- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
- Facebook and Google could be tracking you on porn sites Friday 1:42 PM
- 7 best sites for psychic love readings Friday 1:20 PM
- Driver demonstrates why you always need to read road signs Friday 12:58 PM
- Area 51 remix video proves it’s the summer of Lil Nas X Friday 12:26 PM
- ‘ICE will come’: Convenience store clerk threatens customers speaking Spanish Friday 12:11 PM
- Rand Paul dodges questions about 9/11 Victims Fund, says ‘watch Fox News’ Friday 11:51 AM
- Report: ‘Stranger Things’ season 4 to begin shooting in October Friday 11:03 AM
- AT&T paid Michael Cohen to consult on net neutrality, FBI documents show Friday 9:10 AM
- Mysterio’s ruse changes on a second viewing of ‘Far From Home’ Friday 9:06 AM
- Twitter overturns Barrett Brown’s third permanent suspension Friday 8:49 AM
- How to live stream Liga MX Friday 7:56 AM
Think you’re a master of Internet stealth? Think again.
Privacy is a big concern for Internet users, not least when, say, they’re smuggling drugs. And as a recent experiment’s shown, two services heavily reliant on the promise of anonymity—the “untraceable” cryptocurrency Bitcoin, which facilitates the online black market Silk Road, and the Tor network, designed to obscure your location and Internet usage—have plenty of vulnerabilities when it comes to protecting identities.
Tor, for its part, was the subject of a study by the U.S. Naval Research Laboratory and Georgetown University called “Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries.” In it, researchers found that the network’s security was even shabbier than previous reports had indicated. Although it uses thousands of relays to prevent traffic analysis, hackers—or “realistic adversaries”—with control of one or more routers can analyze where the traffic enters and exits Tor, using that data to pin down users’ personal details.
The results show that Tor faces even greater risks from traf?c correlation than previous studies suggested. An adversary that provides no more bandwidth than some volunteers do today can deanonymize any given user within three months of regular Tor use with over 50% probability and within six months with over 80% probability. We observe that use of BitTorrent is particularly unsafe, and we show that long-lived ports bear a large security cost for their performance needs. We also observe that the CongestionAware Tor proposal exacerbates these vulnerabilities.
The threat from these potential adversaries pales in comparison to that of state-backed organizations. Not only can the National Security Agency monitor your activity on Tor, but joining the network makes the agency more likely to collect your data, according to leaked documents.
Meanwhile, in a collaborative project from University of California, San Diego and George Mason University, titled “A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,” researchers assessed the possibility of tracking transactions carried out within the peer-to-peer economy.
To accomplish this task, we developed a new clustering heuristic based on change addresses, allowing us to cluster addresses belonging to the same user. Then, using a small number of transactions labeled through our own empirical interactions with various services, we identify major institutions and the interactions between them. Even our relatively small experiment demonstrates that this approach can shed considerable light on the structure of the Bitcoin economy, how it is used, and those organizations who are party to it.
Although our work examines the current gap between actual and potential anonymity, one might naturally wonder—given that our new clustering heuristic is not fully robust in the face of changing behavior—how this gap will evolve over time, and what users can do to achieve stronger anonymity guarantees. We argue that to completely thwart our heuristics would require a signi?cant effort on the part of the user, and that this loss of usability is unlikely to appeal to all but the most motivated users (such as criminals).
What we can say at this point is that much of the so-called Deep Web is not so impenetrable as it aims to be, and time is not on the side of those conducting illegal business in its shadows. But until different methods for laundering money or trading illicit content online emerge, they may have no choice but to risk their anonymity—not to mention freedom—in order to make a buck.
As for the journalists, dissidents, and whistleblowers who rely on such software? They may soon find their troublesome opinions attached to an unfortunate byline.
Miles Klee is a novelist and web culture reporter. The former editor of the Daily Dot’s Unclick section, Klee’s essays, satire, and fiction have appeared in Lapham’s Quarterly, Vanity Fair, 3:AM, Salon, the Awl, the New York Observer, the Millions, and the Village Voice. He's the author of two odd books of fiction, 'Ivyland' and 'True False.'