Law Enforcement Undermines Tor
Law enforcement in Germany has infiltrated the Tor network to deanonymize users, raising legal concerns. Monitoring by Telefónica and timing analysis have compromised Tor's effectiveness as an anonymization tool.
Read original article
Recent reports indicate that law enforcement agencies, particularly in Germany, have successfully infiltrated the Tor network to deanonymize users involved in criminal activities. Documents reviewed by journalists reveal that the German Federal Criminal Police Office (BKA) ordered Telefónica (O2) to monitor customers connecting to specific Tor entry relays, a process referred to as IP catching. This surveillance lasted for up to three months, although Telefónica claimed that data from unsuspecting users was deleted immediately. The legality of this measure is questionable, as no clear legal basis was provided. The Tor Project acknowledged that deanonymization was achieved through timing analysis rather than exploiting software vulnerabilities, suggesting that the attack could occur even when the Tor software functions correctly. Reports indicate a significant increase in the monitoring of Tor relays in Germany, with multiple successful deanonymizations documented in various investigations, including Operation Liberty Lane. The implications of these findings raise concerns about the effectiveness of Tor as an anonymization tool, particularly for users of onion services and whistleblowing platforms, where low traffic can facilitate deanonymization.
- Law enforcement agencies have infiltrated the Tor network to expose criminals.
- Telefónica was ordered to monitor Tor users, raising legal and ethical concerns.
- Deanonymization was achieved through timing analysis, not software vulnerabilities.
- The number of monitored Tor relays in Germany has significantly increased.
- The effectiveness of Tor as an anonymization tool is under scrutiny.
Related
Data brokers sell our location data and jeopardise national security
A joint investigation uncovers data brokers selling 3.6 billion location data points from Germany, raising national security concerns. Experts question user consent validity under GDPR, urging stricter regulations to safeguard personal data.
NSA tracks Google ads to find Tor users
The NSA tracks Tor users by purchasing ads on networks like Google, embedding cookies to identify them despite IP changes, raising concerns about privacy and national security balance.
Another police raid in Germany
On August 16, 2024, German police raided Artikel 5 e.V., a non-profit organization. They plan to legally challenge the search warrant and hold a general assembly on September 21, 2024.
Update on an upcoming German broadcasting story about Tor/Onion Services
The Tor Project is investigating claims from a German broadcaster about a deanonymization attack on Onion Services by law enforcement. They have not verified these claims and assure users of continued security.
Is Tor still safe to use?
The Tor Project reassures users that the Tor Browser is secure despite a de-anonymization incident linked to outdated software. They emphasize the need for software updates and network improvements.
14 commentsIs Tor still safe to use? - https://news.ycombinator.com/item?id=41583847 - Sept 2024 (562 comments)
The Nym mixnet[0] seems promising but it's still new and unproven.
I had an idea a while back to make traffic analysis more difficult by building circuits distributed across adversarial countries. Would like to hear thoughts on it.[1]
https://www.dw.com/de/darknet-missbrauchsplattform-boystown-...
https://www.sueddeutsche.de/panorama/kindesmissbrauch-boysto...
Related
Data brokers sell our location data and jeopardise national security
A joint investigation uncovers data brokers selling 3.6 billion location data points from Germany, raising national security concerns. Experts question user consent validity under GDPR, urging stricter regulations to safeguard personal data.
NSA tracks Google ads to find Tor users
The NSA tracks Tor users by purchasing ads on networks like Google, embedding cookies to identify them despite IP changes, raising concerns about privacy and national security balance.
Another police raid in Germany
On August 16, 2024, German police raided Artikel 5 e.V., a non-profit organization. They plan to legally challenge the search warrant and hold a general assembly on September 21, 2024.
Update on an upcoming German broadcasting story about Tor/Onion Services
The Tor Project is investigating claims from a German broadcaster about a deanonymization attack on Onion Services by law enforcement. They have not verified these claims and assure users of continued security.
Is Tor still safe to use?
The Tor Project reassures users that the Tor Browser is secure despite a de-anonymization incident linked to outdated software. They emphasize the need for software updates and network improvements.