- Kylie Jenner found a way to make Kobe Bryant’s death about her 6 Years Ago
- Warren calls for harsh penalties for tech companies that spread voter disinformation 6 Years Ago
- ‘Vanderpump Rules’ recap: Miami vices and vexes Today 12:24 PM
- Teen gets harmonica stuck in mouth, documents it on TikTok Today 11:08 AM
- Joey Salads got his DNA results in and now he’s tweeting the N-word Today 10:58 AM
- NikkieTutorials says she knows who blackmailed her Today 10:22 AM
- Seth Rogen is making a movie about a deadly meme Today 9:30 AM
- Ring should be shut down ‘immediately,’ Amazon engineer warns Today 9:19 AM
- Joe Biden wants his own Bernie Bros Today 8:57 AM
- Twitch star Adept shares heartwarming story about meeting Kobe Bryant Today 8:44 AM
- ‘Promising Young Woman’ unravels the complexities of a revenge fantasy Today 8:35 AM
- Review: ‘Next in Fashion’ is Netflix’s latest attempt at reality TV Today 7:00 AM
- What is Byte, and can it really compete with TikTok? Today 7:00 AM
- Migrants are under social media surveillance—and that’s a problem for everyone Today 6:00 AM
- Gabrielle Union deserves better from Terry Crews Tuesday 11:12 PM
How Bitcoin and Tor fail to obscure your identity
Think you’re a master of Internet stealth? Think again.
Privacy is a big concern for Internet users, not least when, say, they’re smuggling drugs. And as a recent experiment’s shown, two services heavily reliant on the promise of anonymity—the “untraceable” cryptocurrency Bitcoin, which facilitates the online black market Silk Road, and the Tor network, designed to obscure your location and Internet usage—have plenty of vulnerabilities when it comes to protecting identities.
Tor, for its part, was the subject of a study by the U.S. Naval Research Laboratory and Georgetown University called “Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries.” In it, researchers found that the network’s security was even shabbier than previous reports had indicated. Although it uses thousands of relays to prevent traffic analysis, hackers—or “realistic adversaries”—with control of one or more routers can analyze where the traffic enters and exits Tor, using that data to pin down users’ personal details.
The results show that Tor faces even greater risks from traf?c correlation than previous studies suggested. An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50% probability and within six months with over 80% probability. We observe that use of BitTorrent is particularly unsafe, and we show that long-lived ports bear a large security cost for their performance needs. We also observe that the CongestionAware Tor proposal exacerbates these vulnerabilities.
The threat from these potential adversaries pales in comparison to that of state-backed organizations. Not only can the National Security Agency monitor your activity on Tor, but joining the network makes the agency more likely to collect your data, according to leaked documents.
Meanwhile, in a collaborative project from University of California, San Diego and George Mason University, titled “A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,” researchers assessed the possibility of tracking transactions carried out within the peer-to-peer economy.
To accomplish this task, we developed a new clustering heuristic based on change addresses, allowing us to cluster addresses belonging to the same user. Then, using a small number of transactions labeled through our own empirical interactions with various services, we identify major institutions and the interactions between them. Even our relatively small experiment demonstrates that this approach can shed considerable light on the structure of the Bitcoin economy, how it is used, and those organizations who are party to it.
Although our work examines the current gap between actual and potential anonymity, one might naturally wonder—given that our new clustering heuristic is not fully robust in the face of changing behavior—how this gap will evolve over time, and what users can do to achieve stronger anonymity guarantees. We argue that to completely thwart our heuristics would require a signi?cant effort on the part of the user, and that this loss of usability is unlikely to appeal to all but the most motivated users (such as criminals).
What we can say at this point is that much of the so-called Deep Web is not so impenetrable as it aims to be, and time is not on the side of those conducting illegal business in its shadows. But until different methods for laundering money or trading illicit content online emerge, they may have no choice but to risk their anonymity—not to mention freedom—in order to make a buck.
As for the journalists, dissidents, and whistleblowers who rely on such software? They may soon find their troublesome opinions attached to an unfortunate byline.
Miles Klee is a novelist and web culture reporter. The former editor of the Daily Dot’s Unclick section, Klee’s essays, satire, and fiction have appeared in Lapham’s Quarterly, Vanity Fair, 3:AM, Salon, the Awl, the New York Observer, the Millions, and the Village Voice. He's the author of two odd books of fiction, 'Ivyland' and 'True False.'