Tor founder Roger Dingledine has reported today that some of the network specialized servers have been compromised.
Websites on the Tor network have been under attack by government law enforcement agencies for more than a year, beginning with the take down of the first Silk Road last year.
Since that time, several other websites have been closed down by joint operations of the US Department of Justice and European police agencies. Reports today indicate a new attack. Dingledine said:
“The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities.”
These attacks were apparently not unexpected by Dingledine. He said in a blog post last week that they learned from a tipster that attacks were forthcoming:
The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.
The question of whether Tor is still safe to use is up for debate. Understanding that the Tor network is “centralized,” we know that it can be compromised because attackers would merely need to extract five unexpired signing keys. This would allow them to make up their own consensus and point people to their own relays.
It is easy to see how this could present a serious problem. Thomas White, an operator for a large Tor exit-node cluster reports that this problem might have come to a head. White’s servers have been compromised, which he noticed due to some “unusual activity.” Since then, he has lost control of all the servers that were operating under that ISP and his account has been suspended.
White reports that the breach seems to have come directly from the servers themselves after an “unknown USB device” was plugged in only seconds before he lost connection. This type of attack, since it would have to have come from the facilities of the ISP, is commonly how law enforcement conducts these raids. White is warning all users to avoid his mirrors/servers for the foreseeable future.
We have here a perfect example of the importance of deregulation, and how vital ideas like Bitcoin can be to our future privacy. The truth is that, if governments truly want to shut down Bitcoin, they can. But centralization makes it much easier to control people’s finances, and thereby their lives. If a government were to make Bitcoin use illegal, as we saw in Bangladesh, people would still use it, but most of its true power would be lost simply because merchants could not accept it. However, with a centralized system, as we have seen with Tor, not only can governments make it difficult to use the service, they can freeze funds in accounts with impunity, something that is impossible in a decentralized blockchain.
Did you enjoy this article? You may also be interested in reading these ones:
- Blockchain.info Adds Additional Tor Security Features to Head Off Man-In-the-Middle Attacks
- Researcher Discovers Tor Is Vulnerable To Malware Binaries Inserted By Exit Nodes
- Tor Confirms Attack May Have Deanonymized Users