Skip to main content

NSA tried and failed to compromise Tor, but browser vulnerabilities gave some users away

NSA tried and failed to compromise Tor, but browser vulnerabilities gave some users away

Share this story

tor stock 1020
tor stock 1020

Intelligence agencies have devoted significant time to cracking the Tor encryption network, reports The Guardian, but it's largely failed to compromise the system. According to leaked documents obtained by Glenn Greenwald, the NSA and Britain's GCHQ were frustrated by Tor, at one point in 2012 putting out a presentation called "Tor Stinks." "We will never be able to de-anonymize all Tor users all the time," it says. "With manual analysis we can de-anonymize a very small fraction of Tor users." While it's known that the NSA was actively working to weaken cryptography, these documents suggest that it was, at least in the case of Tor's network itself, unsuccessful.

However, the documents also describe other methods that could effectively compromise people using Tor, some of which have been speculated on before. Security expert Bruce Schneier has detailed how the NSA has successfully exploited both its considerable surveillance network and vulnerabilities in Firefox to eavesdrop on targets. One process, as described by Schneier, begins with the NSA's relationship with US internet providers. While Tor users maybe anonymous, it's possible to lift "fingerprints" that indicate a connection to the network. The NSA feeds the fingerprints into its XKeyscore database, which collects a wide swathe of internet content and metadata from potential targets.

"Very naughty people use Tor."

After essentially cross-referencing known information about targets and Tor connections, they look for a way to compromise other software — particularly the Firefox browser that often comes bundled with Tor. If the browser is outdated or the user can be tricked by a phishing attack, the NSA can infect the user's computer, making Tor use a moot point. Tor president Roger Dingledine, though, says the network still helps in the long run. "You can target individuals with browser exploits, but if you attack too many users somebody's going to notice. So even if the NSA aims to surveil everyone everywhere, they have to be a lot more selective about which Tor users they spy on."

The NSA has also considered disrupting the Tor network itself, wondering if there's a way to "make it painful" for users to connect. The slideshow suggests setting up "a lot of really slow Tor nodes" to degrade the overall quality. Exploiting existing nodes, it says, is probably not a viable option. GCHQ presentations, meanwhile, present Tor's users as shady and duplicitous. The EFF "will tell you there are many pseudo-legitimate uses for Tor," one reads before disputing the notion. "Very naughty people use Tor," says another.


Tor, on the whole, comes out looking pretty strong here. For Greenwald, publishing this piece is also a rebuttal of sorts to accusations by former WikiLeaks activist and Tor developer Jacob Appelbaum, who said that The Guardian was "sitting on a story" about Tor and criticized redactions made at the behest of the White House and GCHQ. The NSA, meanwhile, is on much shakier ground. In a piece for The Atlantic, Schneier says that the NSA has weakened its position by relying on secrecy rather than strategy. "At this point, the NSA has to assume that all of its operations will become public," he says, "probably sooner than it would like."

Update: Further documents in the Washington Post elaborate on NSA efforts to compromise the network, attempting to "stain" devices linked to certain IPs and, in 2006, creating a customized Tor client called MJOLNIR, which gave NSA programmers greater control over their movements on the network. Neither effort was successful enough to compromise the network as a whole.