Snowden docs show the NSA targets users of the Tor browser


The Guardian has published a story based on documents from whistleblower Edward Snowden showing that the NSA actively targets Tor browsers users and seeks to compromise their anonymity and direct them to NSA-controlled servers. In effect, the Tor user is hijacked and renditioned to the black underground of the NSA.

The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA‘s application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.

According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser.

The NSA refers to these capabilities as CNE, or computer network exploitation.

The very feature that makes Tor a powerful anonymity service, and the fact that all Tor users look alike on the internet, makes it easy to differentiate Tor users from other web users. On the other hand, the anonymity provided by Tor makes it impossible for the NSA to know who the user is, or whether or not the user is in the US.

After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user’s computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems.

Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information back to the NSA.

For all of the details read the article.

About these ads

About Mike
A resident of the “30 square miles surrounded by reality,” I spend most of my time teaching economics and statistics to undergraduate students. I enjoy, naturally, economics and business, but also science (I was once an astronomical observatory assistant), politics, photography, food, travel and sports. Madison has grown quite a bit since 1978 when Governor Lee Dreyfus made that remark. According to Wikipedia, Madison is 67.3 square miles of land and 16 square miles of water. Visit http://thisgotmyattention.wordpress.com/about/ for one of my favorite views of the isthmus. Or, why not come visit us! http://visitmadison.com

One Response to Snowden docs show the NSA targets users of the Tor browser

  1. tiffany267 says:

    Reblogged this on Tiffany's Non-Blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 1,861 other followers

%d bloggers like this: