The Tor Project has issued a statement in response to recent claims of a targeted de-anonymization attack on a Tor user. The attack, reportedly a “timing analysis” method, involved the long-retired Ricochet application.
Although the incident raises concerns about the security of Tor’s Onion Services, the project maintains that its network remains healthy and that Tor Browser is still one of the best tools available for anonymous web browsing.
The attack was first brought to public attention through an investigative report by Panorama, which examined how law enforcement agencies, including those in Germany, the U.S., and the U.K., managed to infiltrate the Tor network. The report focused on “timing analysis,” a technique where the size and timing of encrypted data packets are analyzed to trace a user’s activity.
Importantly, this method does not exploit any flaws in Tor’s software but rather leverages surveillance of Tor relays to deanonymize specific targets. The German Federal Criminal Police Office (BKA) is said to have used this method in cases like the takedown of the “Boystown” darknet platform.
The de-anonymization occurred through a sophisticated guard discovery attack, targeting a user of the outdated Ricochet software. Ricochet was discontinued and replaced by a more secure version called Ricochet-Refresh. According to Tor, the old version lacked protections like “Vanguards-lite,” introduced in June 2022 to prevent this specific type of attack. Vanguards-lite was designed to counteract adversary-induced circuit creation that leads to de-anonymization by discovering the user’s Guard relay.
Tor’s statement emphasized that while this attack occurred between 2019 and 2021, the current state of the Tor network is a lot more secure, and updates to the software offer enhanced protections against the described attacks. However, the project called for more transparency and collaboration from those with knowledge of the incident.
Unlike the Chaos Computer Club (CCC), which had access to court documents related to the case, The Tor Project was only given limited information, leading them to request public assistance to fully investigate the details of the attack. The CCC confirmed that law enforcement had used “timing” techniques to deanonymize certain Tor users but raised concerns about the broader implications of such methods being available to authoritarian regimes.
The Tor network, which now boasts over 2,000 exit nodes, remains robust despite the concentration of some nodes in specific countries and hosting centers. Tor’s leadership acknowledged that network diversity—both geographically and operationally—remains a challenge, but ongoing efforts are being made to mitigate risks.
For example, initiatives like the Electronic Frontier Foundation’s (EFF) Tor University Challenge and the introduction of a network health API at DEF CON have been launched recently to bolster the network’s security and performance.
Users concerned about these relevations should ensure they are using the latest versions of Tor Browser and associated tools, which include security features like Vanguards-lite. Also, minimizing connection duration can reduce vulnerability to timing analysis attacks.
Finally, Tor called for volunteers to contribute bandwidth and operate Tor relays to increase geographic and operational diversity, making surveillance harder.
lelow
See https://sasha35625.medium.com/what-is-web3-7fabbaa3eabf
I had posted in 2022 about facts I ran across from 12/2018. “Most of it sounded promising back then, but adoption lacks possibly in the mainstream server’s network.”
Article states, “Only with emergence of blockchain the whole puzzle of Web3 came together. Blockchain is a paradigm shift that allows us to create systems which run “on their own”, by the protocol agreed before their launch. We can construct decentralized systems which can become that layer on which you don’t have to give up on control over your data, where all your data belongs to you.
Web3 products are just emerging. But it’s clear what they will and won’t do. You will be able to explicitly allow access to your data. You won’t need to trust third parties with storing your passwords. You won’t let anybody erase your data either.
Governments will finally understand that you can’t solve all the problems by just banning things, you need to dig deeper and fight the root of the problem.”
dilbert
according to this website tor is garbage and should never be trusted https://restoreprivacy.com/tor/
Anonymous
Tor is insanely difficult too setup relays for . With so few people actually running relays , this type of attack was possible . A network so hostile too you joining cant be safe . Running a relay is almost impossible too setup . I actively run nodes on Freenet ( Hyphanet ) and I2p .
Tor is in cooperation with governments ….. because it is FUNDED by governments . I2p and Freenet are all backwood coder projects that dwarf the security of Tor .
9o5
Oh please stay on the reply line, I have some questions if you don’t mind @ANONYMOUS.
For a general base-line, say each network has its unique strengths and weaknesses.
– Freenet excels at anonymous data publishing.
– I2P provides a decentralized and resilient anonymity solution.
– Tor is optimized for anonymous proxying to the regular internet.
Depending on your specific needs, you may choose to use one or a combination of these networks to achieve your desired level of anonymity and privacy.
Considering use cases,
– Freenet: Suitable for sensitive information sharing, whistleblowing, and peer-to-peer data publishing.
– I2P: Ideal for general-purpose internet use, including browsing, email, and instant messaging, with a focus on anonymity and censorship resistance.
– Tor: Suitable for anonymous proxying to the regular internet, making it suitable for activities like browsing, email, and instant messaging.
Is it statistically impossible to have any one network used in covering all the anonymity, security, and privacy designed for individual users, and managed within the network itself?
What are any thoughts you have about the present anonymity networks designed for individual users, as their architecture changing with the advancements of Private 5G and Web3?
– That latter mentioned has its focus on secure data transmission and decentralized networks for enterprise and industrial use cases.
Similar to traditional home routers, private 5G networks employ CG-NAT to translate private IP addresses to public IP addresses for external communication.
Private 5G networks utilize private IP address ranges to assign unique addresses to devices within the network. These addresses are not routable on the global Internet and are only accessible within the private 5G network.
While all these networks share some similarities, their primary goals and design approaches differ significantly in use cases.
Anonymity networks rely on complex routing and encryption, whereas Private 5G and Web3 leverage advanced encryption and access control.
Thanks for your thoughts and interests!
Anonymous
I think most have not seen the writing on the wall when it comes too Tor . One thing is for certain : the glowies are and have been all over it in recent years . I dont think the police would say something like this if it didnt have some truth too it . They can train a AI program too go threw all the IPs a node connected too and make a good guess . It has been known for years that this is a week spot in the system that wont be fixed unless more people start running nodes ……. Too which Tor is hostile . I seen a uptick in new routers recently on I2p , in the ballpark of 1600 routers .
9o5
Thats true Anonymous in those points presented.
Would this be viable answer in my quedtion of; “Is it statistically impossible to have any one network used in covering all the anonymity, security, and privacy designed for individual users, and managed within the network itself?”
Deeper Network Concept, a Network as decentralized, blockchain-powered infrastructure that combines network security, sharing economy, and blockchain technology to create a global peer-to-peer network.
Link has ‘shop’ in it but, it lands on their Ecosystem path.
https://shop.deeper.network/pages/ecosystem
Their BLOG
https://shop.deeper.network/pages/blog/all
9o5
For more see, digital flux comment, and other network comments.
https://restoreprivacy.com/privacy-tools/#comments-1297730
Private 5G explained
https://media.arubanetworks.com/Products%20and%20Solutions/HPEArubaNetworking-private5g.mp4