It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
According to a top-secret NSA summary of the meeting, Dingledine told the assembled NSA staff that his service, called Tor, offered anonymity to people who needed it badly — to keep business secrets, protect their identities from oppressive political regimes or conduct research without revealing themselves. In the minds of NSA officials, Tor was offering protection to terrorists and other intelligence targets. As he spoke to the NSA, Dingledine said in an interview Friday, he suspected the agency was attempting to break into Tor, which is used by millions of people around the world to shield their identities. Documents provided to The Washington Post by former agency contractor Edward Snowden show that he was right. Beginning at least a year before Dingledine’s visit, the NSA has mounted increasingly successful attacks to unmask the identities and locations of users of Tor. In some cases, the agency has succeeded in blocking access to the anonymous network, diverting Tor users to insecure channels. In others, it has been able to “stain” anonymous traffic as it enters the Tor network, enabling the NSA to identify users as it exits. Tor works by encrypting traffic repeatedly as it flows across a global network of servers, mostly run by volunteers. The traffic, which can include e-mails, information from a Web site and almost anything else on the Internet, is supposed to arrive at its destination with no identifying information about its origin or the path it took. The Snowden documents, including a detailed PowerPoint presentation, suggest that the NSA cannot see directly inside Tor’s anonymous network but that it has repeatedly uncloaked users by circumventing Tor’s protections. The documents also illustrate the power of the NSA to at least partially penetrate what have long been considered the most secure corners of the Internet.
DYNAMIC PAGE — HIGHEST POSSIBLE CLASSIFICATION TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL Roger Dingledine at NSA NOV 2007 From PE Contents * 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1.1 (U) Who are TOR Customers? o 1.2 (U) Anonymity System Concepts o 1.3 (U) TOR Issues (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) (U) Roger Dingledine, now of Torproject.org, was one of the principle inventors or TOR. Current usage statistics quoted are 200K users and 1K servers. When asked about trends, he had no concrete data - Being a non-profit open-source effort, the collector of statistics has not been active recently.
Top-secret NSA documents, disclosed by whistleblower Edward Snowden, reveal that the agency's current successes against Tor rely on identifying users and then attacking vulnerable software on their computers. One technique developed by the agency targeted the Firefox web browser used with Tor, giving the agency full control over targets' computers, including access to files, all keystrokes and all online activity. But the documents suggest that the fundamental security of the Tor service remains intact. One top-secret presentation, titled 'Tor Stinks', states: "We will never be able to de-anonymize all Tor users all the time." It continues: "With manual analysis we can de-anonymize a very small fraction of Tor users," and says the agency has had "no success de-anonymizing a user in response" to a specific request. Another top-secret presentation calls Tor "the king of high-secure, low-latency internet anonymity". Tor – which stands for The Onion Router – is an open-source public project that bounces its users' internet traffic through several other computers, which it calls "relays" or "nodes", to keep it anonymous and avoid online censorship tools. It is relied upon by journalists, activists and campaigners in the US and Europe as well as in China, Iran and Syria, to maintain the privacy of their communications and avoid reprisals from government. To this end, it receives around 60% of its funding from the US government, primarily the State Department and the Department of Defense – which houses the NSA.
doublearies
reply to post by GArnold
My first post, I live in Canada which is essentially an annex of the U.S. I have been lurking in the shadows for quite some time, thought I would reply since I have just now finished watching the documentary "Terms and Conditions May Apply" which clearly outlines that any and all web based information is visible to any agency, or company with the right technology and backing from government legislation. Privacy is dead and we are allowing it based upon our simple day to day activities within this technological society of convenience. in my opinion.
Doublearies.
Since 2006, according to a 49-page research paper titled simply “Tor,” the agency has worked on several methods that, if successful, would allow the NSA to uncloak anonymous traffic on a “wide scale” — effectively by watching communications as they enter and exit the Tor system, rather than trying to follow them inside. One type of attack, for example, would identify users by minute differences in the clock times on their computers.
The following document is a 2006 research paper produced for the NSA's "Cryptanalysis and Exploitation Services" office. It lays out the technical features of Tor and proposes a number of theoretical and practical attacks, some of which the NSA developed and used in subsequent years. Among other things, the paper describes an NSA-written adaptation of Tor, "indistinguishable from an original Tor client," which enables the NSA to gather intelligence inside the network. It also describes two kinds of "denial of service" attacks against Tor, code-named Coil and Flower, which are used to divert would-be anonymous communications into open channels.
GArnold
..would allow the NSA to uncloak anonymous traffic on a “wide scale” — effectively by watching communications as they enter and exit the Tor system, rather than trying to follow them inside.
It also describes two kinds of "denial of service" attacks against Tor, code-named Coil and Flower, which are used to divert would-be anonymous communications into open channels.
allenidaho
I just don't think it's that big of a loss. It's been my experience that the TOR network was mostly used by pedophiles, drug dealers, thieves and forgers.
SadistNocturne
Hmmm.
Let's take that thinking a step further...
"Besides, who could possibly want to keep their identity private? You have to be afraid if you have something to hide!"
Am I that far off?
- SN
allenidaho
SadistNocturne
Hmmm.
Let's take that thinking a step further...
"Besides, who could possibly want to keep their identity private? You have to be afraid if you have something to hide!"
Am I that far off?
- SN
What? No. I use TOR every now and then. I was just making an observation on what I tend to see there.
NOD, a well-known drug dealer on the defunct online black market Silk Road, has been arrested in Washington State, along with a partner. Across the Atlantic, four Silk Road users were arrested by British authorities "on suspicion of supplying controlled drugs." In Sweden, two Silk Road users have been arrested for allegedly selling marijuana on the site. British authorities say more arrests are coming. The method by which the U.S. arrests appear to have come about — routine package interdiction, then a simple investigation — suggests that other American dealers may be at risk. In addition, the charges aren't new or novel, but simple and very severe:
Regardless, this will send a shock through the so-called dark net. Feds are going after Silk Road like a simple drug ring, not an exotic website, and have been investigating it effectively since 2011. The relative difficulty of accessing Silk Road — setting up Tor, converting cash to Bitcoins, setting up encrypted communications — may have given users a sense of security and secrecy. But these technological safeguards aren't really safeguards at all: Buying and selling illegal substances through a service run by the government, it turns out, is more than enough to get you caught.
1. Scan Internet traffic. The NSA uses programs like Stormbrew, Fairview, Oakstar, and Blarney. These programs were all categorized as “upstream” data collection programs on previous slides released by Snowden. Through them, the agency brokers deals with major telecoms and taps into the fibreoptic backbone of the Internet. 2. Mark Tor requests. As the NSA monitors the world's Internet traffic, it creates what Schneier refers to as “fingerprints” of requests from Tor users to various servers. It stores these requests in searchable databases like XKeyscore, through which the NSA monitors emails, browsing histories, and Facebook chats, the latter in real time. 3. Sift out marked traffic. The NSA uses automatic sifting programs to separate marked Tor users from the pool of all Internet traffic. As Schneier wrote, “The very feature that makes Tor a powerful anonymity service, and the fact that all Tor users look alike on the Internet, makes it easy to differentiate Tor users from other web users.” 4. Send users to NSA servers. The NSA brokered deals with major telecom companies in order to redirect Tor users to a system of secret servers dubbed FoxAcid. Through these deals, the agency places what it calls Quantum servers at key points along the fibre optic infrastructure of the Internet. These servers pretend to be the legitimate server that the Tor user is trying to access. They then redirect the users to the FoxAcid system.
Active Sponsors in 2013:
Broadcasting Board of Governors (2006-2013)
SRI International (2011-2014)
US Department of State Bureau of Democracy, Human Rights, and Labor (2013-2015)
Sida - Swedish International Development Cooperation Agency (2010-2013)
National Science Foundation joint with Georgia Tech and Princeton University (2012-2016)
Radio Free Asia (2012-2014)
The Knight Foundation (2012-2013)
An anonymous North American ISP (2009-present)
The Ford Foundation (2013-2014)
An anonymous North American NGO (2008-2013)
More than 4,300 personal donations from individuals like you (2006-present)
Past sponsors
We greatly appreciate the support provided by our past sponsors in keeping the Tor Project progressing through our ambitious goals:
National Science Foundation via Drexel University (2009-2011)
Access Now (2012)
Google (2008-2009)
Google Summer of Code (2007-present)
Human Rights Watch (2007)
Torfox (2009)
Shinjiru Technology (2009-2011)
National Christian Foundation (2010-2012)
NLnet Foundation (2008-2009)
Naval Research Laboratory (2006-2010)
Internews Europe (2006-2008)
Electronic Frontier Foundation (2004-2005)
DARPA and ONR via Naval Research Laboratory (2001-2006)
Cyber-TA project (2006-2008)
Bell Security Solutions Inc (2006)
Omidyar Network Enzyme Grant (2006)
NSF via Rice University (2006-2007)