Posted on 09/02/2013 2:05:27 PM PDT by ShadowAce
It's easier to identify TOR users than they believe, according to research published by a group of researchers from Georgetown University and the US Naval Research Laboratory (USNRL).
Their paper, Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries, is to be presented in November at November's Conference on Computer and Communications Security (CCS) in Berlin. While it's been published at the personal page of lead author Aaron Johnson of the NRL, it remained under the radar until someone posted a copy to Cryptome.
The paper states simply that “Tor users are far more susceptible to compromise than indicated by prior work”. That prior work provided the framework for what Johnson's group has accomplished: using traffic correlation in the live TOR network to compromise users' anonymity.
“To quantify the anonymity offered by Tor, we examine path compromise rates and how quickly extended use of the anonymity network results in compromised paths”, they write. In some cases, they found that for the patient attacker, some users can be identified with 95 percent certainty.
The compromise isn't something available to the trivial attacker. The models that Johnson developed assume that an adversary has access either to Internet exchange ports, or controls a number of Autonomous Systems (for example an ISP). However, it's probably reasonable to assume that the instruments of the state could deploy sufficient resources to replicate Johnson's work.
At the core of Johnson's work is a Tor path simulator that he's published at github. The TorPS simulator helps provide accurate AS path inference from TOR traffic.
“An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50 percent probability and within six months with over 80 percent probability. We observe that use of BitTorrent is particularly unsafe, and we show that long-lived ports bear a large security cost for their performance needs. We also observe that the Congestion-Aware Tor proposal exacerbates these vulnerabilities,” the paper states.
If the adversary controls an AS or has access to Internet exchange point (IXP) traffic, things are even worse. While the results of their tests depended on factors such as AS or IXP location, “some users experience over 95 percent chance of compromise within three months against a single AS or IXP.”
The researchers also note that different user behaviours change the risk of compromise. Sorry, BitTorrent fans, your traffic is extremely vulnerable over time. ®
Wonder if the tormail user who was sending pedoporn to conservative pundits can be traced, and who it traces to?
Or, perhaps, they don't - and you end up arrested. There is no way to separate your activities from activities of Tor users that you facilitate. So if someone connects to port 22 of some server at Pentagon, the FBI has legal right to come after you.
Running a Tor exit node is just as smart as standing in the street and doing everything that some stranger tells you to do over a cell phone. Like "Find a nearest cracker and hit him in the mouth."
“An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50 percent probability and within six months with over 80 percent probability.
ENCRYPTION! ENCRYPTION! ENCRYPTION! THE NSA CANNOT HACK ENCRYPTED TRAFFIC (Yet)!
Go to StartSSL.com and get yourself a free Class 1 cert to start. Learn about encryption, and encrypt what you can: email, instant messaging. Get an SSL-sniffing add-on for your browser like HTTPS Finder for Firefox that ports you to an HTTPS address if it's available.
Until quantum computers are a reality, the NSA is not going to waste data processing cycles on your traffic unless you're a known, imminent threat. Even then, they won't decrypt everything in any meaningful amount of time.
Encrypt your traffic, buy your own domain and learn how to setup an email server on Ubuntu for yourself utilizing the keys available out there. Privacy is available if you make yourself knowledgeable.
And worst-case scenario, learn HAM radio!
Ping.
Code breaking is now so far in advance of encryption that it is hardly worth the effort to try anymore. The use of factoring no longer presents a serious obstacle, and with quantum computing it will just be brushed aside.
The best advice to keep privacy is not to use electronics.
LOL. I read part of that and understood not one word of it. The world is leaving me behind....WAHHHHHH.
The face belonging to hand delivery can be easily recognized due to billions of photos available online and the software capable of facial recognition.
Even worse, when hand delivery carries an Android device, their whereabouts are traceable. If they leave device at home and it is deviation from routine, it is easily flagged.
A software using social diagram can predict whereabouts of each social diagram member at any time.
One can be smart, but it's the sum of stupid contacts that counts.
Facial photo recognition has never been successful in application. They want it to be, they crave it to be, but it just never pans out.
And it’s not just an Android device, but all cellphones now have GPS location detection, but that is moot, because if you carry a cellphone, why are you hand delivering a written message to avoid electronic interception? The government even wants to integrate GPS into all automobiles, but has not yet pulled that one off.
And then, on your person there are probably several RFID tags, and when you pass near an RFID reader, you give off a unique signature for that vicinity with even a single tag. Who else in the area is wearing your brand of shoes, and your brand of pants, etc.?
But your last reference was to data mining. A brilliant idea used by both law enforcement and intelligence, it is still dependent on a lack of GIGO, garbage in, garbage out. Even if it established some contacts, it still has no clue as to message content.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.