Pages

1 October 2015

Russian SIGINT Effort to Solve TOR Anonymizer Service Runs Into Trouble

September 28, 2015

Russia Chokes On Tor

Back in mid-2014 Russia offered a prize of $111,000 for whoever could deliver, by August 20th 2014, software that would allow Russian security services to identify people on the Internet using Tor (The Onion Router), a system that enables users to access the Internet anonymously. On August 22nd Russia announced that an unnamed Russian contractor, with a top security clearance, had received the $111,000 prize. No other details were provided at the time. A year later is was revealed that the winner of the Tor prize is now spending even more on lawyers to try and get out of the contract to crack Tor’s security. It seems the winners found that their theoretical solution was too difficult to implement effectively. In part this was because the worldwide community of programmers and software engineers that developed Tor is constantly upgrading it. Cracking Tor security is firing at a moving target and one that constantly changes shape and is quite resistant to damage. Tor is not perfect but it has proved very resistant to attack. A lot of people are trying to crack Tor, which is also used by criminals and Islamic terrorists was well as people trying to avoid government surveillance. This is a matter of life and death in many countries, including Russia. 

Similar to anonymizer software, Tor was even more untraceable. Unlike anonymizer software, Tor relies on thousands of people running the Tor software, and acting as nodes for email (and attachments) to be sent through so many Tor nodes that it was believed virtually impossible to track down the identity of the sender. Tor was developed as part of an American government program to create software that people living in dictatorships could use to avoid arrest for saying things on the Internet that their government did not like. Tor also enabled Internet users in dictatorships to communicate safely with the outside world. Tor first appeared in 2002 and has since then defied most attempts to defeat it. The Tor developers were also quick to modify their software when a vulnerability was detected. 

But by 2014 it was believed that NSA had cracked TOR and others may have done so as well but were keeping quiet about it so that the Tor support community did not fix whatever aspect of the software that made it vulnerable. At the same time there were alternatives to Tor, as well as supplemental software that were apparently uncracked by anyone. 

Russia may have been encouraged by an Iranians effort in 2011 that came up with a way to detect Tor users, and cut them off from the Internet. For the Iranian censors, that was good enough. This was a blow to American efforts to support the hacker community in keeping the Internet accessible for all users in to countries like Iran, Cuba and North Korea. In Iran the government managed to shut down over 90 percent of Iranians using Tor. But the Tor developers quickly issued a software update that got around the government detection system. Since Iran had developed the detection software internally, rather than buying them from Western suppliers, they kept modifying it to regain the ability to detect Tor. But the Tor developers have been able to respond each time, including another round in this battle in 2014. The Russians appear to believe they can help the Iranian effort with a prize completion. 

The U.S. government, despite a long, combative and acrimonious relationship with the hacker and Internet freedom communities, has been funding work on “Internet freedoms programs” that seek to bypass Internet censorship in dictatorships. Thus the American government has provided over $30 million dollars for hackers seeking to create software that will enable people to evade Internet surveillance and censorship. 

While this anti-censorship software can also be used by criminals, terrorists and spies, the U.S. government believes that these groups already have access to software that can hide them, and that it’s more important that police states have more reason to pay attention to what their citizens want. 

Meanwhile, the American money has funded development of software that makes smart phones safer for users who want to say things to others that their governments disapprove of. All this activity is directed at countries with heavy Internet censorship programs, like China, Burma, Iran, Cuba, Venezuela and several African countries. Russia recently joined this group by placing more restrictions on Russian Internet users and outlawing a lot of anti-government activity. 

Some dictatorships have created virtually impregnable Internet controls. This is the case in Cuba and North Korea, where the local Internet is cut off from the global Internet. In effect, the Cuban and North Korean Internet are each restricted to one country, and heavily monitored by the security services. Iran considered that, but decided not to implement an “Iranian Islamic Internet” because the Iranian economy, fueled by huge oil income, has too many useful external contacts. Cutting Iran off from the worldwide web would hurt the economy and cause more unrest. 

But the clerical dictatorship that runs Iran has managed to recruit some good software development and Internet talent, and, like China, is using a combination of imported technology (including Chinese censoring systems) and locally developed stuff to keep anti-government individuals off the Internet.

No comments:

Post a Comment