- How to watch ‘Game of Thrones’ season 8, episode 6 for free 5 Years Ago
- These ‘Game of Thrones’ houses are gone forever 5 Years Ago
- The 10 best anime movies on Hulu Today 7:00 AM
- Vibe TV puts a premium price tag on piracy Today 6:00 AM
- Twitter unites in collective confusion over ‘Democrats for Trump’ trending Saturday 2:28 PM
- YouTube star tweets and deletes video of his Black cousin ‘Peanut’ acting as a stool Saturday 1:04 PM
- The ‘Do you wash your legs in the shower’ debate has now escalated to feet Saturday 12:20 PM
- Donald Trump posted a world-class golf score, and the internet laughs at him Saturday 10:46 AM
- Lili Reinhart dragged the ‘Game of Thrones’ petition, sparking debate about TV and ‘fan service’ Saturday 9:42 AM
- How to stream UFC Fight Night 152 for free Saturday 8:00 AM
- People keep calling the ‘Game of Thrones’ creators by their initials—and it’s confusing D&D players Saturday 8:00 AM
- After infidelity and abuse accusations, ProJared said his wife wanted an open marriage Saturday 7:40 AM
- ‘Jailbirds’ prioritizes petty drama over insight Saturday 7:30 AM
- How to stream Deontay Wilder vs. Dominic Breazeale for free Saturday 7:00 AM
- How to live stream Josh Taylor vs. Ivan Baranchyk on DAZN Saturday 6:00 AM
Can one of the most popular and powerful anonymity tools on the Internet be broken?
Is Tor, one of the most popular and powerful anonymity tools on the Internet, broken?
Two hackers are promising to show how they’re able to deanonymize Tor users with a measly $3,000 budget at Black Hat 2014, a major hacking conference in Las Vegas next month.
“In this talk, we demonstrate how the distributed nature, combined with newly discovered shortcomings in design and implementation of the Tor network, can be abused to break Tor anonymity,” the presenters, Alexander Volynkin and Michael McCord, explain.
The briefing is titled, “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget.”
With “a handful of powerful servers and a couple gigabit links”—easily within the resources of the world’s major intelligence agencies, criminal collectives, hacktivist groups, private companies, and more—thousands of Tor clients and hidden services can be revealed “within a couple of months,” the pair says.
Volynkin, a research scientist, and McCord, a software vulnerability analyst, haven’t revealed many specifics to the public yet, but many Tor community members are hoping that they’ve followed responsible disclosure practices and have notified Tor’s developers of any potential exploits that can put the anonymity of millions of users at risk.
Documents revealed in 2013 due to Edward Snowden’s NSA leaks revealed details that the intelligence agency had tried but largely failed to break Tor. The NSA slides even called Tor “the King of high secure, low latency Internet anonymity,” with “no contenders for the throne in waiting.” Last week, it was revealed that the NSA targets even those who read about Tor online as “extremists.”
No one has yet seen or reviewed the talk, so it’s impossible to verify the presenters’ claims. Even though the Tor community has been talking at length about the $3,000 demonstration, no official Tor developer has given comment.
The demonstration will cover “the nature, feasibility, and limitations of possible attacks, and then dive into dozens of successful real-world de-anonymization case studies, ranging from attribution of botnet command and control servers, to drug-trading sites, to users of kiddie porn places,” the presenters say.
Black Hat USA 2014 takes place Aug. 2-7 in Las Vegas.
Photo via Alex/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.