The NSA is Watching and Ready to Attack. Tor Bundle Exploits Compromise You.
Recent discoveries show that the Tor bundle isn’t keeping you safe, and the NSA is actually able to watch you by a complex system of attacks.
Tor is one of the mostly widely known and used proxy programs but the promise of anonymity is no longer valid leaving you compromised. Recent documents leaked by Edward Snowden shows that the NSA is able to infiltrate and can exploit the Tor browser bundle using “computer network exploitation” otherwise known as CNE.
Proxies are a major part of the internet. Criminals, hackers and pirates aren’t the only ones who use proxies. Proxies are a way to protect yourself from snooping agencies and others. And in most countries, using a proxy is the only way the internet (and certain websites) can be accessed due to government restrictions and bans. Some of these countries such as Syria, Iran, North Korea and Cuba heavily rely on them.
So it’s no secret anymore, your online activity that is. Whether or not you’re a law abiding citizen chances are your online activity is being watched and tabbed. Proxies are in a lot of ways a very good tool to protecting your privacy. Even if you don’t live in the United States, sadly the NSA is still able to spy on you. All of the recent NSA leaks are a testament to just that. Just when you thought there was no bounds to what the NSA could do, think again.
Recent findings show that the NSA is able to exploit Tor and Firefox (including other ways) to ensure that your computer is compromised long term giving the NSA the ability to get eavesdropping data sent back to them. Your privacy is basically non-existent. But detailed information on how they’re able to do this, is, well pretty stunning.
The NSA is able to carry this attack out on a user by using multiple strategies, computers, programs and more. The first step they take is to find their target, one that is using Tor. They do this by monitoring every inch of the internet. This is not hard for them, and their partnerships with Telecoms gives them ease-of-access. The NSA then creates a distinct traceable ‘fingerprint’ that can read http requests from the Tor network. These are then loaded into database systems called XKeyScore.
XKeyScore was revealed to the public back in July to be an NSA program that tracks almost everything a desired target does on the internet. XKeyScore has the widest collection of online data ever, that sweeps up your emails, social media activity, browsing history and more. After those fingerprints are loaded in, using massive analysis tools of theirs called Turbelence, Turnmoil and Tumult they shift through all of the data looking for those unique Tor connections.
After identification of a Tor connection they use of process of secret redirects to their secret Quantum servers that are called FoxAcid. FoxAcid, believe it or not, is an “exploit orchestrator” as detailed by the documents from Snowden. It’s an internet system capable of attacking a targets computer in many ways.
The NSA is able to mask these connections, that you wouldnt even know about it. They are public, they have normal domains, can be visited anywhere and can’t be followed back to the NSA. If your browser tries to connect to those servers, they try to take over and infect the computer and browser. There would not be a way to avoid this NSA attack either, nor the redirect. They can even impersonate websites.
A few years back the NSA started receiving so much FoxAcid data that they built a special, specific system to manage all of the data. What’s scary is that this method isn’t related to only to the Tor/Firefox bundle and this method can be used to watch you using any other browser exploits the NSA has or knows about. And the NSA itself uses phishing attacks to draw in targets.
While as far as it’s known the NSA can’t directly attack the core Tor network and comprise everyone at once; they’ve found ways to get what they want directly however. To get what they want also requires no authorization at any level inside the NSA or out which is terrifying in itself.
Should anyone have the power to do such things at their own will? Is your privacy worth standing up for? That’s a question for everyone else to decide. What do you think?
Sources: The leaked docs (annotated) and story can be found courtesy of The Washington Post (here, here, and here) The Guardian (here and here.).
Its not why they collect information we should be concerned about its what they do with that info. Like they should not share intel with other agencies or even the government itself about a single murder a robbery or a plot to steal. They should only share about a upcoming mass murder plot or a scheme to bring about major economic collapse(you know all that Die Hard stuff)..The NSA actually helped us a lot of times…ANd they’ve been secretive about it 4 a long time.
You are naive enough to eat up all of the BS they spout about them actually stopping anything? What they are doing has probably helped no one and is a danger to everyone, not only the citizens of the U.S., but the world as well.
They are scum and need to be closed down for good.
they searching for perfect time machine theory..
so they can build one, and dominate the world.
The prominent thing for me is that it’s okay for a government agency to hack into peoples’ computers and steal information but some individual who even claims to ‘hack things togethor’ is a serious threat and loses his constitutional rights? Isn’t the government also supposed to be under the law?
Like come on! Just read this case:
http://www.theregister.co.uk/2013/10/23/hacker_seizure_rights_case/
yeah they will steal perfect time machine blueprint
How convenient…”We’ve stopped plenty a terrorist plot, but because WE stopped it you never heard about it. Had we not, you’d be dead. Oh we also can’t divulge what we gather that led to us stopping said attack.” Like I said…How convenient. I got into an argument a week back with my girl. She had called. I was pooping and playing Candy Crush so I didn’t answer. I called her later and she was livid. “You never answer your phone when I call.” Me :”It was just this one time, you never answer either too.” her: “Yeah name one time.” Someone similar…is it like a red herring?
That cracked me up same thing happens to me!
Uhh from what I remember, they only have the power to unhide a very small number of people at one given time, and for the most part, cannot even choose who to unmask. So it’s not technically unsafe, the documents stated that they will never be able to unmask all tor users at once, that tor was too secure and they could only focus on exploiting firefox or using phishing techniques and such to plant something on a users computer and unmask them that way.
All of that is mentioned in my article.
Sorry, didn’t read the whole article, It’s just that the title “The NSA is Watching and Ready to Attack. Tor Bundle Exploits Compromise You.”
and the opening paragraph
“Recent discoveries show that the Tor bundle isn’t keeping you safe, and the NSA is actually able to watch you by a complex system of attacks.”
Makes it sound like the security that tor offers has been completely broken when that’s hardly the case.
Wasn’t trying to sound like it. That was an opening summary more so. But an exploit is an exploit, using the bundle has the chance of not being safe.
Ahahahahaha u just made my day!! 😀
To my opinion, either they should or shouldn’t do, I think time will give us answer…
What a bunch of morons, it doesn’t matter unless you have something to hide. I don’t so I don’t care.
Or do you….
humm some people already do that on facebook or twitter…
You’re a fool. What may be considered inappropriate or suspicious can change with the current powers or political winds, so you may believe you have nothing to hide while the system sees you as suspicious. Presumably you’re not somewhere where you’re likely to be extrajudicially assassinated for looking or seeming suspicious, but that doesn’t mean this couldn’t harm you.
For example, your connection to someone else who is more suspicious could make you a target for punishment, or your political beliefs or private statements could be used against you economically by ruining your career.
I know you linked to the sources at the bottom, but it might have been nice to mention Edward Snowden or the names of any of the journalists involved, like Glenn Greenwald for example. All the moreso since Edward Snowden is now in hiding from his own country to avoid the illegal treatment and harsh judicial punishment that Bradley Manning received.
Also the primary vulnerability with Tor isn’t Tor itself, but everything else. As the documents recognize, it is possible to de-anonymize some Tor users, but it isn’t particularly easy to pick a specific user to do this to. The vulnerability with the browser bundle was a Firefox vulnerability, and otherwise they have to rely on compromised nodes or infecting the targets computer.
But on a more positive note, I’m happy to see this article here. It’s important for people to be informed about things like this, so that they can process the information and get over “well I’ve got nothing to hide” or “but since I’m not a terrorist or criminal, I’ll be fine” syndrome.
Also, for the people who say this is acceptable: Only targeted, legally approved surveillance or surveillance against literal enemies should be acceptable. Secret, non-adversarial courts approving blanket surveillance of all people don’t count, and are hardly deserving of the label “court.” These actions violate the Fourth Amendment (when used domestically by the USA) and the European Convention on Human Rights when used internationally, so it doesn’t matter if “you have nothing to hide.” The simple fact that you’re okay with giving up your rights doesn’t mean that you can give up mine as well.
Also there is evidence that these powers have been used for economic espionage, as well as to spy on lovers and ex-lovers of analysts, which kind of undermines the “nothing to hide” argument as the powers aren’t being directed solely at dangerous people. (and it wouldn’t matter if they were, since surveillance of everyone to find some criminals isn’t rational or legal)
EDIT: Excuse me, I should have said Chelsea Manning. I’ve written Bradley Manning so many times in the past that I’m not used to writing her name.
I mentioned Snowden in the article. When it comes to leaked NSA material its almost synonymous with him. Glenn has been a big part and I acknowledge him but this time it was more Snowden and the general two.
I did mention that in the article. While it isnt easy, it is still possible. And while it was a firefox/tor bundle exploit, their method of obtaining info and attacking can be done via any browser (or proxy) vulnerability.
Glad you like the article, the whole point was to inform about whats going on. Im going to start covering this topic more. Some of the hacking techniques, programs and super computers are interesting to look at.
Great article Jd8531, great responses mic. I have just one thing to add.
The recent vulnerability in the Tor browser bundle was in Firefox 17 JavaScript. It targeted Windows, so once again Linux users are safe. Victims of the exploit must also have had JavaScript enabled. It is common sense that you should not use JavaScript on Tor if you want security. By default the Tor browser bundle comes packaged with NoScript extension (I think). Tor browser wasn’t built for YouTube.
The FBI caught Dread Pirate Roberts from Silk Road not through vulnerabilities in Tor or Bitcoin, but (probably) through vulnerabilities in the website’s code that eventually revealed admin powers.
*** you NSA 🙂
Yeah *** the nsa
“Just when you thought there was no bounds to what the NSA could do, think again.”
…So…there are bounds?
That was meant as a hyperbole.
SO, can NSA can find the right codes and blueprints for cracking PS Vita? 😀
haha maybe they can spy on Sony for us and get the Vita’s keys.
If Sony had any sense these keys are treated with the same security protocols as HTTPS certificate vendors. Private keys of such value should remain on an isolated machine that cannot connect to the internet. Files would be taken to and from the secure machine via USB to perform final production compilation.
But given Sony’s track record, they probably send them over insecure internet protocols, encrypted only using the password “4”, and the department responsible for sending the keys will be separate from the team responsible for securing the keys.
but i would think that with the new windows 8 and the email account *** that in windows 8 that it be easier to remote access in to a computer and the do the same thing with android fones though but then u would need the gmail… and its easy to find out woes email is who with things like facebook. firefox old used it alot before google chrome came out shity thing was having to download flash player good thing was the cool app and programs made for firefox.. saw on a few government site *** like Google analysis… but i think that therz more to it becuz like outher ways the nsa been spying i mean the pic shows web came or video feed so they could be like watching one wen they go to the grocery store and lisening on there cell phone… and is not hard to lisen to sumone fone call that jus old spying so weird that they say they jus get the call time and the fon numbers in the phone call… i heard once that it not hard to turn on the microphone of a fon to easdrop and to have it wear the phone jus look like in standby…
I have managed to decipher a couple of things from your obfuscated message. I’ll try and provide you some clarification.
Windows is closed source, there is very likely backdoors present in their OSs and other software. Microsoft have already handed over the encryption keys of Outlook.com to the NSA. The NSA apparently even have absolute access to Microsoft’s development servers.
Android is a very different story. It is built on the Linux kernel. The Linux kernel is (probably) secure, its open source, and there are many eyes watching over every single commit. Although Linus Torvalds has admitted recently that he has been approached to install backdoors into Linux, there is no evidence to say this ever happened. Android itself is built of many open source components. If your vendor supplied Android is not open enough for you, jailbreak your device and use an Android Open Source Project build.
Clear your head of paranoia. If you don’t understand what’s happening, don’t just invent your own understanding.
Common sense should tell you, the battery drain alone of using a mobile phone for eavesdropping would be a tell tale sign to anyone concerned in these matters. Nobody is turning on phones to record and transmit background noise, unless maybe you are some underground crime lord… in which case your phone has already been compromised and you should get out the country, fast.
ooh they also make good use of static and amkami i think that wen u log into facebook or visit facebook the nsa then add *** like cookies to the web browser then they can have file and programs run from the browser.. hear like the a part of the scrip
/*
Brian Katz, Cardinal Path – Google Analytics Government Wide Site Usage Measurement
* v0.1 121011 : First Test Version
* v1.0 121012 : Added Cookie Synchronizing and filtered out Outbound tracking of cross- and sub-domain links
* v1.1 121015 : Changed cross-domain to use setAllowAnchor and fixed problem with some links
* v1.2 121015-2 : Added incoming cross-domain tracking to default _gaq tracker by adding _setAllowLinker and _setAllowAnchor
* v1.3 121015-3 : All Cross-domain Tracking removed
* v1.4 121015-4 : Multiple Search parameters and XDT links tracked as events
No browser is so insecure as to allow executables to be run simply by downloading a cookie.
and idk wat urchin and gas do but think gas is jus used with google to tracking and an easy way to add cookies…
was thinking u no how google does like a search of the web think nsa using it to do the same jus search like civilian computers or to track if people do weird searches….
This in some ways is correct! If it helps to think of it like this then fine.
Google indexes the public web. The NSA indexes the private web.
But don’t be so naive as to think only Google, NSA and other search providers are doing this. The NSA directly employs many private companies that also specialise in this new trend of “big data”. Anyone can write a bot, connect it via Tor and start tracking the public or private web.
yea crazy.. i been noticing sometimes my search fileds seems like they getting filtered like i search one time then i search a lil later and like cant find what was wen i first search i thought well that google show like the result of popular fields but went going to the next pages and couldn’t find it…
there also was like a script that sad sumthing about monitery people that visited the sites for 6 months