Report: NSA has little success cracking Tor

The agency has attacked other software, including Firefox, in order to compromise the anonymity tool, according to documents

The U.S. National Security Agency has repeatedly tried to compromise Tor, the government-funded online anonymity tool, but has had little success, according to a new report in the U.K.'s Guardian.

The NSA has tried multiple strategies for defeating Tor, with its most successful method focused on attacking vulnerable software on users' computers, including the Firefox browser, according to the report, published Friday. In the Firefox attack, NSA agents have been able to gain "full control" of targets' computers, said the report, citing documents given to the Guardian by former NSA contractor Edward Snowden.

NSA documents provided by Snowden, which the Guardian began publishing in June, say the agency is collecting bulk phone records in the U.S. as well as Internet communications overseas.

But in many cases, the NSA has been frustrated in its efforts to target Tor users, an irony because the open-source project is largely funded by the U.S. Department of Defense, the NSA's parent agency, and the U.S. Department of State.

"We will never be able to de-anonymize all Tor users all the time," according to one NSA document quoted by the Guardian. "With manual analysis we can de-anonymize a very small fraction of Tor users." The NSA has had "no success de-anonymizing a user in response" to a specific request, the document said.

Tor is "the king of high-secure, low-latency internet anonymity," the report quotes another NSA document as saying.

Tor routes Internet traffic through a number of relays as a way to keep communications anonymous. The State Department promotes the software to activists in countries with strong censorship regimes, including Iran and China.

An NSA spokeswoman referred a request for comments on the story to a previous statement from the agency:

"In carrying out its signals intelligence mission, NSA collects only those communications that it is authorized by law to collect for valid foreign intelligence and counterintelligence purposes, regardless of the technical means used by those targets or the means by which they may attempt to conceal their communications. ... It should hardly be surprising that our intelligence agencies seek ways to counteract targets' use of technologies to hide their communications.

"Throughout history, nations have used various methods to protect their secrets, and today terrorists, cybercriminals, human traffickers and others use technology to hide their activities," the statement continued. "Our intelligence community would not be doing its job if we did not try to counter that."

The NSA documents provided by Snowden detail what the Guardian story calls "proof-of-concept attacks" on Tor. One technique is for the agency to look for patterns in the signals entering and leaving the Tor network, then trying to de-anonymize users. The documents also discuss the NSA secretly operating computer nodes in the Tor network, but the success of that effort was "negligible" because the agency has access to few nodes.

The documents also talk about efforts by the NSA and the U.K.'s GCHQ intelligence agency to influence the future development of Tor.

The story details efforts by the NSA to compromise Tor users through Firefox, but the NSA's documents say Mozilla fixed the vulnerability the agency was taking advantage of in Firefox 17, released in November 2012. The NSA had not been able to compromise users of Firefox 17 and later versions between late 2012 and this January, when the NSA documents were written, the Guardian story said.

Mozilla, in an August blog post, said it is investigating a vulnerability in older versions of Firefox. A spokeswoman declined further comment.

Roger Dingledine, director of the Tor project, its "good news" for the project that the NSA attacked with a browser exploit,

That means "there's no indication they can break the Tor protocol or do traffic analysis on the Tor network," he said in an email. "Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard."

Even with the NSA attacks, Tor can still help protect anonymity, he added. "You can target individuals with browser exploits, but if you attack too many users, somebody's going to notice," he said. "So even if the NSA aims to surveil everyone, everywhere, they have to be a lot more selective about which Tor users they spy on."

But Tor won't keep users safe in all cases, he added. "Browser exploits, large-scale surveillance, and general user security are all challenging topics for the average Internet user," he said. "These attacks make it clear that we, the broader internet community, need to keep working on better security for browsers and other Internet-facing applications."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags U.S. Department of DefenseU.S. National Security AgencyRoger DingledineencryptionU.S. Department of StategovernmentinternetprivacymozillaGCHQintrusionsecurityEdward Snowden

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?