Report: NSA targets Tor network that protects user anonymity

The National Security Agency (NSA) has made numerous attempts to attack Tor, a popular software that is designed to protect online anonymity and receives most of its funding from the U.S. government itself, the Guardian newspaper reported Friday.

Tor, short for The Onion Router, is an open-source public project that was initially developed by the U.S. Naval Research Laboratory with the primary purpose of protecting government communications. It gets about 60 percent of its funding from the State Department and the Department of Defense, the NSA's parent agency. 

The Guardian’s report – based on information from whistle-blower Edward Snowden, a former contractor for U.S. intelligence agencies – detailed how the NSA developed multiple strategies and expended considerable energy attacking Tor, but ultimately failed to undermine the service's ability to make users anonymous.

The report said the fundamental security of the Tor service remained intact. It cited a top-secret NSA presentation, titled "Tor Stinks," which stated: "We will never be able to de-anonymize all Tor users all the time." 

The Tor project is part of the Obama administration's Internet freedom agenda, a campaign to advance human rights around the world and help citizens living under repressive regimes bypass Internet censorship. 

The program makes users anonymous and helps them circumvent censorship tools by bouncing Internet traffic through several other computers. Many activists, journalists and dissidents around the world use the service to keep their communications private and avoid government retaliation.

Law-enforcement officials say criminals – including those engaged in terrorism, pedophilia and online drug trafficking – also use the service. 

The Guardian has been publishing a series of articles chronicling NSA surveillance, details of which it obtained from Snowden, since June. The leaks revealed how the NSA, in the name of fighting terrorism, has tapped the phone calls and Internet activities of millions of users around the world.

Friday’s Guardian report said that the NSA can only identify a very small fraction of Tor users, and that the agency has had "no success de-anonymizing a user in response" to a specific request.

Unable to undermine the service itself, the agency has attempted to indirectly crack the program by targeting users. One strategy included attempts to direct traffic toward NSA-operated servers, and another included attacking vulnerable software used by Tor users, such as the old version of the Firefox browser, the report said. 

The NSA also measured the timings of messages entering and exiting the network to try and identify users, the Guardian said, adding that in some cases, malicious code was implanted on the computers of Tor users visiting particular sites.

The NSA is legally prohibited from spying on U.S. citizens, and experts say its conduct is likely to have legal implications. One concern is whether the surveillance programs deliberately or inadvertently targeted U.S. users. 

"The NSA apparently believes it can conduct this surveillance because 30 years ago the Supreme Court upheld the government’s warrantless collection of basic information about a criminal suspect's telephone calls over the course of a single day,” the American Civil Liberties Union said on its website. “But the claim that this narrow case from the analog era authorizes the mass surveillance of hundreds of millions of Americans is outlandish." 

For its part, Tor warned users on its website that it was an "open question how much protection" the service provides "against the NSA’s large-scale Internet surveillance," before instructing users to also employ other tools "you need to be secure on the Internet."

The Guardian said it sought NSA comment on the agency’s conduct and whether it ensured that its attacks did not interfere with the secure browsing of law-abiding citizens.  

The agency responded with a statement defending its work, and said that it “collects only those communications that it is authorized by law to collect,” adding “terrorists, cybercriminals, human traffickers and others use technology to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that."

Al Jazeera