James Delahunty
8 Oct 2013 4:54
According to leaked documents, the National Security Agency (NSA) targeted flaws in the Firefox web browser to attempt to descramble communications over TOR.
The Onion Router - or TOR - is a network that seeks to provide anonymity to users communications either within the network, or with servers based on the Internet. When visiting a website through a browser configured to use TOR, the traffic back and forth bounces through several servers that could be anywhere worldwide in order to make it difficult for both ends of the communication to know the location/identity of the other.
Only the Exit Node - the last TOR node before accessing a web server - could potentially have access to unencrypted data but still would not be aware of the other end of the communication.
From leaked documents published by the Guardian, it appears the NSA was unsuccessful in breaking TOR, and so decided another route; attack the browser and even infect the computer of a potential target in an effort to unmask them and their communications.
Browser flaws could open up the possibility of being unmasked as they could force an unencrypted, un-tunnelled connection between the target computer and a third party server. It also leaves browsers open to the delivery of a malware payload.
The U.S. Government claims that it is an undeniable fact that TOR and similar services are used by adversaries to communicate.