{"id":1112,"date":"2024-11-01T16:58:10","date_gmt":"2024-11-01T22:58:10","guid":{"rendered":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/?p=1112"},"modified":"2024-11-08T09:08:05","modified_gmt":"2024-11-08T16:08:05","slug":"tors-broken","status":"publish","type":"post","link":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/2024\/11\/01\/tors-broken\/","title":{"rendered":"Tor’s Broken?"},"content":{"rendered":"
\"\"<\/figure>\n\n\n

A recent article posted on September 19th claims to have seen evidence that German police and authorities successfully de-anonymized a Tor user which resulted in their arrest and conviction back in 2022. [3] Tor has and is still the main method for someone to anonymously access the internet and the dark web. Anonymity has made TOR the go-to browser and service for people who are persecuted or fear for their lives. However it has the same benefits and uses for cybercriminals, which is why police agencies are actively trying to break the service and learn users\u2019 identities.<\/p>\n\n\n\n

What is Tor?<\/h2>\n\n\n\n

Tor is the leading way to anonymously access the internet and dark web. Initially, users connect to an entry or guard node, this is the only node or computer that knows the user\u2019s IP address. From there the packets are randomly sent through the Tor network, which is a web of computer servers, encrypting the packets as it\u2019s sent. After the packets are routed through a few nodes, the packets will reach an exit node which will then access the website the user is connecting to and communicate with it. The exit node will then send the response through the network back to the user. This way no one knows what a user is accessing, and the packets are not traceable. The only thing known is that the user has accessed the TOR network.<\/p>\n\n\n\n

\"\"
https:\/\/images.theconversation.com\/files\/158813\/original\/image-20170228-13104-ylxylj.png?ixlib=rb-4.1.0&q=45&auto=format&w=754&fit=clip<\/a><\/figcaption><\/figure>\n\n\n\n

What Happened?<\/h2>\n\n\n\n

A recent article tells the story back in 2022, the German authorities de-anonymized a user named \u2018Andres G\u2019 who was running a website called \u2018Boystown\u2019 which hosted child pornography. [3] The report says that the German authorities were able to do this by first getting the cooperation of the carrier, Telef\u00f3nica, which allowed the German authorities to get a list of people accessing Tor. From there the report says the Germans used a \u2018Timing Analysis\u2019 to identify the user.[3] While specific details about how the analysis worked was not released, it is speculated that the Germans have put rogue nodes on the Tor network and by using those to observe the size and timing of packets, and referencing when users are accessing the service, they were able to identify the user.<\/p>\n\n\n\n

They caught a criminal so what?<\/h2>\n\n\n\n

Catching the criminal is admirable and ideal, however de-anonymizing Tor could have big consequences. This is because not only criminals use Tor but many users are also people who live in countries with authoritarian governments and to operate safely and stay alive in their country, they rely on Tor to keep their internet and communications activity anonymous. A spokesperson from a hacker group, called Chaos Computer Club (CCC), who has viewed the report and knows the method the German authorities used says that the method used by law enforcement can also be used by authoritarian regimes to de-anonymize Tor users and as such the Tor Project needs to make improvements to fix the issues. [2]<\/p>\n\n\n\n

What\u2019s Tor response?<\/h2>\n\n\n\n

The Tor Project responded with \u2018there\u2019s nothing to worry about and that user\u2019s anonymity is safe\u2019. [2] They say that \u2018Andres G\u2019 was de-anonymized from a guard discovery attack vulnerability in a messaging service called Ricochet. [2] Tor explains that the criminal, \u2018Andres G\u2019, was using an old insecure version of Ricochet and that this vulnerability has already been patched in the newer version called Ricochet-Refresh. Tor does admit that they have not seen the report or the evidence that suggests the Tor network is vulnerable so they cannot fully comment on it. The Tor Project says, \u201cthe information it has been presented with suggests that users can continue to confidently rely on the anonymity network to protect their identity.\u201d[2] Lastly, the Tor project team message is \u201cDon\u2019t panic\u201d.[3]<\/p>\n\n\n\n

Conclusion<\/h2>\n\n\n\n

While it is positive that the German police and other police forces are actively catching cyber criminals, I\u2019m hesitant to agree that removing anonymity from networks like TOR is the best solution as it can lead to the endangerment of people in authoritarian countries. This very much an ethical debate of how much privacy people should have, and it reminds me of the Trolley problem. Is catching criminals worth endangering innocent people in another part of the world?  Do the potential victims saved from stopping the criminals equal the risk to users who need the anonymity to be safe? I value both sides of the debate which makes me feel that there isn\u2019t a simple yes or no answer.<\/p>\n\n\n\n

\"\"
https:\/\/theaxiom.ca\/wp-content\/uploads\/2023\/03\/zculq7fmfbt0pdj1g3wq7mu4u86a-1.png<\/a><\/figcaption><\/figure>\n\n\n\n

References<\/h2>\n\n\n\n

[1] . https:\/\/www.cyberdaily.au\/security\/11138-german-law-enforcement-successfully-de-anonymises-tor-network-report-claims<\/a><\/p>\n\n\n\n

[2] https:\/\/www.securityweek.com\/tor-responds-to-reports-of-german-police-deanonymizing-users<\/a><\/p>\n\n\n\n

[3] https:\/\/www.theregister.com\/2024\/09\/19\/tor_police_germany<\/a><\/p>\n\n\n\n

[4] https:\/\/cybernews.com\/privacy\/tor-exit-node-operator-raided-germany<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

A recent article posted on September 19th claims to have seen evidence that German police and authorities successfully de-anonymized a Tor user which resulted in their arrest and conviction back in 2022. [3] Tor has and is still the main method for someone to anonymously access the internet and the dark web. Anonymity has made … <\/p>\n

Continue reading “Tor’s Broken?”<\/span><\/a><\/p>\n","protected":false},"author":680,"featured_media":1113,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1112","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","entry"],"featured_image_src":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-content\/uploads\/sites\/119\/2024\/11\/torlogo-600x400.png","featured_image_src_square":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-content\/uploads\/sites\/119\/2024\/11\/torlogo-600x600.png","author_info":{"display_name":"Hayden McNally","author_link":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/author\/hayden-mcnally\/"},"_links":{"self":[{"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/posts\/1112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/users\/680"}],"replies":[{"embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/comments?post=1112"}],"version-history":[{"count":6,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/posts\/1112\/revisions"}],"predecessor-version":[{"id":1203,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/posts\/1112\/revisions\/1203"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/media\/1113"}],"wp:attachment":[{"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/media?parent=1112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/categories?post=1112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-json\/wp\/v2\/tags?post=1112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}