justified its actions, in general terms, in a statement sent to the Guardian: In carrying out its signals intelligence mission, NSA collects only those communications that it is authorized by law to collect for valid foreign intelligence and counter-intelligence purposes, regardless of the technical means used by those targets or the means by which they may attempt to conceal their communications. NSA has unmatched technical capabilities to accomplish its lawful mission. As such, it should hardly be surprising that our intelligence agencies seek ways to counteract targets' use of technologies to hide their communications. Throughout history, nations have used various methods to protect their secrets, and today terrorists, cybercriminals, human traffickers and others use technology to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that. But a representative for the Electronic Frontier Foundation, a past Tor Project funder and a self-described defender of free speech and privacy in the realm of technology, was troubled by the revelations. Citing the example of a battered woman who might use Tor to hide her visits to an online help service from her attacker, as well as uses by dissidents, EFF Legal Director Cindy Cohn told CNET, "Of course the government should get to go after bad guys, but they shouldn't be able to break the security and trust promises of the Internet to do that." You can read the Guardian's package of stories about the NSA and Tor here. Update, 1:21 p.m. PT: The Director of National Intelligence has responded to the Tor news. In a post on the "IC on the Record" blog James Clapper says, in part, "the articles fail to make clear that the Intelligence Community's interest in online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies." You can read Clapper's statement in full here. Original Article: http://news.cnet.com/8301-13578_3-57606133-38/nsa-sought-to-unmask-users-of-net-privacy-tool-tor-says-report/
×
×
  • Create New...