Report: NSA has little success cracking Tor

The agency has attacked other software, including Firefox, in order to compromise the anonymity tool, according to documents

By , IDG News Service |  Security, NSA, privacy

NSA efforts to compromise "anonymous online communication" is justified, U.S. Director of National Intelligence James Clapper said in a statement released late Friday.

News articles on the NSA's Tor efforts "fail to make clear that the intelligence community's interest in online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies," Clapper said. "The articles fail to mention that the intelligence community is only interested in communication related to valid foreign intelligence and counterintelligence purposes and that we operate within a strict legal framework that prohibits accessing information related to the innocent online activities of U.S. citizens."

U.S. residents want intelligence agencies to keep them safe, and many recent news articles have "painted an inaccurate and misleading picture" of U.S. intelligence agencies, the statement continued.

"Americans depend on the intelligence community to know who and what the threats are, and where they come from," Clapper added. "They want us to provide policy makers with the information necessary to keep our nation safe, and they rightfully want us to do this without compromising respect for the civil liberties and privacy of our citizens."

The NSA documents provided by Snowden detail what the Guardian story calls "proof-of-concept attacks" on Tor. One technique is for the agency to look for patterns in the signals entering and leaving the Tor network, then trying to de-anonymize users. The documents also discuss the NSA secretly operating computer nodes in the Tor network, but the success of that effort was "negligible" because the agency has access to few nodes.

The documents also talk about efforts by the NSA and the U.K.'s GCHQ intelligence agency to influence the future development of Tor.

The story details efforts by the NSA to compromise Tor users through Firefox, but the NSA's documents say Mozilla fixed the vulnerability the agency was taking advantage of in Firefox 17, released in November 2012. The NSA had not been able to compromise users of Firefox 17 and later versions between late 2012 and this January, when the NSA documents were written, the Guardian story said.

Mozilla, in an August blog post, said it is investigating a vulnerability in older versions of Firefox. A spokeswoman declined further comment.

Roger Dingledine, director of the Tor project, its "good news" for the project that the NSA attacked with a browser exploit,

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question