NSA Targets Tor users

[Skip]

The NSA has been actively trying to hack the Tor system that many use to ensure privacy when communicating online. You should note that Firefox users are more compromised than those who use other browsers.

Top-secret NSA documents, disclosed by whistleblower Edward Snowden, reveal that the agency's current successes against Tor rely on identifying users and then attacking vulnerable software on their computers. One technique developed by the agency targeted the Firefox web browser used with Tor, giving the agency full control over targets' computers, including access to files, all keystrokes and all online activity.

But the documents suggest that the fundamental security of the Tor service remains intact. One top-secret presentation, titled 'Tor Stinks', states: "We will never be able to de-anonymize all Tor users all the time." It continues: "With manual analysis we can de-anonymize a very small fraction of Tor users," and says the agency has had "no success de-anonymizing a user in response" to a specific request.

Another top-secret presentation calls Tor "the king of high-secure, low-latency internet anonymity".

http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

 

[DemonPigeon]

Oh... I need to stop using firefox :-S

and use tor a bit more often

 

[watts]

i thought you had to use tor with firefox

 

[gaiusmarius]

thats tor bundle that comes with firefox all preset to go.

 

[dddaver]

I never was a Tor fan. I have a wicked slow connection as it is anyway. I use Firefox and read this and thought, "Well, I better try a new browser." But actually it doesn't matter. If NSA doesn't have a backdoor in they will crack it eventually anyway.

What I personally find highly ironic is that the NSA bastards say they do that shit to increase our personal security and fight those damn terrorists. But the reality is them doing that is actually a terrorist act in itself and actually makes communication LESS secure.

Do you feel more secure knowing the NSA has access to every part of your life? Their online spying is only part of their infringement too. Ever hear of phone tapping, listening through cellphones that have been turned off, or maybe facial recognition? Big brother is here!

But my attitude is, "Fuckem. If somebody wants to hear my piss tinkle and see my GINORMOUS dick, let 'em have their petty-ass, stupid jollies."

 

[Weird]

this is why i go to the dam to talk about the weeds

IC's virtual Amsterdam coffee shop

 

[babelfish]

The NSA has been actively trying to hack the Tor system that many use to ensure privacy when communicating online. You should note that Firefox users are more compromised than those who use other browsers.

http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

Bit late for me locally so not going to do the full bean smash just this moment, but the exploit was in a WINDOWS tor browser package (everything you need, patched firefox, tor, vidalia) - was a javascript exploit. Which should show that everything is vulnerable, the web is really trust based.

Anyway there's a much deeper threat that's not being shown. It's been known for years that you can still 'get' someone in tor, but you need to control a LOT of nodes. basically you need to read a significant percentage of the packets in a given user's stream to pull them back out of the muck. (there are several ways to partially decrypt ssl, or to attack the container based on this data that can be built.)

A nice post on this:
http://security.stackexchange.com/questions/34804/how-safe-is-tor-from-mitm-snooping-attacks

Tor isn't safe from man-in-the-middle attacks.

The unsafe component are the Tor exit nodes. These make the actual, unencrypted request and therefore can read and modify your traffic. Tor provides anonymity by not letting them know where the request came from, but the actual traffic between the exit node and the Internet is not different from normal traffic, as you can see in this picture (via):

Regarding the second question: Yes, it is technically possible to choose exit nodes. I haven't done this before, but you should be able to read up on this topic by yourself. This should allow you to (if possible) run your own exit node, or choose one that you trust.

answered Apr 25 at 0:48

copy

Notice there's still an exit point. But what's not covered here is mining the data in the metadata and partially decrypted packets/streams. Lets just say the short version is that you can be identified by your browsing patterns, or your searching patterns, or your browser plugins, etc. even within the network there is still potential for danger. And yes, its a direct attack target.

This is why you need more than just tor - vpn <-> proxy <-> proxy <-> tor <-> proxy <-> proxy <-> destination.

So, lets look at the real issue, shall we?
http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html

Tor is still DHE 1024 (NSA crackable)
By Robert Graham
After more revelations, and expert analysis, we still aren't precisely sure what crypto the NSA can break. But everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys. Assuming no "breakthroughs", the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.

The problem with Tor is that it still uses these 1024 bit keys for much of its crypto, particularly because most people are still using older versions of the software. The older 2.3 versions of Tor uses keys the NSA can crack, but few have upgraded to the newer 2.4 version with better keys.

You can see this for yourself by going to a live listing of Tor servers, like http://torstatus.blutmagie.de/. Only 10% of the servers have upgraded to version 2.4.

Recently, I ran a "hostile" exit node and recorded the encryption negotiated by incoming connections (the external link encryption, not the internal circuits). This tells me whether they are using the newer or older software. Only about 24% of incoming connections were using the newer software. Here's a list of the counts:

14134 -- 0x0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
5566 -- 0xc013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2314 -- 0x0016 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
905 -- 0x0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
1 -- 0xc012 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

The older software negotiates "DHE", which are 1024 bit Diffie-Hellman keys. The newer software chooses ECDHE, which are Elliptical-Curve keys. I show the raw data because I'm confused by the last entry, I'm not sure how the software might negotiate ECDHE+3DES, it seems like a lulz-worthy combination (not that it's insecure -- just odd). Those selecting DHE+3DES are also really old I think. I don't know enough about Tor, but I suspect anything using DHE+3DES is likely more than 5 years old.

(By the way, I used my Ferret tool to generate this, typing "ferret suites -r ".)

The reason software is out of date is because it takes a long time for repositories to be updated. If you type "apt-get install tor" on a Debian/Ubuntu computer, you get the 2.3 version. And this is what pops up as the suggestion of what you should do when you go to the Tor website. Sure, it warns you that the software might be out-of-date, but it doesn't do a good job pointing out that it's almost a year out of date, and the crypto the older version is using is believed to be crackable by the NSA.

Of course, this is still just guessing about the NSA's capabilities. As it turns out, the newer Elliptical keys may turn out to be relatively easier to crack than people thought, meaning that the older software may in fact be more secure. But since 1024 bit RSA/DH has been the most popular SSL encryption for the past decade, I'd assume that it's that, rather than curves, that the NSA is best at cracking.

Therefore, I'd suggest that the Tor community do a better job getting people to upgrade to 2.4. Old servers with crackable crypto, combined with the likelyhood the NSA runs hostile Tor nodes, means that it's of much greater importance.

Now, see? one must not only encrypt the packets, but also use encryption that MATTERS. AND this must be the case for EVERY HOP IN THE CHAIN.

one more very good read:
http://www.blackhatlibrary.net/Tor