In a recent Guardian article, Security Specialist Bruce Schneier reported that the US National Security Agency is attacking users of the anonymous network, Tor. The Schneier article, based on the documents leaked by Edward Snowden, came just days after Silk Road was closed, an underground website that only used the Tor network for its connections.
Below is one analysis του τρόπου με τον οποίο η NSA είχε πρόσβαση στο ανώνυμο δίκτυο, όπως την παρουσίασε η DailyDot:
Scan the traffic on the Internet. The NSA uses programs such as Stormbrew, Fairview, Oakstar and Blarney. These programs are categorized by the documents leaked by Snowden as "upstream" data collection programs. Through them, the secret service drew information from the major telecommunications companies and their optical fibers that form the backbone of the Internet.
Record all Tor requests. Δεδομένου ότι η NSA παρακολουθεί την κίνηση του Διαδικτύου σε όλο τον κόσμο, ο Schneier αναφέρει ότι συγκρατεί τα “δακτυλικά αποτυπώματα” των αιτήσεων των χρηστών του Tor με διάφορους διακομιστές . Αποθηκεύει τις αιτήσεις αναζήτησης σε βάσεις δεδομένων, όπως την XKeyscore, μέσω της οποίας η NSA παρακολουθεί email, περιηγήσεις στον ιστό, και συνομιλίες στο Facebook , in real time.
Sighting excessive motion. The NSA uses automated software to separate data from Tor users across all Internet traffic. As Schneier put it: "The same feature that makes Tor a powerful anonymity service, and the fact that all Tor users are alike on the Internet, makes it very easy to differentiate Tor users from other Internet users. ”
Redirecting users to NSA servers. The NSA via the major telecom companies redirects Tor users to a secret server system called FoxAcid. So the secret service has the ability to place those who call Quantum servers at key points along the optical fiber. These servers pretend to be the legitimate Tor servers a user is looking for to connect to the network.
Attack on users' computers. Through NSA's controlled FoxAcid system, the service attacks Tor users. These attacks, according to Schneier, exploit the weaknesses of Firefox and thus acquire on the computer of the unsuspecting user.
Identify Tor users. After infiltrating a Tor user's computer, the NSA begins spying on its various activities and is likely to collect both metadata and content from Internet use. From this information, it tries to locate other users.
