Microsoft has publicly warned that they do not believe the Tor browsing service, famed for allowing totally secure access to the most hidden areas of the internet and frequented by cyber-criminals, can withstand attempted break-ins from law-enforcement bodies such as the NSA and Britain's GCHQ for much longer.
Amidst claims that usage of Tor has increased by almost 50% since Edward Snowden's revelations last year as to the extent of NSA internet snooping, Andy Malone of Microsoft Enterprise Security said
"There is no such thing as really being anonymous on the internet. If hackers and government agencies want you, they will get you."
He added that although the Tor network itself had not yet been cracked, hackers employed by the state were able to access data sent and received by the program through hijacking insecure add-ons for the browser installed by users. These included Adobe Flash and Java - two of the most well-known and most in-secure browser plugins around.
Tor enables users to browse the web with absolute security by scrambling data and then sending it through thousands of different relays worldwide so that the identity of the original sender of the data is completely masked. It also allows for the creation of 'invisible' sites that can only be viewed with the Tor browser - other browsers such as Internet Explorer, Google Chrome or Mozilla Firefox simply will not be able to find them. These have the .onion extension and some, such as the infamous Silk Road, are regularly frequented by criminals looking to engage in illegal activities such as the trade of drugs and narcotics online without risk of being traced.
Increasingly, the service is being frequented by ordinary law-abiding citizens who use it simply to mask their identity online; this has led to the service seeing on average 80,000 users of the network per day.
Microsoft described how law-enforcement bodies including the NSA and Britain's equivalent, GCHQ, were actively monitoring and attempting to break into the Tor network through add-ons used with the client. He said that increasingly the 'secure', hidden .onion sites are being hijacked by law-enforcement agencies and being converted into 'watering-holes' - as people visit the site, their details are recorded and returned to the NSA. This, of course, is not particularly useful until the rest of the Tor network has been broken down so that the true identity of the visitor can be established.
This is yet another turn in the revelations of governmental snooping on the usage of the internet. It appears that governments in the US and Britain are more determined than ever to access our data and are now trying to break down the barriers surrounding the most hidden parts of the internet. In the past, Tor has always been able to adapt to attempted break-ins like this but is time running out for what is currently the most secure access path to the Internet?
Source: The Inquirer
36 Comments - Add comment