The NSA is Watching and Ready to Attack. Tor Bundle Exploits Compromise You.

October 28, 2013

Recent discoveries show that the Tor bundle isn’t keeping you safe, and the NSA is actually able to watch you by a complex system of attacks.

Tor is one of the mostly widely known and used proxy programs but the promise of anonymity is no longer valid leaving you compromised. Recent documents leaked by Edward Snowden shows that the NSA is able to infiltrate and can exploit the Tor browser bundle using “computer network exploitation” otherwise known as CNE.

Proxies are a major part of the internet. Criminals, hackers and pirates aren’t the only ones who use proxies. Proxies are a way to protect yourself from snooping agencies and others. And in most countries, using a proxy is the only way the internet (and certain websites) can be accessed due to government restrictions and bans. Some of these countries such as Syria, Iran, North Korea and Cuba heavily rely on them.

 So it’s no secret anymore, your online activity that is. Whether or not you’re a law abiding citizen chances are your online activity is being watched and tabbed. Proxies are in a lot of ways a very good tool to protecting your privacy. Even if you don’t live in the United States, sadly the NSA is still able to spy on you. All of the recent NSA leaks are a testament to just that. Just when you thought there was no bounds to what the NSA could do, think again.

 Recent findings show that the NSA is able to exploit Tor and Firefox (including other ways) to ensure that your computer is compromised long term giving the NSA the ability to get eavesdropping data sent back to them. Your privacy is basically non-existent. But detailed information on how they’re able to do this, is, well pretty stunning.

The NSA is able to carry this attack out on a user by using multiple strategies, computers, programs and more. The first step they take is to find their target, one that is using Tor. They do this by monitoring every inch of the internet. This is not hard for them, and their partnerships with Telecoms gives them ease-of-access. The NSA then creates a distinct traceable ‘fingerprint’ that can read http requests from the Tor network. These are then loaded into database systems called XKeyScore.

 XKeyScore was revealed to the public back in July to be an NSA program that tracks almost everything a desired target does on the internet. XKeyScore has the widest collection of online data ever, that sweeps up your emails, social media activity, browsing history and more. After those fingerprints are loaded in, using massive analysis tools of theirs called Turbelence, Turnmoil and Tumult they shift through all of the data looking for those unique Tor connections.

 After identification of a Tor connection they use of process of secret redirects to their secret Quantum servers that are called FoxAcid. FoxAcid, believe it or not, is an “exploit orchestrator” as detailed by the documents from Snowden. It’s an internet system capable of attacking a targets computer in many ways.

 The NSA is able to mask these connections, that you wouldnt even know about it. They are public, they have normal domains, can be visited anywhere and can’t be followed back to the NSA. If your browser tries to connect to those servers, they try to take over and infect the computer and browser. There would not be a way to avoid this NSA attack either, nor the redirect. They can even impersonate websites.

 A few years back the NSA started receiving so much FoxAcid data that they built a special, specific system to manage all of the data.  What’s scary is that this method isn’t related to only to the Tor/Firefox bundle and this method can be used to watch you using any other browser exploits the NSA has or knows about. And the NSA itself uses phishing attacks to draw in targets.

 While as far as it’s known the NSA can’t directly attack the core Tor network and comprise everyone at once; they’ve found ways to get what they want directly however. To get what they want also requires no authorization at any level inside the NSA or out which is terrifying in itself.

Should anyone have the power to do such things at their own will? Is your privacy worth standing up for? That’s a question for everyone else to decide. What do you think?

Sources: The leaked docs (annotated) and story can be found courtesy of The Washington Post (herehere, and here) The Guardian (here and here.). 

Tweet this!Tweet this!

Previous post:

Next post: