After investigators of a child pornography ring were found to have compromised Internet anonymity service Tor
in August, it was revealed Friday that the NSA, too, has its sights set
on the network, and have set sophisticated digital traps to ensnare its
users.
The information regarding the Tor surveillance programs was detailed in top-secret documents leaked by Edward Snowden. Security expert Bruce Schneier explained the attacks in a column at The Guardian — but even technically minded folks may find the alphabet soup of acronyms, protocols and secret programs confusing, so we've extracted the main points.
Tor works by taking traffic from one user and passing it between other users of the network, changing the data's path through the Internet constantly and providing effective anonymity. It's so effective, in fact, that the National Security Agency can't actually track someone using it — so it had to find a way to get around it.
What the NSA did was set up what is known as a "man in the middle attack." First, it closely monitored known Tor "exit nodes," where anonymized traffic emerges from the Tor network, waiting for users looking to do a basic task like visit Google. Then, by using the agency's access to Internet infrastructure to respond before Google can, NSA agents would redirect the user's browser to a special webpage where a trap would be sprung.
Read more : http://www.nbcnews.com/technology/how-nsa-got-anonymized-tor-users-8C11339814
The information regarding the Tor surveillance programs was detailed in top-secret documents leaked by Edward Snowden. Security expert Bruce Schneier explained the attacks in a column at The Guardian — but even technically minded folks may find the alphabet soup of acronyms, protocols and secret programs confusing, so we've extracted the main points.
Tor works by taking traffic from one user and passing it between other users of the network, changing the data's path through the Internet constantly and providing effective anonymity. It's so effective, in fact, that the National Security Agency can't actually track someone using it — so it had to find a way to get around it.
What the NSA did was set up what is known as a "man in the middle attack." First, it closely monitored known Tor "exit nodes," where anonymized traffic emerges from the Tor network, waiting for users looking to do a basic task like visit Google. Then, by using the agency's access to Internet infrastructure to respond before Google can, NSA agents would redirect the user's browser to a special webpage where a trap would be sprung.
Read more : http://www.nbcnews.com/technology/how-nsa-got-anonymized-tor-users-8C11339814
0 comments:
Post a Comment