Article Lead Image

New research unmasks which websites Tor users visit

Careful what you click.


Patrick Howell O'Neill


Posted on Jul 31, 2015   Updated on May 28, 2021, 6:15 am CDT

Anonymity is an ongoing war. And it just lost a battle.

A new attack on the Tor anonymity network allows adversaries to learn which hidden websites a Tor user visits, as well as the websites’ locations, with up to 88 percent accuracy. 

The new research comes from the Massachusetts Institute of Technology (MIT) and the Qatar Computing Research Institute (QCRI).

Tor works by taking a users’ Internet traffic, encrypting it in multiple layers, and bouncing it around the world. The desired goal is complete anonymity, but continued research shows that’s a tough ambition to always achieve.

Researchers analyzed encrypted traffic patterns passing through a single point in the network in order to infer the location of a hidden service, the name Tor gives anonymous websites on their network.

Tor’s encryption wasn’t broken in the new research, it’s important to note. But even encrypted traffic can give information away. Still the researchers have some suggestions for how Tor Project developers can better protect user privacy.

“We recommend that [the Tor Project] mask the sequences so that all the sequences look the same,” Mashael AlSabah, as a researcher at QCRI and a visiting scientist at MIT, said. To defend against that kind of attack, he added, Tor needed to “send dummy packets to make all five types of circuits look similar.”

H/T CSO Online | Illustration by Max Fleishman 

Share this article
*First Published: Jul 31, 2015, 11:53 am CDT