CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Tor Warns of Possible Attempts to Disable Anonymity Network

The Tor anonymity network might be disrupted in the next few days via the seizure of directory authorities, the Tor Project has learned.

There are a total of nine directory authorities spread out in the United States and Europe. These servers provide a signed list of all the relays that make up the Tor network.

The Tor anonymity network might be disrupted in the next few days via the seizure of directory authorities, the Tor Project has learned.

There are a total of nine directory authorities spread out in the United States and Europe. These servers provide a signed list of all the relays that make up the Tor network.

“We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use,” Tor Project leader Roger Dingledine noted in a blog post. “We hope that this attack doesn’t occur; Tor is used by many good people.”

Someone would have to take over at least five of the directory authorities in order to get Tor clients to use other relays. However, Dingledine has pointed out that most attacks on these servers would not be very efficient if the goal is to track down Tor users because these relays “don’t known anything about what particular Tor users are doing.”

Some believe the attack the Tor Project has warned about might be related to an FBI investigation into the recent Sony Pictures hack. Dingledine initially believed this had nothing to do with the attack on Sony. However, after being shown a report from HP which mentions the Sony hackers using Tor exit nodes to cover their tracks, he promised to investigate more.

Thomas White, an individual who runs a large Tor exit node cluster and a collection of mirrors reported losing control of his servers on Sunday. He noted that the incident bore the signs of a law enforcement operation. Some Tor users thought the incidents were related, but Dingledine pointed out that White is an exit relay operator, not a directory authority operator, and that this wouldn’t be the first time he has run-ins with British law enforcement.

In an update posted late on Sunday, after further investigating the issue, White said that while he didn’t completely rule out law enforcement involvement, the scenario was less likely.

In July, the Tor Project reported seeing attempts to deanonymize users, but the attacks appeared to be part of experiments conducted by two researchers who planned on giving a talk on Tor design flaws at the Black Hat security conference. Their presentation was canceled.

Advertisement. Scroll to continue reading.

Last month, law enforcement authorities in the United States and Europe announced shutting down 410 Tor hidden services in an operation against illegal online marketplaces. The operation was a success from law enforcement’s point of view, but it raised a lot of security concerns since the Tor Project couldn’t figure out how the hidden services had been located.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.