Yet another report on NSA activity from The Guardian indicates that the agency has tried repeatedly to unmask users of Tor, a system for anonymizing your identity online. For users of the system, there is good news: the agency has been unsuccessful.
Before going too far, it's important to understand what Tor does. The NSA created this graphic to help explain.
The "terrorist," at left, is playing the role of a user. When he goes online, his requests for information are routed through a number of other servers before arriving at their destination. It's the online equivalent of trying to shake someone who's following you by running into stores and leaving out the back door. Except with a lot more stores and a lot more doors. In our guide to hiding from the NSA, we explained how Tor works (and linked to its toolset), noting that the size and distribution of how it routes information makes it very hard to work backward and see where someone started. In essence, you'd need to in advance know how everyone moved through every server — track the foot traffic of every store in a very, very big city — to figure that out. (The Washington Post has a good explainer on this whole thing.)
This is why Tor frustrates the NSA so much. The slideshow from which that image above is taken is called "Tor Stinks," which is partly a joke about how Tor used to be short for "The Onion Router" and is partly corny office humor. Using information found in that and another presentation provided by Edward Snowden, The Guardian explains what the NSA hoped to do.
The proof-of-concept attack demonstrated in the documents would rely on the NSA's cable-tapping operation, and the agency secretly operating computers, or 'nodes', in the Tor system. However, one presentation stated that the success of this technique was "negligible" because the NSA has "access to very few nodes" and that it is "difficult to combine meaningfully with passive Sigint". …
Other efforts mounted by the agencies include attempting to direct traffic toward NSA-operated servers, or attacking other software used by Tor users. One presentation, titled 'Tor: Overview of Existing Techniques', also refers to making efforts to "shape", or influence, the future development of Tor, in conjunction with GCHQ.
So that's a few things. One, they tried an attack that was based on de-anonymizing users — the let's-figure-out-everyone-in-every-store-retroactively approach. Then they tried including their own servers in the cloud, tried undermining the Tor software (available here), and tried to influence how Tor is developed in the future. That last strategy mirrors how the NSA weakened encryption standards, apparently successfully.
Over at its Tumblr, the Director of National Intelligence offers his thoughts on the report. "The articles fail to mention that the Intelligence Community is only interested in communication related to valid foreign intelligence and counterintelligence purposes," he writes, "and that we operate within a strict legal framework that prohibits accessing information related to the innocent online activities of US citizens."
One amusing point to emerge from the new reports is that the NSA, in another of its presentations, reproduces an instructional slideshow from the Electronic Frontier Foundation. The EFF responded to that by pointing out that the NSA's use violated the organization's Creative Commons license.
It's great even NSA is using our Tor explainer. But they're violating our CC license by classifying it Top Secret. https://t.co/m1B2kzsr0W— EFF (@EFF) October 4, 2013
JUST KIDDING: @NSA you're free to use our materials for commentary and criticism just like everyone else. Hooray for fair use.— EFF (@EFF) October 4, 2013
In short, then, the new Guardian story is this: The NSA considers the anonymity provided by Tor to be a threat, and is actively trying to figure out how it can engineer a way to track people's activity online. As of the point at which its presentations were created, it hadn't done so.
This new NSA story is actually good news: NSA has failed to crack Tor. It still works and is still the best way to provide anonymity online.— Trevor Timm (@trevortimm) October 4, 2013
Photo: NSA chief Keith Alexander. (AP)