The Tor Project, an online privacy and anonymity service, may no longer be as safe or anonymous as once thought. A recent blog posted on Torproject.org has stated that an unknown group has announced they will attempt to seize control of Tor’s Directory Authority servers and shut them down thereby incapacitating the anonymous network.
According to Tor Project leader Roger Dingledine, “The Tor Project has learned that there may be an attempt to disable our network in the next few days through the seizure of specialized servers in the network called directory authorities.” He goes on to state that steps are currently being taken to ensure the safety of the Tor users in spite of the attack. Tor for now is still currently online and safe to use, but for how long?
Seizing the Directory Authority Servers is a big deal. There are ten servers located globally that list the relay operators Tor users use to stay anonymous online. There are several theories online of who this unknown group is; theories ranging from the FBI to the NSA to Europol and Eurojust.
The Tor Project, the most popular anonymous service online to date, has been rocked lately with a number of busts by the FBI targeting the darknet child porn sites and the Silk Road drug ring, both using Tor to post websites through Tor’s hidden service. At least 17 illegal enterprises have been found hidden within the Tor Project. The FBI has dubbed the sting “Operation Torpedo” and utilized a recently patched Firefox vulnerability to infiltrate the traffic of a few careless Tor users.
Tor is used by a multitude of users from bankers to criminals. Like everything else on the internet, if there is a will there is a way, and the Tor Project provides that way anonymously. Tor works with a network of volunteer relay operators who provide “virtual tunnels” for people to access the internet without being detected either by government or website “phishing”. Tor offers a “hidden service” that allows users to publish websites, not requiring them to reveal their IP addresses. The problem the Feds are having with seized Tor server log information is over the Tor networks, IP addresses only go as far back as the last incoming node or relay operator; the trail ends there. Those who have been caught by the Feds were careless, ignoring repeated warnings and usage protocols posted on the Tor Project website.
While the thought of only 17 people and 27 sites busted for illegal operations seems contrite considering the thousands of users on Tor to date, the instance of the arrests and the recent threat to bring down the network is serious business especially when this threat comes on the heels of the recent Sony hacks. Tor users are advised to watch their twitter feed for announcements from Tor. The possibility of the site being taken down is very real. The attackers need only bring down five Directory Authority servers in order to disable the entire network. Hopefully, the measures the developers at Tor are taking will thwart this take down and safeguard the identities of those users who depend on their online anonymity for their jobs and their personal safety. For now, Tor users should diligently follow usage instructions and use Tor-based systems. Tor-based systems are pre-configured with the settings necessary to that avoid discovering a user’s IP address. Time will tell if these attacks happen and how well Tor developers avoid a catastrophe.