AfterDawn: Tech news

NSA targeted Firefox flaws to break TOR communications

Written by James Delahunty (Google+) @ 08 Oct 2013 4:54 User comments (6)

NSA targeted Firefox flaws to break TOR communications According to leaked documents, the National Security Agency (NSA) targeted flaws in the Firefox web browser to attempt to descramble communications over TOR.
The Onion Router - or TOR - is a network that seeks to provide anonymity to users communications either within the network, or with servers based on the Internet. When visiting a website through a browser configured to use TOR, the traffic back and forth bounces through several servers that could be anywhere worldwide in order to make it difficult for both ends of the communication to know the location/identity of the other.

Only the Exit Node - the last TOR node before accessing a web server - could potentially have access to unencrypted data but still would not be aware of the other end of the communication.

From leaked documents published by the Guardian, it appears the NSA was unsuccessful in breaking TOR, and so decided another route; attack the browser and even infect the computer of a potential target in an effort to unmask them and their communications.

Browser flaws could open up the possibility of being unmasked as they could force an unencrypted, un-tunnelled connection between the target computer and a third party server. It also leaves browsers open to the delivery of a malware payload.

The U.S. Government claims that it is an undeniable fact that TOR and similar services are used by adversaries to communicate.

Tags: nsa Tor Firefox
Previous Next  

6 user comments

18.10.2013 17:00

wow

28.10.2013 17:23

NSA spy machine can target individuals with browser exploits, but if they attack too many users, somebody's going to notice.

Tor Q&A page:
http://tor.stackexchange.com

ALSO: NSA attempted to de-anonymize Tor, with little success:
http://www.dailydot.com/news/nsa-tor-cr...snowden-slides/

This message has been edited since its posting. Latest edit was made on 08 Oct 2013 @ 19:29

Live Free or Die.
The rule above all the rules is: Survive !
Capitalism: Funnel most of the $$$ to the already rich.

38.10.2013 18:26

Originally posted by A5J4DX:
wow
Reported.

Life is good!
GrandpaBruce - Vietnam Vet - 1970 - 1971
Computer: Intel Core i7-920 Nehalim;Asus P6T Deluxe V2

48.10.2013 22:45

A5J4DX, he does have a point about your posts as all of them are in the news comments & none in the other forums. except for your reply to this, don't post in the news forum for the next year or be banned.

This message has been edited since its posting. Latest edit was made on 09 Oct 2013 @ 16:43

59.10.2013 1:31

It's hard to say really, maybe to get access to servers within the TOR network it'd be quite hard but in and out torrent packet trackers prove it's not hard to find people who do use TOR and/or encrypt the packets as well.

615.10.2013 13:59

"The U.S. Government claims that it is an undeniable fact that TOR and similar services are used by adversaries to communicate."

Really ? Who are these adversaries they are talking about? Why do I need torrent network to communicate? BitTorrentSynch can do the job perfectly. I can put an encrypted document in a predefined folder on my machine. I could then send the pass word to the recipient in a manner that handles "for your eyes only" in a sort of face to face meeting or written communication. The transfer of files will happen without any other servers coming into the picture.

Believe me I have worked out a method that can encrypt a file and can never be decrypted by even the most powerful MSA servers. This too while just using available freeware encryption tools.

Comments have been disabled for this article.

News archive