Attacking Tor: How the NSA targets users' online anonymity

One heartening aspect of the Snowden revelations as a whole is that they have pretty much just confirmed that the things we thought were strong (public crypto research, tor) are in fact strong and the things that we thought were iffy are in fact iffy(Certificate Authorities, Unvetted Crypto, Cloud Services, The Wires, Implementations). This bodes well for the prospect of navigating out of this whole mess successfully since on the whole we seem to have good instincts about what is trustworthy and what is untrustworthy. I think that it actually has tended to clarify thinking about security so that fewer and fewer engineers are able to delude themselves into trusting something that they know deep down is really untrustworthy.

This accompanying article has useful context: <a href="http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption" rel="nofollow">http:&#x2F;&#x2F;www.theguardian.com&#x2F;world&#x2F;2013&#x2F;oct&#x2F;04&#x2F;nsa-gchq-attack...</a><p>&gt; <i>But the documents suggest that the fundamental security of the Tor service remains intact. One top-secret presentation, titled &#x27;Tor Stinks&#x27;, states: &quot;We will never be able to de-anonymize all Tor users all the time.&quot; It continues: &quot;With manual analysis we can de-anonymize a very small fraction of Tor users,&quot; and says the agency has had &quot;no success de-anonymizing a user in response&quot; to a specific request.</i><p>So only with &quot;manual analysis&quot; can intel agencies have any success, and that appears to be with a small subset of users who have other vulnerabilities. But when targeting a specific user, the NSA appears to have had no success in de-anonymizing them.

The more we learn about the NSA&#x27;s capabilities, the more it seems like the Manhattan Project. They are developing the &quot;cyberwarfare&quot; equivalents of weapons of mass destruction. This exploit delivery network goes so far beyond any legitimate purpose it might serve that it belongs in the same moral category as hydrogen bombs.<p>EDIT: The above is somewhat hyperbolic and unclear. The NSA&#x27;s capabilities may have legitimate uses. Similarly, there may be legitimate military uses for nuclear weapons. But building nuclear weapons creates the risk of worldwide nuclear destruction. Similarly, building this kind of highly efficient exploit system creates the risk of destroying all Internet security. The potential destruction far outweighs whatever good the weapons might accomplish. That is why I said they belong in the same category.

Metacommentary:<p>I&#x27;ve taken a jaundiced view of &quot;liberation tech&quot; efforts in the past and this is as good an illustration as any of why. Among &quot;amateur&quot; libtech projects, Tor is about as good as you get --- an active community, extremely widespread use, technical people with their heads screwed on right and as much humility as you can reasonably expect of people whose projects are (candidly) intended to thwart world governments.<p>If Tor can&#x27;t provide meaningful assurances (here, there&#x27;s a subtext that Tor actually made NSA&#x27;s job <i>easier</i>), you&#x27;d need an awfully convincing reason for how you&#x27;re going to do better than they are before &quot;liberating&quot; the Chinese internet, especially given that it your users who assume the real risks.

This is one way the NSA can attack Tor. if they just want to de-anonymize a connection, not get access to the content, (.e.g to locate the Silk Road Sever), in theory they can just analyze all their passively collected data form major fiber backbones to identify and locate the user.<p>Tor, including hidden services, was never designed to protect against someone who could observe all or almost all traffic in the Tor network. Given that data, it&#x27;s rather easy to correlate timing information. Indeed, Tor fundamentally allows this since it aims to be a low latency network.<p>Given the NSA&#x27;s extensive tapping of key fiber lines, we should assume they can actually observe the necessary traffic.From the original paper announcing Tor: &quot;A global passive adversary is the most commonly assumed threat when analyzing theoretical anonymity designs. But like all practical low-latency systems, Tor does not protect against such a strong adversary.&quot; --- Tor: The Second Generation Onion Router [0] [0] <a href="https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf" rel="nofollow">https:&#x2F;&#x2F;svn.torproject.org&#x2F;svn&#x2F;projects&#x2F;design-paper&#x2F;tor-des...</a>

Is nobody slightly concerned that the date shown in the PDF file which sparked this commentary ( <a href="http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document" rel="nofollow">http:&#x2F;&#x2F;www.theguardian.com&#x2F;world&#x2F;interactive&#x2F;2013&#x2F;oct&#x2F;04&#x2F;tor...</a> ) shows the PDF as being created in 2007?<p>It looks like they had some trouble picking out users 5 years ago... lord only knows how easy it must be for them now.

Sounds like, if you&#x27;re going to do something very sensitive on tor, you need to:<p>- always have an update to date version of tor bundle!<p>- compile the bundle yourself from source<p>- run it virtually, and always roll back to a clean snapshot (before installing it tor) when done<p>- if possible use from a network that is not your own (open wifi, public wifi, etc.)<p>- spoof your mac address<p>- do not run JS, Java applets, etc.!<p>I know this seems extreme, but from what I read, it&#x27;s the best you can do to protect yourself.

&gt; Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term<p>It would be nice if somebody could honeypot them to find out the vulns and malware types they are using.

edit: removing meta discussion about flagging. the story should get the attention. apologies for the distraction.

So how does Tails[1] stack up? It seems to thwart most of those attacks.<p>It block non-anonymized traffic and makes permanent changes difficult. OTOH, privilege escalation bugs happen frequently on Linux.<p><a href="https://tails.boum.org/" rel="nofollow">https:&#x2F;&#x2F;tails.boum.org&#x2F;</a>

Wait, so simply by using Tor the government will install malware on your computer. How is that legal?

At least according the the slides, Tor appears to be safe for the most part. Which is good.

I&#x27;ve been playing with vagrant and ansible to create a new server in a snap. Here is a good weekend project:<p>Instead of having just an Tor&#x2F;browser bundle, build a vagrant machine specification that installs the Tor bundle. This virtual machine would be destroyed and recreated from time to time. Now put the machine specification in GitHub and let anyone use it.

So how does one determine which sites are being intercepted through Tor and served malformed code? Start doing CURLs from within Tor and outside of it and comparing hashes?

If someone makes disposable Raspberry Pi Tor exit and non-exit nodes sealed in hard plastic resin, we could all buy them and drop them off in random places throughout the world on open networks. If enough people the world over does this, we would make it a lot harder for a global passive attacker to succeed.<p>Tor&#x27;s biggest vulnerability is the risk associated with operating exit nodes means that the number of exit nodes remains relatively low at ~1000 worldwide. If hundreds of thousands of exit nodes started popping up all over the globe. It would be very hard to counter.<p>I&#x27;m also curious if enough governments unhappy with what is happening could go as far as hosting many tor nodes outside the control of the NSA. Is the Global Passive Adversary threat still valid if there are many of them that are non-cooperative with one another (i.e. China can&#x27;t monitor US and Russian tor nodes, Russia can&#x27;t monitor US and Chinese nodes, and the US can&#x27;t monitor Chinese and Russian nodes)? My intuition tells me that the global passive adversary would have to be able to monitor most of the nodes, but if others came on the scene doing the same, they would dilute the percentage of nodes that any single global passive adversary could monitor.

Can one use something like Lynx with Tor? I doubt there are very many exploits for it.

Sure these folks are smart and have all sorts of powerful weapons; what are the odds that someone out there could successfully repurpose some of these weapons? What is the likelihood that vulnerabilities exist in the NSA&#x27;s systems? We can never know since it&#x27;s all secret. If someone does take over these systems we wouldn&#x27;t know that either.

I am loving every minute of this NSA-Gate or Snow-Gate. Nothing like holding GOVT accountable for decisions they make behind closed doors, decisions that had an impact on the whole world not just US citizens.<p>Its also great all the technical details that are being released about how they Intel Agencies collect data. Its all fascinating.

The NSA is like Tor&#x27;s pentesters, except Tor doesn&#x27;t get to see the results.

Foxacid sounds like an NSA version of BeEF (<a href="http://beefproject.com/" rel="nofollow">http:&#x2F;&#x2F;beefproject.com&#x2F;</a>), which hooks browsers that would then be monitored from the Lockheed-Martin-style SOC (<a href="https://www.youtube.com/watch?v=x1tCJfy_iZ4" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=x1tCJfy_iZ4</a> :-).<p>However, for those with more limited resources, Ryan Barnett is working on an open-source monitoring system for BeEF (<a href="https://vimeo.com/54087884" rel="nofollow">https:&#x2F;&#x2F;vimeo.com&#x2F;54087884</a>).

It appears that the NSA has been able to target only Tor users that are using the Tor - Firefox bundle. So if you are using Chrome or some other browser - configured to use Tor, you would be safe from these exploits. Wouldn&#x27;t most sophisticated hackers - or other high value targets most likely to be of interest to the NSA - be already doing that, rather than using the Firefox+Tor bundle?

In the slide titled &quot;Exploitation: Shaping&quot; the status says &quot;Can stain user agents working on shaping.&quot;<p>How do they achieve to make tor use NSA&#x2F;GCHQ nodes? If they achieved to do this 5 years ago (the PDF is from 2007) would it then be reasonable to assume that since then they have managed to modify the TOR source code in a way that nobody remarked to do exactly this?

This kind of news should encorage people to create and use better tools for find and fix vulnerabilities in software.

<i>&gt; FoxAcid tags are designed to look innocuous, so that anyone who sees them would not be suspicious. An example of one such tag [LINK REMOVED] is given in another top-secret training presentation provided by Snowden.</i><p>Anyone knows what these tags look like?

Should really make a packaged vm in vm failsecure tbb equivalent. Nothing is really works from a usability standpoint while giving reasonable protections against this kind of endpoint attack.

what about the nonsense on the quantum system? i think the reporter left some key info out.<p>why does speed is a factor to mitm attacks? the slide shows a proper mintm diagram... or is this quatum thing exploiting a package arriving before the honest response? and why they would need to do that if they are in a position to do a proper mitm attack and not expose themselves for someone who monitors man-on-the-side attacks?

I remember somebody from Mozilla thinking out loud &quot;we should integrate Tor in Firefox&quot;. Glad that didn&#x27;t get done.

Apparently, John Grisham works for the NSA, naming its programs.

don&#x27;t forget that Tor publishes their exit nodes--they make them freely available to anyone. So a simple membership test on a client IP against that list of exit node IPs identifies that client IP as either having come through Tor via the onion router or else they are an exit node themselves.