NSA Automatically Tracks Users Who Search for ‘Tor’, ‘Tails’

Earlier this afternoon, a sliver of source code from the NSA’s surveillance program XKeyscore was revealed by a set of security specialists for German broadcasters NDR and WDR, and it has revealed what many already suspected to be true, but couldn’t say for sure until today.

It’s no secret that the NSA holds a special little place of hatred for Tor and its users, as the routing and relay service is one of the only truly effective tactics that average members of the Internet can use to keep themselves and their Internet history a secret from the rest of the world.

By its very nature, snoops from the NSA are exactly the type of uninvited intrusions that Tor was designed to prevent, and unlike other standard tactics of anonymization which are easily unveiled by code breakers at the agency, Tor actually makes it fairly difficult for programs like XKeyscore to get an accurate read on someone while they browse and communicate online.

Now it seems the intelligence community has found a way around this hurdle, by jumping on someone’s trail before they ever get the chance to cover up their tracks. If a given user happens to even search for the term “Tor” or “Tails” (the Linux-based OS built around the Tor network) in popular engines like Google or Bing, their IP address is automatically added to a list and tracked as far as it can go before inevitably dipping under the murky surface the identity-ghosting program provides to those who sign up.

Photo: Wikimedia/ The Guardian

Of course, the news of this internal frustration for the agency has only helped to bolster Tor’s reputation as the go-to option for anyone who might be interested in making themselves anonymous online, but aren’t entirely sure where they should go to start.

“This shows that Tor is working well enough that Tor has become a target for the intelligence services,” said Sebastian Hahn, who runs one of the key Tor servers. “For me this means that I will definitely go ahead with the project.”

The agency also sets up their own personal campsites on the hosting portals for Tor and Tails, tracking the IP addresses of those who visit the site, and even going as far to latch onto the computers of users who initiate a full-on download and eventually go through the multi-stepped installation process.

Other monitored sites include Centurian, FreeProxies.org, HotSpotShield, privacy.li, FreeNet, MegaProxy, and an anonymous email service called MixMinion. The identity of users who simply glance at these pages is recorded and stored on the NSA’s servers, and it’s up to the agency how long it keeps that data or what they do with it once the time to set up a trace finally comes.

When questioned about the brazen action against privacy seekers from around the web, the NSA issued a statement that can be read in full below:

“In carrying out its mission, NSA collects only what it is authorized by law to collect for valid foreign intelligence purposes – regardless of the technical means used by foreign intelligence targets. The communications of people who are not foreign intelligence targets are of no use to the agency.

In January, President Obama issued U.S. Presidential Policy Directive 28, which affirms that all persons – regardless of nationality – have legitimate privacy interests in the handling of their personal information, and that privacy and civil liberties shall be integral considerations in the planning of U.S. signals intelligence activities.

The president’s directive also makes clear that the United States does not collect signals intelligence for the purpose of suppressing or burdening criticism or dissent, or for disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion.

XKeyscore is an analytic tool that is used as a part of NSA’s lawful foreign signals intelligence collection system. Such tools have stringent oversight and compliance mechanisms built in at several levels. The use of XKeyscore allows the agency to help defend the nation and protect U.S. and allied troops abroad. All of NSA’s operations are conducted in strict accordance with the rule of law, including the President’s new directive.”