Click to Skip Ad
Closing in...

MIT researchers can break Tor anonymity without even touching encryption

Published Jul 30th, 2015 2:25PM EDT
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Before the arrest of Silk Road creator Ross Ulbricht made headlines a few years ago, most everyday web users had never heard of Tor. Originally developed by US Naval Research Laboratory employees, Tor (an acronym for “The Onion Router”) is a popular piece of software designed to enable truly anonymous communications online. Today, it’s estimated that approximately 2.5 million users use Tor on a daily basis.

DON’T MISS: Why does every Android phone company think it can be Apple?

Highlighting Tor’s robust privacy features, a leaked NSA presentation titled ‘Tor Stinks’, courtesy of Edward Snowden of course, reads in part:

We will never be able to de-anonymize all Tor users all the time. With manual analysis we can de-anonymize a very small fraction of Tor users.

The presentation further added that the NSA, at that point in time, was unsuccessful in its efforts to identify an individual anonymous user in response to specific requests.

Suffice it to say, Tor is pretty secure as far as keeping exploits on the web as private as can be.

Nonetheless, researchers at MIT and the Qatar Computing Research Institute have come up with a clever way to track what users on Tor are up to.

ExtremeTech reports:

[Tor] offers anonymous access to online resources by passing user requests through multiple layers of encrypted connections. It all starts at the entry node, sometimes called the guard. That’s the only system that knows your real IP address, but the next node in the chain only knows the IP of the entry node, the next only knows the previous node’s address, and so on until you reach the destination.

The attack targets the previously mentioned entry nodes, as have several attacks in the past. Basically, the attacker sets up a computer on the Tor network as an entry node and waits for people to send requests through it. When a connection is established over Tor, a lot of data is sent back and forth. MIT researchers used machine learning algorithms to monitor that data and count the packets. Using only this metric, the system can determine with 99% accuracy what kind of resource the user is accessing (i.e. the open web, a hidden service, and so on).

All of this without even having to break encryption.

The report further adds that researchers achieved an 88% success rate when attempting to compromise Tor’s hidden services, a feature which protects the specific identification of websites a user is accessing.

The researchers involved plan to discuss Tor’s software vulnerabilities next month at the Usenix Security Symposium. Notably, the researchers have also come up with some proper defenses to their published attacks and have been in contact with representatives of the Tor project about implementing them.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.