I didn't see this until after. That's a pretty decent article.
The National Security Agency has made repeated attempts to develop attacks against people using Tor, a popular tool designed to protect online anonymity, despite the fact the software is primarily funded and promoted by the US government itself.
They've failed to make the point that due to the fact that it was funded and promoted by the USG, it's likely still in use by the USG, albeit it's not likely TOR to them, but some standard that uses onion routing. It's probably been better developed for sure, but the infrastructure is likely similar, see here:
Militaries use Tor
Field agents: It is not difficult for insurgents to monitor Internet traffic and discover all the hotels and other locations from which people are connecting to known military servers. Military field agents deployed away from home use Tor to mask the sites they are visiting, protecting military interests and operations, as well as protecting themselves from physical harm.
Hidden services: When the Internet was designed by DARPA, its primary purpose was to be able to facilitate distributed, robust communications in case of local strikes. However, some functions must be centralized, such as command and control sites. It's the nature of the Internet protocols to reveal the geographic location of any server that is reachable online. Tor's hidden services capacity allows military command and control to be physically secure from discovery and takedown.
Intelligence gathering: Military personnel need to use electronic resources run and monitored by insurgents. They do not want the webserver logs on an insurgent website to record a military address, thereby revealing the surveillance.
While they don't mention specifically which military uses TOR, it remains an avenue for obscured communications for them. Likely, efforts to undermine the actual protocol would prove to be a double-edged sword. Additionally, being the original developers of the software with the most resources, they would logically stand to have the highest chances of breaking the protocol if it was possible to do so.
Really, the best known tactic they can apply is setting up as many exit/enter nodes as possible, and hoping that their own personal nodes are used randomly by a single user in a single session (timing attacks). This gives them the ability to track one single access, or communication, between you and whoever you're dealing with, and even then they'd still have to work around encryption if they couldn't subpoena the third party you were working with. As soon as you have a new 'identity' (every single time you access TOR, or whenever you click new identity), they have to wait until the same scenario occurs again. The chances of this happening decrease drastically with the number of enter/exit nodes on the network. So, its real shortcoming here is that it's just not being used enough yet. Of course, there's still some implementation issues to work out just like anything else, but the protocol is quite secure overall.
The other tactic they mention here:
The trick, detailed in a top-secret presentation titled 'Peeling back the layers of Tor with EgotisticalGiraffe', identified website visitors who were using the protective software and only executed its attack – which took advantage of vulnerabilities in an older version of Firefox – against those people. Under this approach, the NSA does not attack the Tor system directly. Rather, targets are identified as Tor users and then the NSA attacks their browsers.
Firstly, note that the outdated firefox browser was the weak link, an implementation issue which led to the knowledge of 'TOR usage'. This type of discovery would likely place your IP address at a high enough 'score' to record data. Again though, this can be mitigated very well by more users using TOR, which would deter continued tracking. Alternatively again, you can use mac address spoofing, so regardless of the IP packet monitoring, all of the data cannot be traced to your hardware, unless they were to break the encryption, or the site you were accessing was capable of being subpoena'd .. in which case they could possibly cross reference the users of their site that came in through known TOR nodes (some are unknown, like new ones), which would still leave you with plausible deniability if there were a large amount of their customer base using TOR, so they would have a tough time linking yourself to anything more than what you were already linked to.
Only through cross referencing multiple sites that came through TOR nodes could they even begin to link that you're the user using TOR that accessed that website from your ISP IP address, unless they had access to your computer (they likely can get this a different way than TOR).
Either way, Monero is working to integrate I2P. As a difference, I believe I2P lets you construct a type of anonymous whitelist, giving you the ability to 'discard' nodes that are questionable. Check
here for info about that. Additionally, it looks like anyone running an I2P program becomes part of the network, where with TOR you have to provide a node specifically set up to handle network traffic (so you can do firefox, etc. without setting up a TOR node and instead just install the program on your computer). This leads to some heavy scaling issues, but for something with very little information going across the network like a crytpocurrency network, it sounds like a good match .. I just don't think you're gonna have everyone streaming videos on it 24/7.
Yes, everything has its trade-offs. I'm looking forward to where this ends up as well!
