In a recent article of hers Guardian, ο ειδικός σε θέματα ασφάλειας Bruce Schneier ανέφερε ότι η αμερικανική Εθνική Υπηρεσία Ασφαλείας επιτίθεται στους χρήστες του ανώνυμου δικτύου, Tor. Το άρθρο του Schneier, που βασίζεται στα έγγραφα που διέρρευσαν από τον Edward Snowden, ήρθε λίγες μόνο ημέρες μετά το κλείσιμο του Silk Road, μια υπόγεια ιστοσελίδα που χρησιμοποιούσε για τις συνδέσεις της μόνο το δίκτυο Tor.
Below is an analysis of how the NSA had access to the anonymous network, as presented by the DailyDot:
Scan the traffic on the Internet. The NSA uses programs such as Stormbrew, Fairview, Oakstar and Blarney. These programs are categorized by the documents leaked by Snowden as "upstream" data collection programs. Through them, the secret service drew information from the major telecommunications companies and their optical fibers that form the backbone of the Internet.
Record all Tor requests. As the NSA monitors Internet traffic around the world, Schneier says it keeps a "fingerprint" of Tor users' requests across multiple servers. Stores search requests in databases, such as XKeyscore, through which the NSA monitors emails, web browsing, and Facebook chats in real time.
Sighting excessive motion. The NSA uses automated programs to sift data originating from Tor users from all Internet traffic. As Schneier put it: “The same feature that makes Tor a powerful service anonymitys, as well as the fact that all Tor users look alike on the Internet, makes it very easy to differentiate Tor users from other Internet users.”
Redirecting users to NSA servers. The NSA, through major telecommunications companies, redirects Tor users to a system of secret servers dubbed FoxAcid. So the Secret Service has the freedom to place what it calls Quantum servers in key locations points along the optical fiber. These servers pretend to be the legitimate Tor servers that a user is looking for to connect to the network.
Attack on users' computers. Through NSA's controlled FoxAcid system, the service attacks Tor users. These attacks, according to Schneier, exploit the weaknesses of Firefox and thus acquire on the computer of the unsuspecting user.
Identify Tor users. After infiltrating a Tor user's computer, the NSA begins spying on its various activities and is likely to collect both metadata and content from Internet use. From this information, it tries to locate other users.
