BY ERIK PILLAR | SEPTEMBER 20, 2015
In the new digital world, privacy remains a bigger issue than ever before. Yearly now it seems, we hear stories of mass hackings and thefts of personal information or photos. Last fall it was the Snapchat hack, and just this summer the private information of thousands of members of the adult dating site Ashley Madison found their information released out into the Internet as well. Our Edgewood College community has not been immune to invasions of privacy either. Phishing attacks continue on, and last week we saw our email service downgraded again.
Despite these invasions of privacy, there are methods available that enable near complete anonymity. The Onion Router, otherwise known as Tor, is one such possible solution. While originally created for use by the United States Navy Research Laboratory, civilian use has spread throughout the world.
Tor protects user identity by running each connection through dozens of relay nodes; normally your connection goes directly to the desired server, and as such it is easy to unmask your identity while browsing. Each node only has the information given to it by the previous node. Since no individual node has the entire path taken from your computer to the server, it is nearly impossible to follow.
Ideally, Tor would only be utilized by journalists and other non-criminal users to uphold their rights or protect themselves from government persecution. This is not the case; Tor has a darker side. One site, called the Hidden Wiki, grants users access to everything from black market sales in drugs and guns to fencing stolen goods, and even had links to child pornography. Just about anything can be bought online with a form of virtual currency called bitcoins.
Some services offered on the dark web include targeted hacking, stalking, and even murder. One chilling advertisement provided specific instructions and payment details for what was called “wet work,” otherwise known as assassination.
Due to the potentially harmful nature of Tor, both the FBI and NSA are currently seeking ways to circumvent the network’s security. “We’ll never be able to fully de-anonymize all Tor users. With manual analysis we can find a very small fraction of users,” said an NSA document released by Edward Snowden. “Tor is the king of high secure, low latency (fast connection) internet anonymity.”
That’s not to say government agencies have given up the fight. In fact, through exploitation of an outdated bug in the Tor bundle, via Mozilla Firefox, the FBI has launched a series of successful raids on various child pornographers and viewers of such illegal material. Other Tor related busts have been carried out through FBI seizure and control of major Tor server nodes, and even state sanctioned hackings.
A recent method of attack against Tor comes in the form of what is called a denial of service (DoS) attack. The attacker will send a large amount of traffic to the target Tor server, thus making the site slow or impossible to access. In addition to DoS, some Tor sites have been facing distributed denial of service (DDoS) attacks. This is similar to standard DoS, but the traffic is sent from multiple locations and is much harder to defend against.
“This DoS seems to be slowing down the network, but not de-anonymizing users,” said Tor Project director of communications Kate Krauss.
By no means are criminals the only users of Tor. In July, the Kilton Public Library in New Hampshire became the first library in the country to utilize a Tor connection and server. More and more Internet users are searching for methods of upholding their rights to privacy online, and slowly hidden services like Tor are becoming more mainstream.
Shortly after bringing their Tor server online, the Kilton Public Library was contacted by the U.S. Department of Homeland Security. Kilton agreed to shut down their Tor operations temporarily. After local protest and support throughout the Internet, Kilton has since reactivated their Tor server and intends to continue offering the hidden service to their guests.
Sean Fleming, Kilton Public Library director, told reporters that DHS would hold the library responsible for any illicit activity going through their Tor servers. Fleming was surprised at the DHS statement, as illegal activity carried out via their normal public Internet connection has never been their responsibility before. Fleming mentioned a similar case in the past as an example, “He (a library guest) was sending inappropriate emails to underage girls, and he was arrested. Nobody said ‘you should turn off your internet’ then.”
Despite the recent problems Tor has faced, The Tor Project is looking to expand the network’s capabilities. “We want to make this technology available to the wider public. These services will play a key role in the future of secure communications. This means we must increase the uses for hidden services, bring them to mobile platforms for anonymous apps, and vastly increase the number of people who use them,” said officials of The Tor Project.