Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Tor Warns of Possible Attempts to Disable Anonymity Network

The Tor anonymity network might be disrupted in the next few days via the seizure of directory authorities, the Tor Project has learned.

There are a total of nine directory authorities spread out in the United States and Europe. These servers provide a signed list of all the relays that make up the Tor network.

The Tor anonymity network might be disrupted in the next few days via the seizure of directory authorities, the Tor Project has learned.

There are a total of nine directory authorities spread out in the United States and Europe. These servers provide a signed list of all the relays that make up the Tor network.

“We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use,” Tor Project leader Roger Dingledine noted in a blog post. “We hope that this attack doesn’t occur; Tor is used by many good people.”

Someone would have to take over at least five of the directory authorities in order to get Tor clients to use other relays. However, Dingledine has pointed out that most attacks on these servers would not be very efficient if the goal is to track down Tor users because these relays “don’t known anything about what particular Tor users are doing.”

Some believe the attack the Tor Project has warned about might be related to an FBI investigation into the recent Sony Pictures hack. Dingledine initially believed this had nothing to do with the attack on Sony. However, after being shown a report from HP which mentions the Sony hackers using Tor exit nodes to cover their tracks, he promised to investigate more.

Thomas White, an individual who runs a large Tor exit node cluster and a collection of mirrors reported losing control of his servers on Sunday. He noted that the incident bore the signs of a law enforcement operation. Some Tor users thought the incidents were related, but Dingledine pointed out that White is an exit relay operator, not a directory authority operator, and that this wouldn’t be the first time he has run-ins with British law enforcement.

In an update posted late on Sunday, after further investigating the issue, White said that while he didn’t completely rule out law enforcement involvement, the scenario was less likely.

In July, the Tor Project reported seeing attempts to deanonymize users, but the attacks appeared to be part of experiments conducted by two researchers who planned on giving a talk on Tor design flaws at the Black Hat security conference. Their presentation was canceled.

Last month, law enforcement authorities in the United States and Europe announced shutting down 410 Tor hidden services in an operation against illegal online marketplaces. The operation was a success from law enforcement’s point of view, but it raised a lot of security concerns since the Tor Project couldn’t figure out how the hidden services had been located.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Compliance

European privacy activists have filed complaints against Apple over its use of software to track the behavior of iPhone users.The Vienna-based group NOYB -...