Tor Traffic Compromised, “Aqua” on the Horizon

We’re running out of places to hide. The anonymous browsing protocol Tor is to undergo a remodel after news of leaks in the ceiling were discovered early last month. Both the FBI and the NSA have used their own methods to undermine the security of the anonymity relay service, each deploying tactics relative to their understanding of how the network was run over the past several years.

The FBI exploited javascript files in the Firefox program used to connect to Tor, whereas the NSA took the backdoor route, attempting to track and tag the activity of users who connect to the network and then use metadata to match up with their identities. The technique is called “traffic analysis”, and surprisingly has an almost 80% rate of success when predicting a link between an “anonymous” Tor user and someone who has been connecting to the standard internet under email clients using their real names.

“Our analysis shows that 80 percent of all types of users may be deanonymized by a relatively moderate Tor-relay adversary within six months,” the researchers write in a paper on their findings. “These results are somewhat gloomy for the current security of the Tor network.”

Source: The Guardian

In an interview with MIT Technology Review, Aaron Johnson has been quoted as saying that the majority of those who choose the Tor network in an effort to keep themselves anonymous shouldn’t be concerned about their safety, however if they plan to spill state secrets or plan a terrorist plot anytime soon, they might want to reconsider before getting linked up on the next onion router.

It’s still unclear whether or not any agencies are actively monitoring the lines for this kind of activity, although given the presentations from 2006 and 2012, it’s clear they at least have an awareness of how to gain access to user information if they need to, and what kind of maneuvers are possible when dealing with multiple relays like those found in Tor.

Researcher at the Max Planck Institute for Software Systems in Germany, Stevens Le Blond summarizes the current situation well:

“Since 2006, the academic community has done much work on traffic analysis and has developed attacks that are much more sophisticated than the ones described in this report.”

LeBlond has been contributing as an engineer to a new anonymity project — dubbed Aqua. The connection protocol will supposedly work in similar fashion to Tor, but with extra protection designed to actively fight against the current methods of traffic analysis employed by international government agencies.

Until Aqua is available to the public, you can always use a VPN to connect to Tor to add extra layer of security and safety to all of your online activity. By configuring HideMyAss Pro VPN to run on a router running Tomato firmware, you can create a double-strength shield of privacy that not even the most advanced methods of decryption would dare to tangle with twice.