Skip to comments.Attacking Tor: how the NSA targets users' online anonymity
Posted on 10/04/2013 11:47:48 AM PDT by shego
The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.
According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser....
(Excerpt) Read more at theguardian.com ...
Thanks for the article. Tor is popular amongst the torrent community and this shows it ain’t safe (for now) either.
In fact, the NSA created a presentation titled -- I swear I am not making this up -- "Tor Stinks", lamenting:
With manual analysis we can de-anonymize a very small fraction of Tor users, however, no de-anonymizing a user in response to a Tor request/on demand.(emphasis in original)
The paragraph immediately following is redacted. No doubt this is because The Guardian identified it as one of the few bits of Snowden's data that actually would be useful to terrorists; however, I like to imagine that it's censored because the NSA minion who wrote the presentation couldn't resist uncorking a profane rant that would make a sailor blush.
If I was NSA, I would set up a company just like TOR. I would set up a company just like Silk Road.
In other words they illegally modify files on a user’s computer, illegally redirect traffic, and call it all national security.
It illegally does “phishing.”
It illegally hacks user’s computers.
They illegally intercept all phone calls (echelon)
They read all internet traffic.
Anybody know how to use a morse code transmitter?
The biggest crooks are in the government.
The same principle applies here.
Good grief :-(
I guess I will build a new image for my Raspberry Pi and copy it to a handful of 4GB SD cards. Pop a new one in every day and use that system to browse using the proXPN VPN.
Hook the Pi to my HDMI monitor on HDMI#1 and plug the big PC into HDMI#2 ...use the remote to switch between the two computers.
Leave the PC totally disconnected from the net.
Put a 32GB SD card on my USB switchbox and when I need data from the net on the PC just use the Pi to save it to the SD card then switch it to the PC and move it to the HD.
Luckily the Pi only uses a couple of watts of power so it will cost zip to leave it up all the time.
The only good NSA is an ABOLISHED NSA.
Very good point...