German news outlets reported that police were able to de-identify a Tor user involved in a child sexual abuse network, but the Tor Project says the techniques used appear to rely on an outdated Tor protocol that was updated in 2018.
The Tor Project says its networkâused globally by millions of people to anonymously browse and share information onlineâremains safe and secure despite news reports that German authorities were able to de-anonymize a particular Tor user. On Wednesday, the German outlets Panorama and STRG_F published an article based on documents from a German Federal Criminal Police case that supposedly showed statistical analysis techniques through which âTor anonymity is completely canceled out.â The news sparked immediate concern among Tor users. But the danger seems to have been overstated, according to the Tor Project. In a blog post, the nonprofit organization that maintains the Tor network said that based on the limited information provided to it by the German outlets it appears the Tor user in question was only able to be de-anonymized because they were using an outdated service that had not been updated to use the latest security protocols. âPlease note, that for the great majority of users worldwide that need to protect their privacy while browsing the Internet, Tor is still the best solution for them,â the organization said. âWe encourage Tor Browser users and relay operators to always keep software versions up to date.â Tor anonymizes web traffic by routing it through a mostly random series of servers, or nodes. Only the entry node, or guard node, has access to identifying information about the user and only the last node, or exit node, has information about the web service the user is accessing. Each node in the middle only knows which node it received a data packet from and which node it sent that data packet on to. Because some Tor users take advantage of the service’s anonymity to facilitate crime, law enforcement agencies have been searching for decades for a way to crack that privacy protocol and unmask individual users. That has included compromising some nodes and monitoring the traffic passing through them. The German case stemmed from an investigation into an online child sexual abuse network called Boystown. The Panorama report is light on technical details, but German police appear to have uncovered a guard node associated with an old Tor messaging service Boystown members were using, called Ricochet, by analyzing how long it took data packets to move between Tor nodes authorities had compromised and their source. Over a long period of time, such an analysis could have allowed police to narrow down the geographic region where the guard node was located, said Matthew Wright, a cybersecurity professor at the Rochester Institute of Technology. With that information, police obtained a court order forcing a telecoms provider to identify users who had connected to the given node. The German investigation appears to have taken place between 2019 and 2021. The Tor Project said it released new traffic protocols in 2018 designed to thwart such attacks, but that the older Ricochet service had not implemented them. âBy and large, I donât think these [sorts of attacks] are big threats to Torâ given the new protocols that have been available since 2018, Wright said. âJust like with your phone operating system or your computer, if youâre not updating the software then youâre going to be vulnerable to what the latest attacks areâ
CybersecurityTor
Get the best tech, science, and culture news in your inbox daily.
News from the future, delivered to your present.
Please select your desired newsletters and submit your email to upgrade your inbox.
Don’t give it your Google credentials! Try these troubleshooting tips instead.
Despite its shutdown after just 15 days, the ephemeral network carries significant implications for cybersecurity and future quantum applications.
Human rights activists in Israel and Iran were also targeted.
While a lot of the details aren’t clear yet, the company says hackers made off with customer information, including home addresses.
The Rabbit had an outside firm perform a security audit on Rabbitâs AI device and âlarge action model,â though the hacking group says the report misses the point.
The pick comes at a time when CISAâs head has compared the new technology to nuclear weapons.
Discover the Winners of the 2024 Gizmodo Science Fair â We may earn a commission when you buy through links on our sites.
©2024 GIZMODO USA LLC. All rights reserved. Mode
Follow us
Mode
Follow us