- Watch Tiffany Pollard sell the sh*t out of Fenty Beauty makeup Monday 8:05 PM
- Speech pathologist sues Texas school district for right to boycott Israel Monday 5:25 PM
- ‘Fresh Prince’ actor sues Fortnite developer for using the Carlton dance Monday 4:40 PM
- 3D-printed head fools Android facial recognition Monday 3:01 PM
- FCC finally releases emails on Ajit Pai’s ‘Harlem Shake’ video Monday 2:33 PM
- Wall Street Journal website hacked with ‘apology’ to PewDiePie Monday 1:26 PM
- YouTube star James Charles feels ‘unsafe’ after home address leaks Monday 12:28 PM
- Jordan Peterson claims he’s building an alternative to Patreon Monday 12:19 PM
- We might finally see a same-sex Barbie set, thanks to this couple’s Instagram post Monday 12:16 PM
- Tumblr’s porn ban is here—and Twitter’s mourning it with memes Monday 11:58 AM
- Facebook blocks article on Yemeni crisis over photo of starving child Monday 11:55 AM
- Netflix reveals all-star voice cast for ‘Dark Crystal’ prequel Monday 11:51 AM
- Netflix warns users to be cautious of new phishing scam Monday 11:04 AM
- 8 last-minute gift ideas that are popular on Amazon Monday 11:00 AM
- PewDiePie takes big lead in subscription race after YouTube deletes spam Monday 10:56 AM
Worse, these attackers may have helped others.
Who’s watching the anonymous? A whole lot of people it turns out.
The developers of Tor, the powerful anonymity tool with millions of users around the world, recently found a group of nodes in their network that “we assume were trying to deanonymize users,” project leader Roger Dingledine wrote in a security advisory notice.
Plenty of people want to break Tor—governments, hackers, spy agencies—but the newest suspects are none of the above. Instead, Dingledine points to academia.
Earlier this month, a lecture promising to break Tor on a $3,000 budget was announced and then canceled without much explanation. The presenters, from Carnegie Mellon University, have reportedly been mostly silent when Tor’s developers asked them for details. Dingledine suspects that the lecturers are “likely” behind this attack.
Dingledine suspects that the spying relays attempted to control and look in on a person’s entry and exit into the Tor network, giving them the ability to see a person’s IP address and destination. You can find a more technical explanation here.
Dingledine called the attack “actually pretty neat from a research perspective.”
Tor developers, who found the the spying group of relays on July 4, say the relays target users who operate or access Tor hidden services, the anonymous websites that exist entirely within the Tor network. The most famous example is probably Silk Road but others include SecureDrop, a tool designed to allow anonymous communications between journalists and sources.
“The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4,” Dingledine wrote. “While we don’t know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.”
No one yet knows what this means for Tor users but the attackers may have been able to find out the location of hidden services, a crucial step in deanonymizing Tor’s users. Worse yet, Tor’s developers say that this attack may have inadvertently helped other attackers reveal Tor users.
Photo by langalex/Flickr (CC BY-SA 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.