Spy vs Spy

2/22/14
 
   < < Go Back
 
from Bloomberg Businessweek,
1/23/14:

The Inside Story of Tor, the Best Internet Anonymity Tool the Government Ever Built.

Last year, Edward Snowden turned over to the Guardian, a British newspaper, some 58,000 classified U.S. government documents. Just a fraction of the files have been made public, but they outline the National Security Agency’s massive information-collection system. They’ve thrown light onto the methods of an arm of the government used to working in the shadows and started an intense debate over national security and personal liberty. One of the earliest and most explosive revelations was the existence of Prism, a top-secret program giving the NSA direct access to the systems of Google, Facebook, and other U.S. Internet companies.

In photographs [Snowden is] often with his laptop, and on the cover of his computer, a sticker shows a purple and white onion: the “o” in the word “Tor.”

Tor, an acronym for “the onion router,” is software that provides the closest thing to anonymity on the Internet. Engineered by the Tor Project, a nonprofit group, and offered free of charge, Tor has been adopted by both agitators for liberty and criminals. It sends chat messages, Google (GOOG) searches, purchase orders, or e-mails on a winding path through multiple computers, concealing activities as the layers of an onion cover its core, encrypting the source at each step to hide where one is and where one wants to go. Some 5,000 computers around the world, volunteered by their owners, serve as potential hop points in the path, obscuring requests for a new page or chat. Tor Project calls these points relays.

Its users are global, from Iranian activists who eluded government censors to transmit images and news during the 2009 protests following that year’s presidential election, to Chinese citizens who regularly use it to get around the country’s Great Firewall and its blocks on everything from Facebook (FB) to the New York Times. In addition to facilitating anonymous communication online, Tor is an access point to the “dark Web,” vast reaches of the Internet that are intentionally kept hidden and don’t show up in Google or other search engines, often because they harbor the illicit, from child porn to stolen credit card information.

It’s perhaps the most effective means of defeating the online surveillance efforts of intelligence agencies around the world, including the most sophisticated agency of them all, the NSA. That’s ironic, because Tor started as a project of the U.S. government.

Yet because of Snowden, we now know that the NSA has been working to unpeel the protective layers built by the Tor system. Along with evidence of the NSA’s mass data collection, Snowden leaked an agency presentation that demonstrated just how surveillance-proof the software is. It was titled “Tor Stinks.” The spooks, according to the slide deck, were thwarted by the software at every turn. Gaining access to some Tor relays, for example, didn’t work, because they had to control all three computers in a circuit to defeat the encryption. “We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users,” one slide reads. NSA spokeswoman Vanee Vines said in an e-mailed statement: “It should hardly be surprising that our intelligence agencies seek ways to counteract targets’ use of technologies to hide their communications. Throughout history, nations have used various methods to protect their secrets, and today terrorists, cybercriminals, human traffickers, and others use technology to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that.”

“The reason bad guys use Tor is because it works better than anything else. But at the same time, if there was no Tor, bad guys would still find a way of maintaining their anonymity and everyone else would be left out in the cold.”

More From Bloomberg Businessweek: