Tor Network Enhancing Security For Hidden Services In Aftermath Of Reports That Carnegie Mellon University’s CERT Team Unmasked The Servers And Users Of Some Hidden Services And Provided That Information To The FBI As Part Of A Criminal Investigation
The non-profit Tor Project, an encrypted network, and a major tenant on the Dark Web, has announced that it is making some security improvements designed to better keep the identities of their customers hidden. Tor stated that it was taking this action, after reports surfaced earlier this month that Carnegie Mellon University (CMU) reportedly unmasked the servers, as well as the IP address of some users and provided that information to the FBI as part of a criminal investigation. The Hacker News reported on their November 24, 2015 website, that the FBI paid CMU $1M to reveal the techniques it used to successfully unmask the servers and IP addresses of the individuals who the FBI had targeted. The FBI denied that it had paid CMU the $1M stipend.
Swati Khandelwal, writing for TheHackerNews, wrote that “the unknown attackers [CMU researchers], used a combination of nodes and exit relays, along with some vulnerabilities in the Tor network protocol, that let them uncover the users real IP addresses. The attack reportedly began in February 2014, and ran until July 2014, when the Tor Project discovered the vulnerability. Within a few days,” Ms. Khandelwal notes, “the [Tor] team updated its software and rolled out new versions of code to block similar attacks in the future.”
“But, who was behind this serious ethical breach was a mystery,” Ms. Khandelwal wrote, “until the talk from Carnegie Mellon University’s Michael McCord and Alexander Volynkin on de-anonymizing Tor users was cancelled at last year’s Black Hat conference with no explanation.”
Unmasking Tor Using Just $3,000 Of Hardware
“The Carnegie Mellon talk detailed a new way to “de-anonymize hundreds of thousands of Tor [users] and thousands of Hidden Services [underground] sites within a couple of months,” using just $3,000 of hardware.”
“The researchers were going to prove their technique, with examples of their own workaround identifying “suspected child pornographers and drug dealers,” Ms. Khandelwal noted. “However,” she adds, “after the ongoing attack on Tor network was discovered in July last year, the talk was abruptly canceled and suspicions were aroused that their techniques were used in the attacks discovered by the Tor Project. The Tor Project also says researchers stopped answering their emails, which made them more convinced of who was behind the attack — Carnegie Mellon’s Computer Emergency Response Team, or CERT.’
So, in response to what Tor asserts is unethical and a threat to their raison d’etre, they have taken steps and implemented software changes that they claim would thwart CMU and or the FBI from using the same techniques that they reportedly used in February – July 2014. So, the FBI and CMU may find such techniques are no longer of use — at least against the Tor network. But, in implementing measures designed to thwart the FBI, Tor could also, indirectly aiding the Islamic State and other Islamic militants stay hidden, while also coordinating a terror attack here in the United States. if these new measures do aid the terrorists in concealing their activities — then Tor would be wise to figure out a way to ensure that the FBI and law enforcement agencies do still get any critical information and emails, etc., that appears to involve potential terrorist activities. The problem is, that these guys often talk to each other in coded language; and, it often requires a seasoned terrorist analyst/s and a thorough compilation of other associated information — connecting the dots or link analysis if you will — to put this holistic picture together. If we do suffer a terror attack here, along the lines of the recent Paris attack, or worse — and, it was discovered afterwards that Tor had this information but did nothing — then Tor could well find itself in such legal trouble that it may not survive. It is something that Tor needs to think long and hard about, before the unthinkable happens. And, I also doubt that you will find anyone who sympathizes with child pornographers. V/R, RCP