The National Security Agency has been trying to hack into Tor networks, according to a new report by The Guardian's NSA watcher Glenn Greenwald. Ironically, the NSA's attempts to hack the online anonymity tool are an example of one U.S. government agency trying to defuse something promoted by another U.S. Federal agency.
The most recent NSA revelations come from top-secret NSA documents leaked by Edward Snowden, and they show that NSA has repeatedly attempted to find vulnerabilities in the Tor online network.
Some of those attempts involve targeting the Firefox web browser when it's using Tor, a hacking technique also suspected to be used by the FBI to take over a Tor network over the summer. The documents suggest that the NSA has had limited, piecemeal success in its attacks on Tor networks.
Tor is a system that relies on a volunteer network of computers to anonymously relay internet signals through a maze of connections, which are called relays or nodes. This keeps users' traffic secure from surveillance or censorship, while retaining the anonymity of the user. In the wake of the avalanche of NSA-overreach reports this summer, the Tor network's traffic has more than doubled.
Tor and the State Department
Tor, which stands for "The Onion Router," is open-source and free. While it has been called the "Deep" or "Dark" web, due to Tor's insular arrangement and some of the profoundly criminal activity that occurs on the anonymous network, the internet tool was actually developed to help journalists and dissidents stay safe while communicating despite oppressive foreign governments' surveillance and censorship.
In fact, a large proportion of funding for Tor, since its inception, has come from the U.S. State Department and other government agencies. The NSA's attempts to compromise the anonymous network can be seen as one hand hacking the other.
NSA and Tor
According to Greenwald's report, NSA documents show that Tor presents a big problem for the surveillance agency: "We will never be able to de-anonymize all Tor users all the time," says one top-secret presentation. "With manual analysis we can de-anonymize a very small fraction of Tor users." Targeting individuals in response to a specific request apparently has resulted in no success.
So it seems that Tor has remained somewhat secure against the NSA, that doesn't mean the agency hasn't developed some techniques that may or may not work. One includes using internet cable taps to analyze large-scale Tor network activity. Using this technique, the NSA has tried to de-anonymize Tor users entering and leaving the Tor network.
Greenwald also noted that the theoretical technique could work, especially if the NSA could access and run some of the nodes in the Tor network. Though top-secret documents leaked by Snowden show that the NSA does operate some nodes on the Tor network, it did not detail how many, and it seems that the above de-anonymizing technique actually has not been used. In fact, one presentation said that the success of operating nodes was "negligible" because it had access to very few nodes in Tor.
While the NSA documents show that the agency does acknowledge the free-speech, anti-totalitarian benefits of Tor, being used by dissidents in Iran, China, and other places, documents from the U.K. equivalent of the NSA, the GCHQ, apparently shows a scornful stance towards Tor. "EFF," the U.S. non-profit group Electronic Frontier Foundation, which supports freedom of expression on the web and has funded Tor in the past, "will tell you there are many pseudo-legitimate uses for Tor," says one GCHQ presentation. "We're interested as bad people use Tor."