Tor Project, A Privacy Tool
Tor is a privacy software used for keeping your identity secret by rerouting your web traffic through several nodes (computers) worldwide, which makes it difficult to track where the user traffic is coming from. In a change of events, an investigative report warned that law enforcement from Germany and across the have collaborated to deanonymize users via timing attacks.
The Tor project, however, is trying to assure users that the network is still safe. The team behind Tor assures proper measures are followed for users using the latest versions, stressing that timing attacks is an old technique and solutions can mitigate it.
Catching Child Abusers Using Tor
Known for its privacy services, Tor is generally used by journalists and activists while communicating with sources to avoid censorship in countries that curb press freedom. The project boasts a long list of genuine users, but because of its secrecy, threat actors also use Tor to host illegal marketplaces and avoid law enforcement.
German portal Panorama has issued an investigative that says court documents revealed that law agencies use timing analysis attacks via Tor nodes in large numbers to track and arrest the main culprits behind the child abuse platform “Boystown.”
In the Tor timing attack, the users are deanonymized without abusing any vulnerabilities in the tool, the focus is on noticing the timing of data entering and exiting the network.
If the threat actor is controlling the Tor nodes or tracking exit and entry points, they can compare the entry and exit time data, and in case of a match, use the data to trace the traffick back to a particular user.
If the attacker controls some of the Tor nodes or is monitoring the entry and exit points, they can compare the timing of when data enters and leaves the network, and if they match, they can trace the traffic back to a particular person.
Tor’s Reply
The Tor Project is not happy about not getting access to the court documents that can help them understand and verify security-related questions. “We need more details about this case. In the absence of facts, it is hard for us to issue any official guidance or responsible disclosures to the Tor community, relay operators, and users,” reads the Tor statement.