The NSA and TOR

Paul Rosenzweig
Saturday, October 5, 2013, 12:39 PM
TOR (a/k/a The Onion Router) is an anonymous, encrypted web browser bundle that, in theory, is intended to allow for untraceable activity in cyberspace.  Like most tools, it is neutral in value, and thus capable of use for good (it enables journalists to speak with sources and dissidents to communicate without scrutiny by authoritarian governments) and ill (it is widely used by criminals and, some say, by terrorists as well).  Until recently it was thought to be completely impervious to attack -- but recent disclosures suggest that the NSA has been working on the "TOR problem" for a while. 
Meet The Authors

Published by The Lawfare Institute
in Cooperation With
Brookings

Subscribe to Lawfare
TOR (a/k/a The Onion Router) is an anonymous, encrypted web browser bundle that, in theory, is intended to allow for untraceable activity in cyberspace.  Like most tools, it is neutral in value, and thus capable of use for good (it enables journalists to speak with sources and dissidents to communicate without scrutiny by authoritarian governments) and ill (it is widely used by criminals and, some say, by terrorists as well).  Until recently it was thought to be completely impervious to attack -- but recent disclosures suggest that the NSA has been working on the "TOR problem" for a while.  The Washington Post has the story:
[T]he NSA has mounted increasingly successful attacks to unmask the identities and locations of users of Tor. In some cases, the agency has succeeded in blocking access to the anonymous network, diverting Tor users to insecure channels. In others, it has been able to “stain” anonymous traffic as it enters the Tor network, enabling the NSA to identify users as it exits.
There are links to plenty of supporting documents and detail.  As always, those who are prohibited by their employment from reviwing classified material that was disclosed by Edward Snowden should refrain from clicking on the underlying links.
Back to Top
Paul Rosenzweig

Paul Rosenzweig

@RosenzweigP
Read More
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company. He formerly served as deputy assistant secretary for policy in the Department of Homeland Security. He is a professorial lecturer in law at George Washington University, a senior fellow in the Tech, Law & Security program at American University, and a board member of the Journal of National Security Law and Policy.
}

More Articles 

Subscribe to Lawfare