On being targeted by the NSA

As quoted in the original article on Das Erste:

We've been thinking of state surveillance for years because of our work in places where journalists are threatened. Tor's anonymity is based on distributed trust, so observing traffic at one place in the Tor network, even a directory authority, isn't enough to break it. Tor has gone mainstream in the past few years, and its wide diversity of users -- from civic-minded individuals and ordinary consumers to activists, law enforcement, and companies -- is part of its security. Just learning that somebody visited the Tor or Tails website doesn't tell you whether that person is a journalist source, someone concerned that her Internet Service Provider will learn about her health conditions, or just someone irked that cat videos are blocked in her location.

Trying to make a list of Tor's millions of daily users certainly counts as widescale collection. Their attack on the bridge address distribution service shows their "collect all the things" mentality -- it's worth emphasizing that we designed bridges for users in countries like China and Iran, and here we are finding out about attacks by our own country. Does reading the contents of those mails violate the wiretap act? Now I understand how the Google engineers felt when they learned about the attacks on their infrastructure.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Time to make ALL Tor connections, client-relay, relay-relay, and relay-exit obfs3 by default. It won't take anything to make, the code is already there, enhances security and anonymity, and give one up the NS@'s @$$!!

Good thinking, but it's not clear to me that this step would help as much as you hope. First, it isn't actually free to layer obfs3 on top of things -- many of the fastest relays are CPU-bound from doing AES, and adding an obfs3 layer effectively doubles the amount of work they'd do.

Second, the list of relays is still public, so they could still recognize Tor flows by their endpoints.

Also, the rules published in this article are not the entirety of their rules. We could easily imagine xkeyscore rules to recognize obfs2 flows, including a "does it have at least this much entropy" rule. Doing traffic obfuscation to defeat a real-time adversary who is deciding whether to filter you is quite different from doing obfuscation to defeat an adversary that computes on the flows after-the-fact. The latter seems much harder.

All of this said, I'm increasingly thinking that some sort of better obfuscation layer by default, between clients and the Tor network, would be useful. A simple DPI rule is one that they can write, deploy, and leave in place for weeks or months. A rule that involves grabbing a snapshot of IP addresses means pushing out new rules much more often. Maybe that's a difference that matters in practice. Also, using transient bridge addresses (a la Flashproxy) could be a big step forward in the arms race.

This comes up every once in a while, and obfs3 specifically is as "not-that-great" of an idea as the last time I commented on it.


arma appears to think that there is benefit to using some obfuscation for the link protocol, but I'm not convinced if that would raise the bar to the point where it's worth the engineering effort.

Is there a TOR Forum where people can share information about enhancements to TOR, vulnerabilities and what people's experiences are when using TOR?

This would be useful if such a forum doesn't already exist.

I have information which was provided by let's say an expert in the field for the time being and want that information to get to the developers of TOR for implementation.

I don't know of any particular forum, but that's a good suggestion.
There is, of course, Tor Weekly News:


which gathers up all of the Tor news for the week (durrr)...
and you can get involved here:


For the use case you describe, you probably want to open a trac ticket:
Or mail us privately (e.g. tor-assistants) if it's something that should stay private to start.

For more general discussion, the mailing lists and irc channels are where the developers are:

We also launched a Tor stackexchange for general Q&A:

The forum question has come up several times, but if no developers will pay attention to it, it could easily be harmful rather than helpful. After all, all the developers but me have abandoned the blog comments here too. There is so much to do!


Connection only partially encrypted. Still.

Yeah, no kidding.

I think an upcoming https-everywhere ruleset will help with this.

Perhaps we should do the exact opposite, G00berments around the globe are expecting us to try and hide in the shadows, as they do. Maybe we should expose them with all of the codes they use and plaster all of it over the www. Tor is already compromised so what have we to loose? I will wager the NSA will not take kindly to being exposed all over the world, and if they have no place to hide, there screwed and exposed, i think they have alot more to loose than we do.

A) Tor is already compromised? Citation please? See all the other threads here for background.

B) To "expose them with all the codes they use", what do you propose we actually do? That sure sounds hard.

Solutions for Tor's problems are known and available, but you won't adopt them because the real and ultimate truth is that Tor has always been an NSA honey-pot. You can deny it to yourselves so you can sleep nights, but that is the entire point of it. Any insider can tell you that the core, fundamental strategy of the NSA is to use the mathematical "attractor phenomenon." The MORE one uses, that person is self-selecting as even MORE worthy of attention. You can fix Tor if you really want to, but you'll notice an odd internal resistance to the very solutions that are clear and self-apparent. Any creative person or inventive engineer can show you the boring, methodical way to define a problem solution. There is no magical insight out of dark nothing and nowhere. Someone forms a list of the probable solutions or likely leads toward a solution. If the list is sufficiently long, somewhere on that list the better, best and even insightful solutions will rise higher on the list. Any of you can make such a list of ways to tighten Tor, but notice how those solutions will never be adopted. Because Tor is paid for by the U.S. government and fully controlled at highest levels so that it is kept with fundamental weaknesses to keep it open to the NSA. Include Russian, Chinese, Iranian, Cuban servers in the network. Ones that "tunnel" their information, in ways that no NSA or other government could trace the information, through those rabbit holes through Wonderlands. Name solutions that really work and you'll find the shouts growing louder around you from the inside, against those solutions. The better they are, the louder the voices against them.

More details would be useful for others to assess whether this is fact or conspiracy theory. Anonymity is actually really hard to do right, and here you are saying that there are good solutions, without specifying any of them, and then saying that people won't use them.

I encourage you to read http://freehaven,net/anonbib/ and attend the PETS symposium https://petsymposium.org/ and help design and research these solutions.

Funny how my comments were moderated, or removed. Censored as though in China actually. I didn't say anything other than that Tor is a honey-trap, financed by the U.S. And that insiders at Tor would stop any true improvements that really stopped the NSA from being effective. Just funny how this was moderated out. CENSORED. You people are as evil as Soviet Russia to censor what I said. And Despots all have their day. You will have yours.

Sorry about the delay. As you can read from other comments here, I'm the only one who thinks the blog comments are worth responding to, and I've been at PETS talking to researchers all of last week rather than dealing with the blog.

Or I guess the other alternative is that there's a massive conspiracy, and we actually *do* have plenty of time to sit around trying to figure out how to thwart everybody's efforts to make Tor better. :/

so TOR is not safe anymore, eh?

Hm? Nothing has changed. Anonymity is hard, but Tor is the best option out there, but it's not perfect. See all the rest of the threads here.

This is genuinely scary. It actually makes me scared to use Tor (which is their intention, I guess) or visit the Tor Project's website.

The future is dark.

Well, try not to do anything else on the Internet either then. :/ At least when you're using Tor they have a tough time tracking down what you're up to.

Somehow we have to get to the point where people think of Tor like they think of https. If you'd just read an article about how NSA is targeting people who use https, would you be scared of using https and switch to unencrypted browsing in order to stay under their radar?

I agree we have a right to our privacy! Good law abiding citizens value their privacy. Because one uses Tor or any other privacy software does not make them a criminal or should automatically put them under suspicion of such!

Fk the law bro.
You obey the religion they foist upon you, you've allready been defeated.

Meanwhile, some facts, points and questions to consider:

1.) The overwhelming majority of sites on the WWW do not use HTTPS (or any other form of encryption or authentication)
2.) The content of any such non-encrypted, non-authenticated site visited via Tor can be manipulated by any exit node via packet injection/ Man In The Middle (MITM)attacks-- especially when JavaScript is enabled.
3.) JavaScript is fully-enabled in the default configuration of both Tor Browser Bundle as well as Tails.
4.) For HTTPS sites, how many people actually verify the certificates (e.g., by using the SHA1 fingerprints)?

And round and round we go. I don't want to downplay the huge problem that lack of https plays on our Internet (it is a huge problem!), but I do want to make sure we don't downplay that same risk for non-Tor users. I can do these attacks on my fellow comcast users. Or see the thread here about Starbucks. And VPNs have the same issues. And if we're talking about NSA like we are in this discussion, they apparently have lots of places on the Internet to see flows and inject/modify content.

So yes, I totally agree, but you missed a "2b" about similar dangers when trusting your local network instead. It really depends a lot on what sort of situation you're in.

Does using HTTPS slow the page loading speed down at all???

"At all", yes -- especially during the initial handshake where it has to establish keys, send certs, etc. But hopefully it's not too different compared to the general slow-down introduced by Tor and introduced by general network latency.

Personally, it makes me want to use Tor more and more.
They can track me and come to my place if they want to, I'd be glad they loose their time for nothing.

The constitution ain't written on an etch-a-sketch.

I just changed my bookmark to this and kept
right on going:


At least in theory, a passive observer can't see the URL that you're fetching at an https website. So you are only saying hello to the nsa here if they're doing an active man-in-the-middle attack on your https connection, or if they are recording the flow and later plan to decrypt it somehow.

So, sounds good, carry on, but you might want to say hello to them in some other way too if you want them to be sure to notice. :)

According to this EFF graphic they CAN see the Url you are fetching just using HTTPS:


That is one reason why we need Tor.

No, when you're using https, an observer of the connection to the website can see the domain you're visiting ("torproject.org") but not the URL you fetch ("/?hello-nsa!").

The EFF "Tor and HTTPS" diagram blurs them together.

And randomize case as nsa-Nsa-nSa... Will be funny... They will think it's steganography.

Kaspersky also have a lots of Tor nodes.
Why tor doesn't block them automatically?

Almost 66% of tor nodes are governmental, packet-loggered, HTTP-proxied nodes.

I'm a fan of Kaspersky running exit relays. Many groups run exit relays. Diversity is where Tor's security comes from.

As for your "almost 66%" number... citation please? I think it is "almost 0%". But that should not make you happy, since one of the huge risks is about how many parts of the network they can observe, not how many relays they operate.

Some guys still use auto-update 'feature' for KAV or/and other soft.



Happy to see people working in this direction. If you care about the topic, you should help them make the tool better.

That said, hidden services are a tiny fraction of the overall Tor network and Tor usage, and the issues in this blog post are primarily around use of Tor in general. So the upside of such a tool, in the face of these sorts of attacks, seems limited.

But that's not to say it wouldn't be useful against other attacks. Making the Internet safe means working on many directions at once.

I have one question about interception. Lets say, the NSA controls Directory Authority and some exit points. Client (A) connects with a Directory Authority they survey and uses one of their exit points too. Couldn't they connect the dots by only comparing the length of the session of Client A? Just curious.

Right idea but wrong details. If the adversary controls (or observes) just the directory authority and the exit relay, they don't have enough information to do the attack you describe (which we call an "end-to-end correlation attack" or a "traffic confirmation attack"), because they can't see your traffic as it enters the Tor network. You only use the directory authority to learn the list of relays, not to actually route traffic through.

However, if they control (or observe) the first relay that you pick in your circuit and also the last relay in your circuit, then they're in the right position to do such an attack. That's why the Tor design is about distributed trust.

For many more details, I recommend watching my 'Internet Days' talk. It's at point 'h' on https://www.torproject.org/docs/documentation#UpToSpeed

13:15 - 14:22 "surely no one will correlate their database this well, well we'll find out in 3 years whether they will or not"... the video was uploaded october 2010 + 3 years = october 2013.... 3 months after the snowden leaks #Conspiracy

Man. If only I'd had slightly better timing! :)

Another friendly conspiracy theorist has pointed out that it took him something like 3 months to get noticed. Just sayin.

I think the tag "target-humanity" instead of "target-america" would be more fitting...

The leaked code snippet (http://daserste.ndr.de/panorama/xkeyscorerules100.txt) is "only" a selector for mining in NSA's data cache - we need to wait for a whistle-blower describing the amount of intercepted backbone traffic to better assess the significance of the XKeyscore rules.

Yes, I completely agree.

Some unknown questions are still: 1) ok, so what flows do you run these rules on? and then 2) do you collect enough info about each flow to be able to do correlation on them? If we assume the NSA has all the packets on the Internet, then we already know we're in bad shape. And if we assume they don't see that much, or they do but they don't write down that much, then we're in better shape.

This means all nodes and all bridges are monitored in real time. Then anonymity of tor network is broken because tor is not designed to resist co-relation attacks on both ends of the circuit.

Not necessarily -- it means that they have rules that could be run on traffic if they had the traffic. It doesn't say anything about whether they have the traffic. See

(Just seeing DPI rules is not that surprising -- http://freehaven.net/anonbib/ has many papers about how to do such attacks once you have the traffic flows.)

Ladies and Gentleman: Start you relays!
Folks, I can tell you that this only motivates me more to provide anonymity services to the users. I am sure that not only the NSA is snooping for Tor, but every serious surveillance service in the world (China, Russia, Iran, Europe ...). But the fact that the NSA commits that "Tor stinks" (1), shows that our distributed anonymity service works.
There is no 100 % security and even the TBB can be cracked (2)(3), but at least this is more costly effort for the surveillants.
And that is what it's all about: Make surveillance difficult and expensive. The agencies are limited in budget and workforce, we *can* cause trouble to them! It depends only on us, the users, how many of us are surveilled to what extend.

=> So (re)start your relays and increase the bandwidth!

1) http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption
2) http://arstechnica.com/security/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-users
3) http://arstechnica.com/tech-policy/2013/08/researchers-say-tor-targeted-malware-phoned-home-to-nsa

Yes. Please help us make the Internet stronger!

And in other news...

torproject.org used to be 256-bit encrypted.

Now 128-bit - because the USA government National Spy Agency has the keys already?

But this won't be posted anyhow.

I have disabled every non-256 bit encryption and torproject.org gets loaded using AES-256.

For Firefox goto about:config, search for "ssl3" and leave only lines enabled with "256" in it, problem solved.

How does the NSA break SSL?

On the NSA

Has the NSA broken SSL? TLS? AES?

Have spooks smashed RC4?

The conclusion of it at the time is that breaking TLS on a large scale as in worldwide, is very expensive and it seems no one has actually broken TLS. Successful attacks don't scale well and therefore don't seem to be widespread. The easiest way to break crypto are weak implementations. If you don't want to stop using TLS entirely, the best thing you can do is to use the best thing you can get. So disable everything below 256 bit.

Mozilla server crypto folks suggest: "At the moment, AES128 is preferred [over AES256], because it provides good security, is really fast, and seems to be more resistant to timing attacks." (emphasis added)
- https://wiki.mozilla.org/Security/Server_Side_TLS#Prioritization_logic

Yeah, I'm totally fine with aes-128 too. More bits doesn't necessarily mean more security, when you're already talking about a whole lot of bits.

Granted, AES128 seems to work just fine. I've read a while on mozilla's site about timing-attack-resistance and AES128 seems to be more resistant. Is it? What will we prefer, what works better?
The changelog of tor says it prefers AES256 over AES128 and that this preference is chosen mainly for anti-fingerprinting purposes. Surely this wasn't done on a whim.

Relays now trust themselves to have a better view than clients of
which TLS ciphersuites are better than others. (Thanks to bug
11513, the relay list is now well-considered, whereas the client
list has been chosen mainly for anti-fingerprinting purposes.)
Relays prefer: AES over 3DES; then ECDHE over DHE; then GCM over CBC; then SHA384 over SHA256 over SHA1; and last, AES256 over AES128. Resolves ticket 11528.

I'm surprised ECDHE is preferred after Dual_EC_DRBG was revealed to have been weakened by the NSA before lobbying for it to become a standard.


Yeah. But if the alternative is 1024-bit DH using a group that they also helped select? We don't have many great options here.

It increasingly seems like we want to ditch TLS and move to our own new thing, e.g. based on some of djb's work.

Or maybe the TLS standards people will decide to accept curve25519 in their TLS suite, and then make it sufficiently ubiquitous that we can use it and also blend in with all its other users?

Fortunately, link encryption in Tor is one layer among many, so even if the link encryption is totally broken, things don't go that badly.

What about using curve25519 for tor circuits? Tor doesn't need to wait for curve25519 to make its way into TLS i guess. Perhaps the same is possible for key exchange.

You're in luck!


Does that mean that Tor has already moved to it's own new thing?

'For Firefox goto about:config, search for "ssl3" and leave only lines enabled with "256" in it, problem solved.' Toggle all the non-128 lines ( except 256 ) to 'False' also? There are lines that are not 128 or 256. I toggled all the 128 to 'False' and Tor takes a looooong time to load and access websites. Once on the website, Tor runs normal speed.

The claim frm "Das Erste" is simple not holdable. We should not overreact. This seems fishy like a hate compaign against tor, tails and linux.


Yes, as i'm a german citizen I have the strong feeling that "Das Erste" is heavily compromised from governmental obligations and definitely has a habit to spread uncertainty and confusion about everything that has potential to lower public trust in state policies is or potential threats on national security or secret intelligence predominance. Do they ever made suggestions about scientific findings that would actually improve the power of people? No, they want to spread the opinion that the state officials and their government administrations know the problems. They want you to believe you can not trust everyone else. It's the policy of fear.

Would it be possible for torproject to send lists of bridge addresses to bitmessage addresses as opposed to emails? Would that be practical?

From the bitmessage website, "Bitmessage is in need of an independent audit to verify its security." Yes, folk are chosing to use bitmessage & previously folk were using truecrypt but auditing is important & just as worthy to donate toward to help support something you value or contribute to the audit itself if you can. Many hands make light work amigos!

It would be better to send the request alongside with your PGP public key (or its ID) so Tor's bot can encrypt the email before sending it.


what about a low-threshold offering? say if a mail to bridges@bridges.torproject.org is signed the bridges-mailer will try to get the public key from a PKI server and encrypts the reply.

It's impossible to design a way for the bridges to both be relatively easy to find for dissidents and at the same time impossible/very hard for the NSA to find, so I don't really see the point to be honest.

So is it advised to use a vpn to connect to Tor now?

Well, I sure wouldn't do it blindly. Didn't you read all the previous articles about how VPN services are targets too? And VPN services are centralized single-hop proxies -- easy to match up the incoming flows to the outgoing ones, if you're watching them.

If you somehow have a magical VPN that they have chosen not to watch, sounds great. Otherwise, you're adding a component onto the beginning of your path that could *increase* the chance that they can see your traffic as it enters the Tor network (and thus do correlation attacks on it).

I got a bit confused from the articles and don't claim to understand Tor past the pictures I've seen showing data passing through the nodes however do the NSA need to have users connecting to one of their nodes in the first hop and the last hop so they get the destination and point of origin IP? If so does using a bridge stop this attack?

Check out
I worry much more about the NSA watching somebody else's relays than I do about them operating their own relays.

A bridge would indeed stop the attack, *if* the connection from the user to the bridge doesn't end up in their big database. It seems they have some rules to make lists of bridge addresses. Also, what if they watch, or operate, the bridge that you use?

So the very short answer is "it's complicated, but it's not an obvious win."

Any recommendations regarding uProxy (once it becomes available, based on what is already known)?

It really depends what it is once it exists. The uProxy people seem like nice people, and I'm a huge fan of the stuff Will Scott et al are doing with freedom.js and librtc. But how you put the components together is critical to what security and privacy properties you get from the system. Let's hope they build something worth using!

In light of the article that phobos's post refers to, it's interesting to observe that there's only 1 other comment here so far :)

How about having prospective bridge users send their PGP public key, and the Tor Bridge Project send any details back unencrypted? One cannot trust email these days -we have to assume it's being monitored and that TLS SMTP is being MITM'd by interested adversaries, where desired.

Sounds great except "get PGP and learn how to use it" is a high bar for our users in Syria, Iran, etc. They already pass by Tor in favor of other tools that appear simpler, even when those tools end up harming them down the road.

Usable security sure is a hard combination to get right.

Add an optional PGP key field?

So If I donated $60 could someone setup an additional exit relay on digital ocean (or other VPS provider)? My thoughts is a few thousand people are willing to pay $60 annually (via cryptocurrency), wouldnt that deplete the NSA's ability to poison the network ?

There are two attacks to worry about: one is that the NSA could run a bunch of relays, and the other is that the NSA could *watch* a bunch of relays.

Yes, as we add more relays and more capacity to the network, the effort and cost required to launch a pile of relays and become a large fraction of the network goes up. That's one of the main goals behind the EFF Tor Relay challenge:
https://www.eff.org/torchallenge/ (please join!)

But that said, if we put all of those relays at a small number of VPS providers, then the number of places on the Internet the adversary needs to watch doesn't go up much. So it has to do with diversity of relay locations, not just number of relays. For more information about that, see

As for donating to help people run relays, please do!

I'm surprised the NSA gave them such a detailed statement:

It even includes a brief description of XKeyScore: "XKeyscore is an analytic tool that is used as a part of NSA's lawful foreign signals intelligence collection system. Such tools have stringent oversight and compliance mechanisms built in at several levels. The use of XKeyscore allows the agency to help defend the nation and protect U.S. and allied troops abroad."

Tails hacked?
Here is my experience. I downloaded tails ISO using tor. Booted and ran it ok. When I went back to my normal PC, (windows) Secure anywhere claims that 4 files had been modified on my C: drive, and the threat was that a user was added. When I tried to have the program do a repair, I just ended up with blue screen of death. Is it possible that a man in the middle attack gave me a bogus ISO and they installed a hack onto my PC?
Anyway, I had to re-write my drive with my clean image.... Now, who would do such a thing, especially after releasing the warning about tor and tails???

Here is what I got
c:\windows\system32\smss.exe - win32.user added

Bottom line, run tails on a PC with no other drives installed.

Did you check the signature on the ISO?

No I did not. Please do not infer that tails or TOR is compromised. The analysis has not been done. I thought however that someone out there would want to think about this event and perhaps try to reproduce it. For others, disconnecting your hard drives can't hurt.

Why not start by verifying the signature?

"Such tools have stringent oversight and compliance mechanisms built in at several levels."

... which are summarily ignored.

The Tor network servers in Germany and other countries needs to be completely revamped with new cryptology. Let the world know when you've fixed the problem. Tor "you've been compromised".

Huh? "You've been compromised" because "You use the Internet and people can watch Internet traffic"? And we should let the world know when we've fixed the fact that people can watch Internet traffic?

Sorry, this makes little sense. Tor is designed to be robust to somebody watching traffic at one point in the network -- even a directory authority. That was one of the main points of the quote I gave them.

Help. I felt like i am caught in the middle of a two gigantic rocks colliding each other.

Basically, i am a simple person who have financial difficulties and aiming to have a peaceful and private life. So i protect my privacy. I don't know much about codes, and programs, and all these computer stuffs. I can be easily deceived. But i recently learned encryption and file verification, thanks to Tor and the peoples behind it. That 30c3 video months back was very helpful. I tried running relay before but i suspected something was wrong.

Any advice? Just wanting Tor community to know there are people like me and maybe a lot others out there. Using Tor, indeed, i am one of the target.

You're one of the millions of people every day who use Tor. And because of the diversity of users (see the quote at the top of this article), just because they know you use Tor doesn't mean they know *why* you use Tor, or what you do with it. That's still way better than letting them watch all of your interactions with all websites on the Internet.

I also like Sebastian's answer (Q 2) on

"... just because they know you use Tor doesn't mean they know *why* you use Tor ... "

-exactly !

i mean i totally agree with your reply. thanks.

I want to add that under this current total information awareness like concept you will never be able to say or do anything that will put you in good standing for all the future. Under this concept you cannot prove that you are one of ours, one of the good guys, and the matter of surveillance would be settled for you.

Even if you are a hard working church going farm girl in Utah you might one day unknowingly give bed and breakfast to a terrorist.
Therefore your phone, facebook pictures and emails must be monitored for unusual signs.

Or being bored tending the stables our farm girl and her friend may start watching Youtube videos of extremist organisations and visiting their web forums. And we all can imagine her Daddy has a shed full of fertilizer.

Thank heaven we did not have the Internet a generation ago. Otherwise I would not have been able to sleep-under this concept.


What does "church going" have to do with honesty? Oh, I see, America!


Use CyberGhost Vpn (no logs)

Every time a VPN provider has promised "no logs" in the past, there's a newspaper article a year later about how they turned over their users due to pressure from some agency. The problem is that the centralization makes their users vulnerable -- they have all the data necessary to screw you, and they promise not to do it. That's very different from a technical architecture where no single point knows both who you are and also what you do.


(Also, I assume people here will be smart enough to see a for-profit company trying to advertise themselves here, and draw reasonable conclusions.)


Do you honestly think that the NSA can't root one providors box steal the private key and MITM all of your traffic. VPNs are not useful.

It should be interpreted as "no logs for users". Means if user asks them for his log they say 'No Logs for you'.

Have Roger Dingledine--whose CV notes he was briefly an NSA intern a long time ago--or any other employee/consultant/other paid recipient of Tor Project funding--held or sought any government security clearances for any reason within the past five years?

For an organization last known to be receiving about 30% of its funding via a surveillance-related US Department of Defense grant passed through an intermediary organization that its staff are contractually prohibited from discussing, it's an important question asked in good faith and that deserves an answer.

I haven't had a clearance since that summer 14 years ago, and as far as I know no other Tor developers (employees, contractors, committers) have had one (or tried to get one) either. Having a clearance these days as a Tor developer would be crazy risky, first because they can use it to control what you can say, but second because they would make your life miserable in this post Snowden world of ours.

That said, we work with researchers, like Paul Syverson's group at NRL, some of whom do have clearances. I'm happy to talk to all sorts of smart people and try to learn more about how to build safe anonymity and privacy systems. (After all, isn't talking to people with clearances how we got to this blog post in the first place? :)

We don't even sign NDAs, much less get clearances. And we try to do as much of our work as we can in public, even though that causes many distractions as journalists et al pick through our work and try to publicize things that we're only part-way done working on.

As for grants, check out some details here:

Let me know if you have further questions and I'll try to answer them usefully.

And which US government agency is Sponsor O that is paying for Tor Project's chat service? Why is the money designated for Iranian dissidents? USAID or State Department?


Thanks so much for offering up a detailed, thoughtful, and heartening response on what I agree is a relevant question.

I hope users can still help the team move toward diluting the role of U.S. DoD and other government funding in the project, whether received directly or indirectly. I say that not because I think it's inherently problematic--quite the opposite, actually--but because I doubt all of Tor's users feel the same way. Greater diversity and independence in funding sources seems like a better balance to address the needs and concerns of everyone who wants anonymity and privacy.

For the same reasons, I hope users will also help the project move toward a place where staff feel more comfortable choosing not to accept grants whose details can't be discussed.

Toward those ends, I hope others will join me in scaling up their personal donations to the project in response to these revelations! They demonstrate why this team's work is more important than ever.

Two unsolicited suggestion for the team in response to this news, perhaps to offer up to users on tor-talk since a good chunk of this information is already scattered across the website and listservs:

The project could make a commitment to publishing and updating a page on the website listing 1) staff/consultant/contractor talks/presentations to intelligence, military, and/or law enforcement agencies and contractors including dates, countries involved, and any details you could share and 2) a range of the number of staff e-mails, conference calls, and other interactions with "the IC" in any given month or quarter. This might help enhance trust among users who feel uneasy about using Tor after hearing about these revelations, and my sense is that a good chunk of this information is readily available on the website but perhaps not easily accessible.

Second, the project could develop a policy published on its website relating to whether staff can accept travel funding, honoraria, etc. from intelligence/military/law enforcement agencies, and/or commit to disclosing any such travel or other (non-grant or one-off) funding on its website. This might still be useful even if no staff members have ever received this kind of funding.

So 'extremists' have any of us tried getting on a plane recently? How'd it go?

It went just fine.

Thanks for the answers. Who is Sponsor F? Why are sponsors mysteriously named? I think they're all in the annual reports, but it takes some digging to figure out who pays for what and why.

The "it takes some digging" is exactly the goal. Our sponsors page lists our funders, and our 990 filings list them in more detail. But some of our funders like to avoid the attention, because it could cause *their* funders (e.g. Congress) to think about whether they're spending their money well. This little bit of distance has been enough to make that work so far. (And if you ask "what do they have to hide?" then you haven't been paying attention to this whole privacy thing, have you. :)

As for why sponsors are mysteriously named, if a few want anonymity, then the only answer is to give them all anonymity. Ask some anonymity researchers how to provide anonymity to a few elements in a set, and this is what you get. I think it's a pretty good balance.

Have you read this?


Tor is dead.

Anonymity (privacy, security, traffic analysis resistance, whatever you want to call it) sure is hard. I certainly won't argue that Tor is perfect, but I think it's still way better than the other options -- and maybe that tells us something about the options for privacy on the Internet in general. (We, the Internet, need more people helping to make good options, not more haters.)

Having at least one key spokesman with an appearance that looks like it was groomed to shout, "Look at me! I'm an obnoxious, in-your-face narcissistic degenerate twerp!", doesn't exactly help Tor's image.

Well, that isn't very nice. Especially since it doesn't distinguish which of our key spokespeople you are talking about. ;)


I've managed to contact the presenter and we've been talking a bit. It looks like a combination of an end-to-end correlation attack (which we already know works fine *if* you're in the right positions to do the attack) and the guard rotation problem. See also
More details coming soon I hope -- he is not being very good at the responsible disclosure side yet :( and I am trying to give him time to be.

Isn't it high time to sacrifice the goal of low latency which seems chimeric in front of a global adversaries such as NSA ?
Concentrate on Tor's real value instead that (imho) is anonymity. Let relays store and delay-forward packets, and oh! please please stuff all Tor packets to one or a few standard lengths.

The trouble is that Tor tries to anonymize flows, not messages. Systems like Mixminion can work pretty well even in the face of global adversaries, providing they have enough users and enough traffic. But if you want to browse the web, it's not just a matter of padding all Tor packets to be a standard length (we already do that) -- you have to pad all *flows* to be a standard length. And since websites vary so much in size, that sure is a lot of wasted space. And mixing flows against an adversary like this likely involves waiting minutes or more for your website to load -- which really reduces the number of users willing to use it, which in turn reduces the security it can provide -- a bad cycle.

So yes, a fine idea in theory, but nobody knows how to do it in practice. Come to PETS (petsymposium.org) and participate in finding answers!

I have access to Tor's internal servers. SVN is not secure. Git can be changed and the weak SHA hash pre-calculated.

Sponsor F is SRI International, http://www.sri.com/

Well, that's nice. If you actually do have something to tell us in terms of security of our servers, please actually report it, rather than just snarking on a blog comment. :) Thanks!

So on getting your ip they watch your web habits, I presume to catch terroists right?

Emails and forums they belong too could give a clue if they are extremists.

As in the article you get load of people that use tor just because they are blocked from a site or a video.

It will be dangerous soon to just switch on a damn computer !!!


Why do you keep yelling this? I assume you're the same as the commenter above who said it. How about working to create options that can resist these sorts of attacks, rather than just yelling?

Because he would like to sell some vpn-accounts.


Advocating privacy enhancing technologies like Tor is still very hard - even after the summer of Snowden. As a privacy advocate, you always encounter the same "arguments" from pro-surveillance people. "Tor is only facilitating drug dealing, child porn, money laundering, terrorism, organized crime..."

Is there a comprehensive official Tor manual on how to argue in favor of Tor while dealing with people accusing Tor to be a criminal tool?

From my experience, I can tell that it is not easy to resist such rhetorical attacks.
But it is very crucial to win the argumentation battles.

There aren't any official Tor manuals yet -- maybe you want to help put one together? Here are three resources that contain a lot of what I use:

* https://media.torproject.org/video/tor-internet-days-2010.mp4
* https://www.torproject.org/docs/faq-abuse
* http://media.ccc.de/browse/congress/2013/30C3_-_5423_-_en_-_saal_1_-_201312272030_-_the_tor_network_-_jacob_-_arma.html

"Practice practice practice" is the other answer. For bonus points, go try to teach law enforcement about Tor -- that sure helps you refine your arguments:

Thanks a lot, even though I already knew some of these resources. That's why I asked for an "official" manual about pro-Tor argumentation.

Where can I contribute to such a manual? Is there a systematic process like the Tor bug tracker?

How can I gain access to the law enforcement world? I mean, I can hardly imagine they accept being taught about Tor by ordinary citizens. Not all of us have a renowned name like you.

You could start a wiki page and gather resources there; but it's likely you'll remain a voice in the wilderness. A better option is to find some of the helpdesk people on irc and work with them to coordinate more.

As for gaining access to the law enforcement world, police are generally desperate to have smart technical people teach them about this Internet thing. I bet you have a local chapter of Infragard or something similar. Or, my favorite way, run a Tor exit relay and then teach whoever sends you email about it. :)

Thanks again, arma. I will do my very best. ;)

Time to support the TORCOIN project to make Tor scale for everyday use.
And to make sure is doesnt get back doored.



That reminds me, I need to finish reviewing Rob's blog post explaining all the problems in the torcoin research paper design.

Soon I hope. Stay tuned, and don't sell the farm yet!

Im more concerned about this hacker's claims to deanonymize users than the NSA who i would presume has their head so far up their asses with bigger problems than what joe blow does on the internet.

In any case to the idiot who keeps shouting TOR IS DEAD he may have a point, low latency and anonymity may become incompatible, and easy access to the clearnet (of which the great majority of sites are US hosted and therefore watched) may become a thing of the past. Tor should focus more on enhancing the darknet attributes which so far have been shown to remain secure (as per all snowden articles, NSA claims to deanonymize flows via end-to-end correlation, and collect onion addresses, but never has claimed to deanonymize onion servers or connections).

Arma has expressed his priorities in these comments that popularity is more important to him than anonymity, arguing that a great increase in anonymity would push users away. If the TOR team cant find a safe way for people to enter into the tor network, assuming all exits and their destinations are watched, then TOR will be a greater risk to freedom than not using it at all.

I would suggest if you really value you freedom, starbucks wifi is a technically superior anonymity tool than TOR.

Two extremely important points (I say important because you'll use wrong intuition otherwise, leading to poor choices):

* Hidden services are likely weaker than "normal" Tor circuits, because the adversary can induce them to generate traffic. I mention this in the 29c3 talk and also again in
The fact that the leaked NSA documents haven't mentioned breaking hidden services is, I think, due to the fact that hidden services are a tiny fraction of overall Tor use. Not because they're somehow (more) immune to these attacks.

* It isn't that popularity is more important to me than anonymity. It's that popularity and anonymity are linked to each other. I don't want popularity "instead of" anonymity. Rather, we *can't get* anonymity if we don't have popularity. While an unpopular service might provide theoretically stronger anonymity properties, if it doesn't have the users it won't provide these properties in practice. See "Anonymity Loves Company: Usability and the Network Effect":

As for the Starbucks wifi option, it really depends what sort of anonymity you want. Is it ok if your adversary learns that you were in this Starbucks at that timestamp? If you do things that are linkable to each other over time (most people do), is it ok if your adversary makes a list of all the Starbuckses you're in and timestamps for each? Whether that profile they can build worries you depends on your threat model. But don't make the mistake of thinking that they watch Tor and don't watch other things -- it's hot to talk about Tor in the press, and Snowden used and relied on Tor so he made sure to bring with him a bunch of documents about Tor (thanks!), but if you think you can avoid surveillance by avoiding Tor, see the discussion at the top of this post. And as a final thought... why not both Starbucks and Tor, if that fits your threat model better?

What about using linux and a "plug-in" that allows you to change your MAC address when you use public wifi? This should stop any adversary from tracking your Starbuck wifi use.

If this were enough to stop people building profiles of web activity, then Google and other ad companies (who generally don't see the MAC address anyway) wouldn't be amassing huge databases about people.

"Run Internet Explorer at Starbucks and so long as you keep changing your MAC address you'll be fine" is missing out on all the things that Tor Browser aims to resolve:

(And while you could use the Tor Browser without Tor, you'd be approximately the only one doing so.)

There are many big reasons to distrust Starbucks. They have attended Bilderberg meetings repeatedly. Bilderberg was founded by an SS-officer, prince Bernhard of the Netherlands.


there is more

4 Solid Reasons to Avoid Starbucks

Therefore Starbucks is at least devious and likely much worse. So i cannot use anything they offer and their allegiance to Bilderberg says everything. Bilderberg stems from 3rd Reich and they were big in surveillance and dictatorships first start to observe citizens. For this reasons Starbucks wifi cannot offer any anonymity.

Starbucks is the enemy, not Tor.

"There are many big reasons to distrust Starbucks."

Couldn't the same be said for just about /any/ corporation?

I feel tor is getting old in some ways.
the tor dev's need to find the next step in making tor better.

like no more public node lists, exit or relay.
that shit needs to stop!
as well as blocking of nodes that are well know to be owned by gov's & law enforcement.

make some kind of update that sets a high default speed for nodes
like 80 or 100 that can't be set lower.
tor nodes are mad slow!
with how the net is now & days with big ass Pics & html5 videos/flash Tor needs the speed up big time.

A) Become a Tor dev, help us make it better!

B) Relays run by govs and law enforcement? I don't know any. Do you?

C) 80 or 100 what? (Many Tor relays are quite fast these days -- I'm really happy with Tor's performance now compared to a few years ago.)

Running proprietary software such as Adobe flash can deanonymize you and send your real IP address through the clearnet. There are solutions but they aren't within the scope of the average user.
Also, I tend to get more dropped connections than poor speed these days. Sure, it's not Gigabit but it's fast enough to watch a html5 video on with no problems usually.

How would making the Tor network rely on only one exit node improve anonymity? wouldn't end-to-end correlation attacks be useless?

Since all the flows coming in would have different timing and volume characteristics, they'd very likely remain easy to match up. So moving everything to have one exit point would make it much more like a centralized VPN -- not a good move.

Changing timing and volume so more flows "overlap" or "collide" with each other is a fine open research problem. But I think that has little to do with whether the flows exit from one point or many.

Not to mention it would be extremely expensive to run and would slow the network down significantly.


If everybody would use Tor, surveillance is useless as everybody is an extremist.

> Now I understand how the Google engineers felt when they learned about the attacks on their infrastructure.

As if Google didn't cooperate with NSA in the first place. Please.

The NSA is just a decoy, you have other agencies like the CIA and the FBI and the Cyber Departments for each military, and much more who have also clear access to the NSA databases and other tools. The entire nation is targeting you! Either make a full proof software or else its completely useless! Full throttle privacy!

There's no such thing as fool proof software; programmers are human and make mistakes, especially when several are working on one piece of software as programmers tend to program similarly to how they think and everyone thinks differently. Good Crypto is even harder than normal programming, which simply increases the chance for bugs.

And that's not even mentioning that you can't guarantee someone from doing something extremely foolish to eliminate his anonymity. There are fundamental limits that technology exerts that can't be broken that make it impossible to make something cryptographically foolproof, because fools can always surprise you.

In fact I found "tor" today. And from no on I will use "tor" if NSA want to check everyone.. thats their problem. More users more fun:)

What do you think of a plugin that adds random data sizes to packets being sent from the client? wouldn't that help against correlation attack?

Seems like a hard research topic. So, "maybe".

But in the mean time, you're in luck! See the Google Summer of Code project that Marc Juarez is working on. It is a framework for experimenting with website fingerprinting defenses.

Also, you wouldn't want to add random data -- it is much safer to round up to a given block length. The goal is to make as many flows as possible look similar. And against correlation attacks, you'll also want to somehow deal with the timing information.

I think arma@ is showing a remarkable amount of patience to some of the baiting and anonymous comments.

I don't think anyone considers Tor the perfect bridge to anonymity. But consider the constant developments that have gone on the past decade, you have to be impressed at the progress and the flexibility of the project in the face of changing and yet-unknown adversaries and threat models.

Einstein once said that our natural sciences are primitive, but are still the most precious thing we have. I think it's a useful description for Tor. The alternatives are untested, and in the case of some blog comments, purely marketing FUD.

Tor is constantly evolving in the software's development and in the user base. It is increasingly a tool for users in the Middle East. Crappy one-hop proxies are no longer the default choice.

If you have genuine input, put your energies into adding to the depth and breadth of Tor. So far with the Snowden disclosures, we've learned that it's a target, and that it is a real challenge to compromise for even potent passive adversaries.

A huge thanks to everyone who contributes to Tor in large and small ways. There's lots of room for improvement, but it's a dynamic project that is vital for millions.

"...some of the baiting and anonymous comments."

Aren't all of the comments here anonymous?

No, not all comments here are anonymous. Some, such as those from phobos and arma, are really pseudononymous, except we know their identities. Maybe we could say noms de guerre?

But to add another point, addressed to newer users of Tor, ignore the childish comments on the blog posts. Tools are your choice, so choose carefully. This piece: https://blog.torproject.org/blog/ten-things-look-circumvention-tool is dated yet remains a excellent starting point for assessing tools like Tor.

Those who support Tor understand that the same technologies that assist dissidents, domestic violence victims and whistleblowers with anonymity also assist FUD marketeers. That's likely a privilege they enjoy in part due to the Tor Project itself.

Oh, irony...

Thanks for your kind words!

I have read much about 'Das Erste'. Here is what i found. At first you don't count on it but das erste turns out to be utterly evil. They are using polite wording but be careful, don't let them fool you. They lie, are warmongers and use every form of war propaganda to cover up wars to deceive citizens and so on. ARD is financed by a deceptive form of racketeering. They call it 'contribution service' which you pay. But you don't pay, they simply demand the money. So they blackmail you for the money and if you don't cough it up they start a witchhunt on you, calling you everything. They use criminal complaints to get the money. But the search warrants turn out to be illegal. Clearly it is a tax they are robbing from you to pay their war propaganda. Tax is about the same form of racketeering. Have you ever tried not to 'pay' taxes? Anyone who tries gets the same harassment. You could very well call the ARD mafia. Since january they are covering up the facist coup, warcrimes, mass murder and ethnic cleansing in the Ukraine.

So anything the ARD says has to be treated with utmost mistrust and caution. They mix truth with deception, a danger to the unwary.

So they are like the US media.

"Until these issues are solved [1] TOR use by those subject to FEP or friendly to FEP nations jurisdictions --including all WASP nations--, should consider it as a minimum, as target practice at their lower extremists, even if not using it for illegal or questionable reasons."
- Clive Robinson,

So where would be the best place to start for an internet/security savvy person with basic coding experience to begin ramping up their security and anonymity?

I think that's a central question that the whole "LibTech" or whatever-you-wanna-call-it scene needs to start answering better.

Speaking of grants and funding, the reason that bridge isn't clear is because too many people already in the scene don't like competition.

There's no one simple answer for someone with your background and "basic coding experience" is a bit vague. However you do contribute should obviously be in something you enjoy.

But as a simple starting point, you might:

  • Read through some Tor design documents in an area of interest. This will give you some context and maybe something sound fun to improve.
  • Run a relay or bridge on the operating system you're most comfortable with and tweak away. Let others know any interesting OS tweaks.
  • Most important in terms of the future of the project itself IMHO, get other people using the Tor Browser, running relays, and more generally, understanding the importance of privacy and anonymity. The world needs more users, more Tor network diversity and we need to win the broader arguments in society.

Just my personal feedback. I don't represent anything, including myself often as much as not.

Not Living in Munich

I am an ordinary citizen who has used Tor and Tails for years to protect my privacy. Just want to reiterate my appreciation to the two teams for all their work on behalf of everyone who is a target--- which is, as we must not forget, everyone in the world. Ordinary citizens, journalists, lawyers, activists... everyone.

My reaction to the latest disclosures:

1. We knew all this already but it's a huge advance to have documentary evidence, because it may help destroy the Catch-22 which has thwarted privacy advocates in the US, the obviously fallacious claim that they have no standing because they cannot prove they are being spied on.

2. The EFF gave good advice: Tor Browser Bundle and Tails remain two of the best privacy-enhancing tools, and everyone should be using them as much as possible. (Which requires greatly increasing the number of Tor nodes; I suggest that businesses everywhere should consider sponsoring a Noisebridge node as a public service.)

3. The media coverage outside the US has been much better than that inside the US. Most news stories in the US media greatly understate the problem, by pretending that only two particular people (Roger and Sebastian) were targeted. This completely misses the point that Directory Authorities are targeted specifically to record the true IPs (hour by hour) of everyone using Tor during the next hour, worldwide. Another point almost all news media outlets missed is that the published rules are only a selection, date from a particular time period, and appear to be deprecated rules offered in training documents; the current rules are probably more sophisticated. One point which even sophisticated commentators may have missed: some years ago, NSA insiders were complaining about their covert DPI boxes being too slow to "collect it all", and one interpretation of the fact that some REGEXs are imperfect might be that they did it that way to gain speed. Previous leaks hinted that a few years ago, XKS was mainly C++ code which is recompiled in each collection station every time they add a new "selector" (apparently every few days). Any comment from Jacob about this suggestion?

Anyone know if the "selection" of Linux Journal will finally push kernel.org to explain what it knows about the infamous intrusion a few years ago?

Special thanks to arma for not abandoning the blog comments as a source of feedback from the user base.

As a long-time Tor user, I'd like to address the old issue of Tor's weirdly "secret" support from various pieces of the US government:

1. The USG is huge, and its many parts not infrequently have contradictory "agendas". During the past year, several respected reporters have written articles pointing out that Tor is funded by the good guys (for example, one piece of the U.S. State Department wants to help bloggers in "adversary nations"), and simultaneously attacked by the bad guys. Our job as activists is to persuade more of the US government act like good guys, and to impel the U.S. Congress to simply eradicate the parts which act like criminals.

2. There must be hundreds of US citizens who spent one summer as an NSA intern. Most people who do that decide they really dislike spying on everyone, and quit. Good for them!

3. "Sponsor F is SRI International, http://www.sri.com/" Oh no, Roger, say it isn't true! (SRI is much too close to the criminal element in the USG).

4. Roger, I hope you will suggest to the secret sponsors that the "secrecy" is counter-productive. Presumably the original rationale was that potential users in "adversary" nations would be frightened off by sponsorship by any part of the USG, but I think those users are more likely to feel that under the circumstances, an enemy of their enemy is sufficiently like a friend that they can use Tor. Especially since the Snowden leaks proved that however much NSA might want to traduce Tor, it has experienced great difficulty in trying to do that.

5. Years ago, some people used to claim that Tor is an NSA scheme for spying on all the world's privacy advocates. The Snowden leaks should have decisively disproven THAT notion. But there's a kernel of truth in this claim: NSA, having decided it can't easily break Tor itself, has decided to regard Tor and GPG/PGP use as a convenient criterion for enumerating all the world's privacy advocates. Solution? Simple: every ordinary citizen, every journalist, every lawyer, judge, and politician should become a privacy advocate, in self-defense, and that means they should use Tor, end-to-end encryption, and all that.

Tor is a nonprofit and required to publish their funding. No secret funders. See https://www.torproject.org/about/financials.html.en

Agreed, but one minor point: we're actually not required to publish our funding. We're required to reply in paper under certain circumstances if somebody shows up at our physical office asking for these documents. We choose to publish them on our website because we want to encourage transparency.

So, while non-profits aren't actually required to publish them, we'd like to live in a world where they all do. Please encourage your favorite other non-profits to publish their financials too!

Regarding the link to comments by Clive Robinson, he wrote: "TOR use is painting a target on yourself, so use for illegal activities is at a minimum like playing Russian Roulette every time."

We now have documentary evidence that the first claim is true, and it comes as no surprise. The second part should be rephrased "don't engage in activities you know to be highly illegal", which is just common sense. So it seems to me that Robinson's comments have little bearing on the question of whether or not ordinary citizens should use Tor.

One troubling issue here is that in many countries, the law is so complicated and so self-contradictory, and so little-tested in the courts, that no one can possibly really know what the law actually IS when it comes to browsing to websites like this one. For example, Tails now spoofs MAC addresses by default, but some ISPs appear to forbid that in their TOS. It is impossible for the ordinary citizen to know what to do in such cases. Am I risking a jail term by coming here, or only being kicked off the internet? Who can know? One thing is clear: without Tor, I and many others would be chilled from reading about or speaking up on almost ANY subject, because in the end, any subject can be controversial to someone, maybe even to some government.

i am not doing anything wrong.so no worry

The USG relies on deception and image for power, as do all powers. Governments/powers don't actually exist except as manifestations of the minds of men. Men believe these things into existence out of desires of safety/dependency. Dependency = Slavery. As much as I love the people doing good work on things like Tor, mankinds ultimate problems lie in breeding/immigration restraint and associated self-sufficiency/independence/sustainable-economic-models. There will never be freedom without that, which I would think should be the greatest concern.

We are all living in "grow or die" economies to pay on ever-increasing banker-debts, and we are all way past the point of having nature as a refuge for sustenance after a big failure, while "moving ahead" can only increase our state of dependency/slavery. Really, all of mankind is between a rock and a hard place. Civilization's failure rate? 100%. We never know when to quit, and believe in ourselves too far for too long, every time. Anyway, the ultimate security is living in independence and freedom.

My contribution to a TORrer world.

Careful there. You see, everybody who isn't already a Tor fanatic who sees that shirt design will now start associating Tor with criminals even more. We walk a fine line here, and in order to win this fight we need to get ordinary people to understand why we represent the side of good and light.

Two journalists who DO "get it":

Here’s One Way to Land on the NSA’s Watch List
Julia Angwin and Mike Tigas, ProPublica
9 July 2014

Julia Angwin a journalist and author of the recent book Dragnet Nation. Mike Tigas is a journalist and also the developer of a Tor-related project, Onion Browser, but as far as I know he is not directly affiliated with Tor Project.

Bruce Schneier, Glenn Greenwald and others suggested that the XKS code released by Appelbaum et al. is not a Snowden leak, because neither remembered seeing this data in the documents they reviewed. Angwin and Tigas write "we did a little sleuthing, and found that the NSA’s targeting list corresponds with the list of directory servers used by Tor between December 2010 and February 2012". But comparing the last "added date" and first "removed date" in the list of Tor routers mentioned in the leaked code, as reported by Angwin and Tigas, I find that the leaked code probably dates to the period Feb 2010 through Apr 2012. Either way, these dates appear to be consistent with the hypothesis that this is after all a Snowden leak.

Someone wrote above "i am not doing anything wrong.so no worry" [sic], a variant of the often heard misconception that "if I have done nothing wrong, I have nothing to hide" [sic]. Assuming my sarcasm detector is functioning adequately, I recommend that this person read Angwin's book, because she effectively demolishes this argument.

(I have no financial relation to Angwin, Tigas, or the Tor Project.)

Regarding responses to our being individually targeted, I support those who urged caution in considering such civil disobedience measures as embedding snarky messages in fake onion addresses or trying to exploit vulnerabilities in the (old) leaked code. Much better for privacy researchers to use their collective brainpower to anticipate the enemy's next move, and to thwart it using (legal) technical countermeasures.

Another useful activity for technically able persons angered by these revelations: use your knowledge of statistics to estimate from leaked documents and other public information such crucial secret items as the number of individual US persons targeted by NSLs, and the number of individuals caught up in the NSA dragnet. One elementary technique is described here:


Sophisticated capture-recapture methods might work even better if combined with Bayesian analysis.

We can't hide anything from goverment specially from the web.If anyone think i use tor so i can do anything that is wrong.I am using tor for personal satisfaction.My opinion : Nothing is anonymity on web and i don't care if goverment spy on me because i voted them .They have right to do anyting to protect the country.

"I am using tor for personal satisfaction."

How does using Tor provide satisfaction to you?

"They [the government] have right to do anyting [sic] to protect the country."


And even if so, how do you know that "protecting the country" is the real reason and not merely a convenient pretext?

Please note the results of this study http://goo.gl/MA3KS1 on tor. The authors wrote:

"Our analysis shows that 80% of all types of users may be de-anonymized by a relatively moderate Tor-relay adversary within six months. Our results also show that against a single AS adversary roughly 100% of users in some common locations are deanonymized within three months (95% in three months for a single IXP)."

What they did? They simulated a tor attack with a thread model of an attacker that resembles the capabilities of the NSA, which sits in internet backbones and is closely watching tor servers, tor downloaders, and almost certainly operates own tor relays for attracting tor users as prey, like in a honeypot

The interesting thing is the fast speed and the high success rate of this kind of attack at tor users.

According to the testimony of whistleblower Binney http://goo.gl/nBwk1p , at the german parliament's NSA investigation panel, a huge problem is that the NSA collects too much data to analyze them all.

So they somehow needed to separate traffic of ordinary people and of suspects. And for this job, tor is very suitable indeed. The german computer magazine C't has warned http://goo.gl/HNvtHr earlier that tor users may be some kind of prey for NSA.

By noting the IP address of anyone who downloads tor or accesses a tor directory authority they first get a list of persons who want to be anonymous for some reason. These IP addresses can then be monitored in order to catch an interesting moment when they, by accident, do not make use of tor.

But unfortunately, the study http://goo.gl/MA3KS1 shows that an attacker with capabilities like the NSA can even de-anonymize tor users themselves very easily.

According to Binney before 2001, NSA "created a network graph of the entire world where" they "could zoom in separate network parts and filter all emails and phone calls from there".

Accidentally, just at the same time around 2001 http://goo.gl/uoYMXm , the software tor, which promises the user anonymity on the assumption that no agency can monitor the entire internet, was created with support of the Defense Advanced Research Projects Agency (DARPA) of the United States.

If one reads the last "tor annual report"https://www.torproject.org/about/findoc/2012-TorProject-Annual-Report.pdf then one finds that, surprisingly, 60 % of tor's financial income comes from the US government. This alone could create the suspicion that tor is a honeypot for the NSA.

One should note that these famous slides from Snowden, saying that "tor stinks" http://goo.gl/67kcFt were from gchq, not from the NSA.

It maybe that the gchq agents did not have the security clearance to de-anonymize tor users, which is easily possible for someone who can operate a tor relay or sits at the internet backbones, like the NSA. The tor project writes on its own homepage:http://goo.gl/dKyiae

"A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently" [But for what they use tor in the middle east, the website does not disclose, of course. Perhaps they used it for de-anonymizing and blackmailing?]

At least the tor project further notes:

"Tor can't solve all anonymity problems. Also, to protect your anonymity, be smart. Be aware that Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit."

And this is exactly what the NSA can do. By collecting all users who downloaded tor, NSA monitor where the traffic from these IP's goes into the tor network and where it leaves the tor network and they also can do timing analysis. So even the tor homepage basically says that NSA can de-anonymize all tor users.

That this is practically true was demonstrated by researchers here:

They simulated an attack against tor from an adversary with capabilities that the NSA is known to have and write: "Our analysis shows that 80% of all types of users may be de-anonymized by a relatively moderate Tor-relay adversary within six months. Our results also show that against a single AS adversary roughly 100% of users in some common locations are deanonymized within three months (95% in three months for a single IXP)."

How did spiegel write in early 1997 on the situation with security soft and hardware: http://cryptome.org/jya/cryptoa2.htm

"What looked like inpenetrateable secret code to the users of the Crypto-machines, who acted in good faith, was readable with not more than a finger exercise for the informed listener.[...] In the industry everybody knows how such affairs will be dealed with," said Polzer, a former colleague of Buehler. "Of course such devices protect against interception by unauthorized third parties, as stated in the prospectus. But the interesting question is: Who is the authorized fourth?"" In the old Spiegel article on Crypto AG, BND created an entire crypto hardware company. With management, shareholder value, and engineers, who where then forced by management to implement backdoored encryption routines.

And now we have tor, which is vulnerable against an attacker with exactly the capabilities of NSA, and of course tor was developed by the Defense Advanced Research Projects Agency (DARPA) of the United States at a time where NSA already was able to create a network graph of the entire world http://goo.gl/itKDUy

Wow that's a long post. Here's some more reading:


That's the response and explanation for the research paper you cite. It *is* a big deal, but it is not necessarily a fundamental problem with the Tor design.

Also when you say "created with support from DARPA" and then later you say "developed by DARPA" as if they're synonyms, you're undermining your credibility. Yes we used DARPA's money, but no they didn't write (or help write) Tor.

As for what NCIS used Tor for in Iraq: they told me they were using it to keep people snooping on their network connection from learning their (country) affiliation. Sounds plausible to me.

Oh, and finally: what is your reasoning for thinking the "Tor stinks" slides are written by GCHQ? I used to think that too, but then I talked to more people who are familiar with classification habits, and now I no longer think that.

Regarding your link, I think the following statement from the tor project is especially funny:

" Secondly, their scenario has the adversary control the Autonomous System (AS) or Internet Exchange Point (IXP) that maximally deanonymizes the user (they exclude the AS that contains the user and the AS that contains her destinations). This "best possible point to attack" assumption a) doesn't consider how hard it is to compromise that particular part of the Internet,"

Well, I know at least one "internet exchange point IXP, where they are making a full take. And this is just the worlds largest IXP today.

Germany's g10 law says that they can make a full take of 20% of the network capacity of a provider. At the hearing of the NSA investigation comission of the german parliament, the judges noted that 20% of the capacity of the largest internet exchange point in the world, de-cix is around its current maximum load of 3.4 Tbit/s, see p. 13:


But not only de-cix is copied by ND but they also copy from other providers:


And that BND indeed makes a full take if it copies, this was admitted by the german government:

http://goo.gl/jsh7BZ "Hierzu fordert der BND gemäß § 2 Abs. 1 S. 3 G10 in Frage kommende Telekommunikationsdienstleister auf, an Übergabepunkten gemäß § 27 TKÜV eine vollständige Kopie der Telekommunikationen bereitzustellen." in english:

"For this, BND demands, according to article 2 paragraph 1, sentence 3 G10, from the telecommunication providers in question to provide a complete copy of the telecommunication data at the handover points according to article 27 TKÜV."

That the internet exchange point de-cix is among the providers that are forced to provide a copy to BND was admitted by de-cix operators to the german computer magazine C't: http://goo.gl/PAXT8Z

So it is no wonder that there is a strange coincidence between the maximum load of 3.5Tbit/s at the world's largest internet node de-cix, and the NSA's project Rampart-A, which is advertised as having a network load of "more than 3 Tbit/s":


By the way, how the BND guys react if they catch e.g a pedophile banker, this is widely known (no, they do not give this to the police as they should....)


BND agents start their usual blackmail operation as follows

"with help of professionals from the red light district, BND had set up a trap. A hotel suite was rigged full of cameras. After showing the photos to the banker, he soon was cooperative and agreed to give more data on german tax evaders"

They are in fact using these persons as their own agents....

The tor software does a good job to protect against a company, like google or facebook tracking you. But the anonymity it provides rests on the idea that no agency could monitor the entire internet. Whilst this assumption is true for companies like google or an advertising service, it is useless against state actors like the NSA, which were able to create a graph of the internet when tor was created.

However, tor may be usefull as a first step in protecting against NSA. It may just give them some work to de-anonymize. But the most important thing is to encrypt the content of the communication.

Unfortunately, ssl connections with webbrowsers are not safe.
NSA regularly impersonates google and yahoo with false certificates that are accepted by many browsers. They call it "project flying pig"


So one has to verify the validity of a certificate personally. This is not practical with most websites. Hence one should restrict communication to people whom one knows personally.

For this, retroshare does a good job: http://retroshare.sourceforge.net/
It supports pgp encrypted email, chat, newsgroups, and voip, and it can be run over tor:


So if they de-anonymize the tor network, they would still sit on funny files encrypted with 4096 bit keys.

Regarding the BND, I think this story is fascinating:



It shows that the database software, which BND used to analyze raw data has in fact been been stolen with the entire sourcecode by the BND from a small german database company that develops software for police work. The database company has barely survived this attack by BND employees and won a lawsuit against a BND agent in a german court. She blogs here about her story here:


Her software patent holds in Germany and the US and she says on her website that she never has given the BND any rights to use her database software.

This is interesting, since BND gave NSA two sowftware tools: Mira4 and VeraS


According to the Snowden files, Mira4 and VeraS are used to analyze connections between data in the flow. This is exactly what the software that the BND stole could do. One would need a better technical description of these tools, but it could be that the M in Mira4 stands for "Mevisto", which was name of the company under which the BND tried to sell the stolen database software to europol:



If one would have more detailed information on Mira4 and VeraS, one could perhaps show that BND and NSA are using stolen software or at least are violating an existing patent when they use their software to analyze the flow of data coming from internet fibers....

It is clear to me that Communists have taken over the NSA. In older days you had to earn your surveillance. You had to do something that sets you apart to deserve special attention.
Nowadays communist NSA seems to have the idea that everybody is eligible for surveillance. This is absolutely Unamerican. I decline to pay for their socialist ambitions with my taxes!!!!

You can name it as you like but reality all and any BIG country/ corporation/organization ruling group shifts to protect and strength their internal structure and staff against any potential changes or disclosures from 'slaves' "by any mean necessary". Its called "national security". Your live means nothing. Thereis no place for democracy. Call them communists, fascists, imperialists they are all the same. And they WILL force you pay for any their "ideas".

In an interview with Kim Zetter, Glenn Greenwald discusses the Das Erste story and elaborated on why he thinks there is a second leaker:

Glenn Greenwald on Why the Latest Snowden Leak Matters
Kim Zetter
9 July 2014

After thinking over what he said, I realized that one of the published excerpts from the Snowden documents suggests a plausible second source, and if I guess correctly, the NSA is once again revealed to be an organization suffering from crippling self delusions about its supposed ability to gull anyone it pleases.

Someone wrote above:

"By noting the IP address of anyone who downloads tor or accesses a tor directory authority they first get a list of persons who want to be anonymous for some reason. These IP addresses can then be monitored in order to catch an interesting moment when they, by accident, do not make use of tor."

That's about right, but that doesn't mean NSA's evil schemes will always work the way they want.

NSA likes to try to convince their enemies (who consist of every citizen of every nation in the world, especially their own employees) that they have the best equipment, the smartest and most ruthless people, the biggest and best botnet ever, the most sophisticated math, the best security anywhere, and so on. Except for the last item, there is some truth in such boasts, but their propaganda is intended to obscure the fact that in the end NSA is built with duct tape and bailing wire, and always has been. Sure, NSA has lots of surveillance gear, but sometimes the air conditioning doesn't work, which is a sensible sign of far deeper flaws in its infrastructure, flaws which unlike the A/C cannot be fixed. We know that because the flaws have always been there. They have NEVER been fixed and they never will be. NSA has a long history of being improvisatory on a grand scale, and huge organizations which are mostly improvised and unsupervised inevitably wind up doing great harm to everyone, including themselves. The Snowden leaks are only the latest in a long series of episodes which teach this old lesson to a new generation, every decade or so.

The poster mentioned the Crypto AG scandal (now many decades old). But I think the Yardley leaks are an even more apt predecessor for the Snowden leaks.

The only honest comment I have yet heard from the NSA leadership about the Snowden leaks was a plaintive mumble to the effect that "we were only doing what's in our nature". And it's true that everything revealed by Snowden (and the second leaker) represents, from the spymaster perspective, a "natural evolution" from the illegal burglaries of embassy safes which so scandalized the world when Herbert O. Yardley revealed them.

But wiser heads can see that the activities of Yardley were illegal, immoral, and ultimately very harmful to the national interests of the USA (that's why the USG shut down the Black Chamber he headed), and of course the same is true of the more recent activities of NSA, only a million times worse, because NSA has actually has created the nightmare world which haunted Orwell and other visionaries who foresaw the horrors which would ensue if totalitarianism acquired sufficiently powerful technologies, and because NSA has made the same disastrous error committed by previous regimes which declared war on the entire world. That never worked out very well for the totalitarian warmongers in the past, and I doubt the story will end well for NSA either.

Those who have never heard of Herbert O. Yardley are directed to Wikipedia and the classic history by David Kahn.

Two key points about the analogy:

First, the "greatest achievement" of the American Black Chamber was to assist US diplomats negotiate a treaty which set the number of battleships the Imperial Japanese Navy was permitted to build at a lower level than the Japanese militarists had wanted. But this "disadvantage" for the IJN had become entirely moot well before Pearl Harbor, and Yardley's disclosures did lasting damage to the reputation of the USA as an "honest broker", damage which far exceeded the momentary value of his minor intelligence coup. This story encapsulates the entire history of NSA. The agency is always bleating that they are pulling off all these amazing intelligence coups which are "invaluable" to the State or War Departments, but the plain fact is that the truth always comes out, and it always does lasting harm to American interests which far exceeds any temporary unfair "advantage" gained from those minor intelligence coups. That's why the US Congress would be wise to simply shut it down once and for all.

Second, Yardley wrote a tell all book because he needed the money. Snowden is a classic whistleblower who went public after having exhausted all internal avenues for dissent. So to that extent the analogy fails.

This thread should somewhere contain a link to the Freehaven bibliography of academic papers on technical aspects of anonymity-enhancing systems, so here it is:


Not everyone who uses Tor can easily understand very many of these papers, but it should be evident that many smart people are working hard to improve Tor. One essential way of doing that is by trying to think like the enemy, and trying to (partially) subvert it, in order to make the next version even harder to subvert.

The poster is correct in suggesting that NSA poses a very real and present danger to the entire world. But it's far from invincible; it suffers from unfixable internal contradictions which in the end make it possible for ordinary people all over the world to band together to fight it--- and win.

NSA is our deadliest and most capable enemy, but not our only enemy; nations other than the US are rapidly ramping up their own cyberespionage and cyberwar capabilities, and have already demonstrated their eagerness to follow the US lead in employing them.

Repressive nations also follow US policy leads; here is one recent example:

5 journalists jailed 10 years for Myanmar stories
10 July 2014

The reporters quote a Myanmar government official as "justifying" the recent sentence of several journalists to hard labor like this: "It is a national security issue, and even a country like the U.S. would respond the same way on these matters."

Americans should bear in mind when they read about drone strikes that other nations are developing lethal drones also; perhaps this will increase their sympathy with the victims of collateral damage in current war zones. The NSA's answer to this "emerging threat" would be "spy even more on even more people". I suggest that a far cheaper, more humane, and wiser answer would be to stop setting such a sickening example for nations like Myanmar.

So the NSA doesn't like Tor users. Can it be the NSA is in fear it could miss out on something because they cannot watch all of it at will? They are like peeping toms making their lair in the bushes. Beware of the bushes, here there be dragons. Maybe they are just like simple highwaymen.

why you people making all negative comments? just don't do anything wrong

There seems to be a lot of paranoia in this thread. Yes the NSA is watching the internet. It is their job. Certainly some of the humans working at the NSA will act beyond their authorization, plan for it. There will be more Snowdens, when circumstances demand action. I worry a lot less about the NSA than most of you apparently. I watch the fringes. I use Tor to avoid leaving footprints on nut basket web pages, and I can tell you my friends, the world is full of nut baskets and goof balls, some of them are angry and armed. I would suggest that we work hard to keep the governments we already have honest. I prefer a stable government that I can complain about to going back to the barricades and pitchforks. Best sign-out recently seen: “Don’t trust everything you read on the internet” -Thomas Jefferson

I agree with you Even on TV and sometime online base newspapers.So technology improving means more scams ?

Can you give an example where the NSA prevented an armed nutcase to go on a rampage? If the NSA would care about such cases the school massacres of recent years would not have happened. There were enough online indications before these shootings. I think you confuse the NSA with law enforcement.

Clearly you are an optimist if you think more Snowdens will pop up on demand. In the US we have about 1.4 million people with top security clearances. They all went along year after year. As far as I know Snowden has been the only one in over a decade of excessively expanding surveillance to provide written evidence. Personal integrity and acting upon that is alarmingly rare.

Protecting the people from the government of the USA is important look at police brutality then google the patriot act the US is doomed no more freedom and no justice to be found please by all means help the people

"So the NSA doesn't like Tor users".

Indeed they do not, but who cares, because EVERYBODY hates THEM!


Turns out nobody likes being spied on, suffering intrusions into their computers/phones, data deletion, or murder by drone.

But guess what? NSA and GCHQ themselves use Tor. A lot.

Indeed, GCHQ has incorporated Tor into the infrastructure used by its 1500+ analysts working in the doughnut:


According to GCWiki, some JTRIG tools which incorporate Tor are:

JTRIG UIA via the Tor network.
JTRIG Infrastructure Team

(UIA = Unified Information Access tool)

Remote GSM secure covert internet proxy using TOR hidden services
JTRIG Infrastructure Team

(I wonder: what happens when the Dutch National Police try to delete GCHQ's hidden services?)

Domain for Generic User/Tools Access and TOR split into 3 sub-systems.
JTRIG Infrastructure Team

(FRUIT BOWL is a key component of GCHQ's remodeled infrastructure, introduced about 2012.)

JTRIG Tor webbrowser-Sandbox IE replacement and FRUIT BOWL sub-system
JTRIG Infrastructure Team

(Tails for GCHQ?)

JTRIG Operational VM/TOR architecture
JTRIG Infrastructure Team

End-to-End encrypted access to a VPS over SSH using the TOR network

(Scenario: overseas undercover agent wishes to write home without making it too obvious to the authorities in the country where he is stationed, who are of course doing some internet spying of their own.)

Allows batch Nmap scanning over TOR In Development
JTRIG Software Developers

A related JTRIG tool is specifically designed for scanning entire countries.

Another related tool tries to pull out content from poorly controlled ports like 445, from every computer in the world, just to see what's there. This sometimes goes under the name of "deep web collections":

is a port scanning tool designed to scan an entire country or city. It uses GEOFUSION to identify IP locations. Banners and content are pulled back on certain ports. Content is put into the EARTHLING database, and all other scanned data is sent to GNE and is available through GLOBAL SURGE and Fleximart.
Fully operational.

Also of interest:

Distributed denial of service using P2P.
Built by ICTR, deployed by JTRIG.

(So the entity which has been abusing the Tor network by flooding it with P2P is GCHQ.)

We all use Tor; many of us sometimes use other popular open source tools like Kismet. It's always interesting to see that the enemy uses the very same tools we do:

is a tool that processes kismet data in to geolocation information

It must be stressed that JTRIG admits that some of their tools are buggy, and most have technical restrictions not mentioned in the catalog. For example, this one probably won't work on the average Tor user:

CGI HTTP Proxy with ability to log all traffic and perform HTTPS Man in the Middle.
JTRIG Software Developers

Someone wrote "There seems to be a lot of paranoia in this thread." I can't guess which posts he had in mind, but this reminds me that years ago, whenever someone mentioned on a technical forum (these often run on VBulletin, the popular forum software) the suspicion, widespread among many in the telecom industry for many years, that NSA was breaking into IX switches all over the globe in order to spy on everyone, "people" quickly showed up to disrupt the discussion. The latest leak provides further insight into how the USG and HMG try to "shape" on-line discussions to suit their interests:

Provides 24/7 monitoring of VBulletin forums for target postings/online activity. Also allows staggered postings to be made.
JTRIG Software Developers

Framework for automated interaction/alias management on online social networks.
In Development.

Here is a story which focuses on this aspect of the JTRIG catalog:


The funny thing is, HMG thinks it has hired a lot of bright young people to do its bidding. But what are those bright young people doing at work? Why, playing on-line RPGs, of course!

Online Gaming Capabilities for Sensitive Operations. Currently Second Life.
In development.

Yes, NSA uses tor. They can often afford it. Tor does an excellent job against an individual or a company tracking you. The "targets" or "enemies" of gchq are, most often, just usual linkedIn or facebook users, from which they make their collection.

These targets can not de-anonymize the tor network, since they do not sit on the IXP.

It would be interesting to know whether GCHQ, NSA or BND still use tor when their adversary is a state actor who can easily monitor the entire net. So, do NSA use tor when they do operations in china? Or do russian services successfully use tor when they spy on the NSA? This would be interesting.

As long as one can easily de-anonymize the tor network once one sits at the internet backbones, or monitors the traffic at the points where it enters or leaves the tor network, one should use another encryption layer over ones communications.

Since ssl certificates can be easily faked by NSA and the likes, one has to restrict network communication to friends that one personally knows and from whom one can check their certificate.

So run applications like retroshare http://retroshare.sourceforge.net/ over tor, and the folks at NSA will have more fun with your data. Once they have de-anonymized the traffic, their fun begins with the pgp decryption....

so when nsa protected people at new york from bombs?but they waste time on tor..

or fsb with islam bombs at russian

not sure about extremist but nsa cares about it not the fact that islamist explode at new york every now and then with olympics..nsa jewish organization.they never did anything usefull for america.even cops do more than nsa ever did.

tor is dead.They are keep logs and working with the fedz

Given the large number of Tor nodes in the UK, TEMPORA, and other factors affecting the Tor network, this seems relevant to the discussion here:


Why are HMG and the USG exhibiting such raging paranoia towards their own citizens? Nominally, because they fear "radicalized" citizens returning with new skills from fighting in Syria or Iraq. But it is clear that such possibilities cannot possibly pose an existential threat to the future existence of the UK and USA. So why the paranoia?

The true explanation is suggested by a new study from MOD's Concepts and Doctrine Centre, called "Global Strategic Trends – Out to 2045". This study predicts the decline of the nation state over the next two decades, as corporations increasingly become the center of Establishment power, and as ordinary citizens become increasingly restive:


Some specific predictions found in the study which may be of interest to understanding how privacy issues may evolve over the next two decades:

* Unmanned systems are increasingly likely to replace people in the workplace, leading to mass unemployment and social unrest.

* Individuals may define themselves less by their nationality, with growing migration and stronger links to virtual communities.

* As the cost of sequencing an individual's DNA continues to fall, targeting an individual using their DNA may be possible by 2045.

* Large multinational corporations could develop their own highly capable security forces.

* Criminals and terrorists will have access to increasingly cheap unmanned drones and space satellites.

This study is only one in a long series of such studies produced by "defense think tanks" in the UK, USA, and other "Western" nations in decline. Indeed, in the USA, such speculations predate 9/11. After the fall of the Soviet Union, the leaders of the US military-industrial complex went looking for plausible new missions, and quickly fixed upon the idea that as Western nations decline, governments will become increasingly fixated on an "internal threat" from a large and growing underclass. In recent years, such US agencies as FBI and DHS have stated in public their view that the greatest threat to the USG comes from internal dissent. It is also worth noting that the new head of DHS wrote some of the notorious "drone memos" which "authorize" certain agencies to assassinate US citizens, even inside the US, using drone strikes. But in a decade, everyone will have drones.

Someone wrote above "I would suggest that we work hard to keep the governments we already have honest. I prefer a stable government that I can complain about to going back to the barricades and pitchforks." But the studies I mentioned earlier, the plans to target citizens, the undemocratic and dishonest way in which such awful legislation as the Snoopers Charter bill are being enacted, show why ordinary citizens would be foolish to depend upon their current governments to look out for their best interests.

On tor-talk, Isis (another Tor developer with experience talking to US spooks) addressed the issue of just whose interests NSA is trying to protect when it targets the entire world:


The USG encounters an awkward problem whenever it attempts to dampen domestic enthusiasm for revolution: the USA was created by one of the most spectacular revolutions in history, and the grievances expressed by those revolutionaries concerned governmental abuses, like the Writs of Assistance (universal search warrants) issued by the colonial authorities, which bear a striking and unmistakable resemblance to current abuses by US law enforcement and intelligence agencies. The poster quoted Thomas Jefferson, who rebutted that poster's view when he wrote (in a letter to a friend)

"I would rather be exposed to the inconveniences attending too much liberty than to those attending too small a degree of it."

Jefferson penned quite a few other opinions which seem relevant to the dilemma faced by modern citizens:

"Enlighten the people, generally, and tyranny and oppressions of body and mind will vanish like spirits at the dawn of day."

"The spirit of resistance to government is so valuable on certain occasions, that I wish it always to be kept alive."

"I believe that banking institutions are more dangerous to our liberties than standing armies."

"A strict observance of the written laws is doubtless one of the high virtues of a good citizen, but it is not the highest. The laws of necessity, of self preservation, of saving our country when in danger, are of higher obligation."

I suppose that as long as we are quoting out of context, one could interpret that last either as advocating for extralegal assassination of US dissidents, or for the disclosures of whistleblowers like Edward Snowden. For my part, I believe that the sum of Jefferson's writings over a long lifetime show clearly that the second interpretion is far more accurate.

Whistleblowers, boot your Tails; enlighten the People!

Someone asked earlier:

"Is there a TOR Forum where people can share information about enhancements to TOR, vulnerabilities and what people's experiences are when using TOR? This would be useful if such a forum doesn't already exist."

Roger answered a few days before Glenn Greenwald's latest reveal:


The most popular forum software is VBulletin, and one of the JTRIG "Collection" tools described in the leaked page from GCWiki (c. 2012) is relevant here:

Provides 24/7 monitoring of VBulletin forums for target postings/online activity. Also allows staggered postings to be made.
JTRIG Software Developers

The existence of such tools shows why it is so important for pro-privacy forums to allow anonymous Tor-enabled postings, and to strictly avoid forcing posters to maintain accounts.

(VBulletin apparently fails to use https to "secure" login name and password, much less Perfect Forward Secrecy, implying that all VBulletin forums are sitting ducks for the doughnuts. A Tor Project page warns against logging into any website unprotected by https over Tor, precisely because the exit node operator can collect the username/password if it is transmitted in the clear. But my point is that hosting user accounts at all amounts to inviting the bad 'uns to take their attacks to the next level, like targeted attacks aiming to intrude illicitly into the server.)

How to design a pro-privacy forum software? The JTRIG tools suggest some desiderata:

* no user accounts means no opportunity for the doughnuts to try to break into the user account of a "target",

* automated moderation tools to counter "post-bombing" by the doughnuts,

* very well protected administration accounts designed to counter attempted DOS targeting SSH service and password cracking,

* prepare for DDOS on the forum itself and for enemies attacking the DNS infrastructure to prevent citizens from even finding it.

These JTRIG tools seem relevant:

Overt brute force login attempts against online forums

Framework for automated interaction/alias management on online social networks.

Change outcome of online polls (previously known as NUBILO)

is the capability to increase website hits/rankings.
(i.e. subverting search engines so that citizens cannot find the real forum.)

Ability to inflate page views on websites.

Ability to artificially increase traffic to a website.
(i.e. DDOS over Tor, how nice that they like our network so).

Targeted Denial of Service against Web Servers.
(possibly by subverting DNS or by otherwise using "Upstream" pwning).

Targeted denial of service against SSH servers.

The JTRIG "Chinese menu" also cites some projects masquerading as citizen initiatives:

Public online group against dodgy websites.

This reminds me of projects (nominally citizen initiatives) which seek to discover and interdict malware contained in Tor data streams, especially since these projects share information with FBI and such. The stated goal is not a bad idea, but unless such projects have demonstrated the ability and willingness to find and interdict the nasty malware GCHQ and NSA are punting over Tor, they should be regarded, in an abundance of caution, as suspicious.

The MOD prediction that in the next few decades, multinational corporations may have larger armies than nation states may seem far-fetched. But the privitization of the military and paramilitary is already well under weigh on the other side of the pond. The most famous example is probably Blackwater's presence in New Orleans just after Hurricane Katrina, but a more recent example is this:


For the MOD predictions, see


Is it naive to think that there may still be some hope that the UK and US parliaments will start to push back against the "capture" of the governments of those nations by rogue intelligence agencies? Maybe not.

The outgoing DPP has drafted new rules protecting journalists, and he cited the Snowden leaks as proof these are needed:


GCHQ and NSA should simply be eliminated entirely. Both agencies are incorrigibly corrupt and anti-democratic. They constitute a far worse menace to the existing political systems in the UK and US than any so-called "terror group" or "rogue nation". Because they are themselves rogue shadow governments which function as amoral but technically capable criminal organizations.

Someone wrote above: "I worry a lot less about the NSA than most of you apparently. I watch the fringes. I use Tor to avoid leaving footprints on nut basket web pages, and I can tell you my friends, the world is full of nut baskets and goof balls, some of them are angry and armed. I would suggest that we work hard to keep the governments we already have honest. I prefer a stable government that I can complain about to going back to the barricades and pitchforks."

The poster also mentioned "humans", a tacit admission that much of NSA's oppression machinery is actually robotic. Another crucial point about the USIC's surveillance dragnet which has thus far gone unstated in this thread is the fact that the USIC is using the Big Data snarfed by the global dragnet to perform "predictive analysis" on a wide range of individuals, and in some cases it uses the results of these computerized analyses to draw up revised lists of assassination targets.

Good citizens might well ask: which is more dangerous to the People, a few angry "nut baskets", or a government which has been captured by rogue intelligence agencies? Which is more dangerous, a few deranged citizens armed with (one presumes) small arms, or a government which fields hundreds of heavily armed SWAT teams (even if many masquerade as 501c nonprofits), a government which is armed with hundreds of missile-carrying drones, nuclear weapons designed to kill people without damaging buildings, the surveillance dragnet built by NSA, and the demonstrated willingness to use these population oppression systems against peaceful political dissidents?

Simply asking this question provides the correct answer.

With tongue in cheek, I assert that semantic analysis suggests that the author of the quoted post was Gen. Hayden, who is currently functioning as Chief Propagandist for the Surveillance-Industrial Complex which he helped to create during his time in NSA/CIA. But if this attribution is wrong, this would simply illustrate the point of my own post:

Which is more dangerous to the beleaguered population of our little blue marble, a few angry and armed "nut baskets", or a semiautomatic killing machine, largely unsupervised by humans, which uses fallible algorithms to decide who to assassinate each week?

If you add "active terror groups" to the category of "nut baskets", this question might not be quite so easy to answer, but clearly it is a question which deserves free and honest public debate. A debate which, tellingly, GCHQ and the USIC are evidently determined to prevent.

some comments are very nasty

What happened in the UK?

Speaking of GCHQ and NSA... Given the stated goal to crack 'darknet' and revelations about operating exit nodes, is today's massive pedo sweep across the UK related?

NCA deputy director general Phil Gormley said sex offenders should understand they cannot avoid detection while using the internet, even on the so-called "dark net". "I want as much confusion and fear to remain in the minds of those who want to perpetrate this sort of crime as possible”. Is this just an attempt to confuse or was Tor exploited in some way.

This is a difficult circumstance under which to ask questions about tor security. Do I become a pedo or terrorist suspect just for using tor, and even more so for asking about vulnerabilities during a massive bust, lol. Even if I do, I still need to ask for the sake of anon everywhere. ;)

What is known?


"What happened in the UK?"

It passed.

Parliament passes emergency Data Retention Bill
17 July 2014

This is very bad news, not just for UK people but for people everywhere:

Drug trafficking and gmail: Now our email is needed to fight common crime?
Marcy Wheeler
17 July 2014

Microsoft and other US "cloud provider" giants are resisting the global data grab, but it should be said that Microsoft is not without sin. See its most recent "botnet takedown", which was badly botched and disrupted the perfectly legal activity of thousands of victims of "collateral damage".

The USIC and its allies are continuing to field what we might delicately call "creative" arguments for why the US Congress should, they say, authorize them to break into the computers of ordinary citizens who are not suspected of doing anything wrong. Two which have come up frequently of late:

(i) clueless Windows users who don't know and don't care (seemingly) that their PC has been enlisted in a botnet pose a menace to the civilized world, they say, so Microsoft wants permission to "remotely access" all PCs suspected of belonging to a botnet, without the knowledge or permission of the legitimate owner, in order to "delete objectionable content" (presumably meaning both malware and any files stored by the botnet owners).

(ii) journalists, bloggers, eco-activists, academic researchers and others might plausibly be targeted by "foreign intelligence organizations" and multinational corporations (all too true, as far as that goes), so the FBI wants permission to "remotely access" their computers, without their knowledge or permission, in order to image drives and look for evidence that other intruders have been there before.

Needless to say, "remote access" is a euphemism for an unauthorized intrusion, and "delete content" means wiping (or cryptolocking) someone's hard drive.

Amazing, isn't it, that Congress continues to give any ear time to these folk?

Suppose some mob boss walked into his Senator's office and said: "In order to conduct my business, I need to make unauthorized clandestine intrusions into computers owned by other people, possibly in other countries. Please make a law just for me so I don't have to worry about anyone possibly accusing me of doing something wrong". I hope the Senator would decline the thousand dollar check and show this fellow to the door. Why should it be any different when he comes calling with an FBI identification badge?

I feel that the Golden Rule is a pretty good rough guide to ethical behavior in most situations. How would the FBI feel about someone breaking into THEIR computers and stealing, altering or deleting data? Not very happy, I should think. And that's why the FBI should be told to get lost when they come, badge in hand, asking to do unto others what no-one wants done unto himself.

Regarding what NSA does with the content it snatches from ordinary citizens caught up in the global dragnet:

Snowden: NSA employees routinely pass around intercepted nude photos
"These are seen as the fringe benefits of surveillance positions," Snowden says.
by Cyrus Farivar
17 July 2014

Small wonder that UNCHR (United Nations Commissioner for Human Rights) urges that Snowden be amnestied outright, and declares the activities of NSA and GCHQ to be illegal under international law.

UN Human Rights Report and the Turning Tide Against Mass Spying
By Parker Higgins and Katitza Rodriguez
16 July 2014

This madness must stop. NSA and GCHQ must be eradicated.

John Young does many good things at cryptome.org, and I was very happy to see that website return after that it's latest banishment. He rarely explains why he publishes the things he does, so I have no idea why he just published a somewhat incoherent "critique" of Tor:

On Trusting Tor: Not If Your Life Is At Stake
July 17, 2014

The author is Bill Blunden, who has written two books on malware.

I can't tell what advice Blunden is really trying to offer, but he seems to be telling citizens to stop using Tor, end-to-end encryption, or any other technical countermeasure. I think that would be very foolish.

Let's briefly review what the people most knowledgeable about the threat landscape think about the most popular privacy-enhancing tools:

* The NSA presenters of the "Tor stinks" briefing said NSA will never be able to directly subvert Tor, and added that they found CNE against Tails to be a "bitch". GCHQ also implicitly endorses Tor by incorporating it as the foundation of their own infrastructure (as discussed above). NCIS investigators posted overseas (to investigate potential fraud by US military contractors, I presume) use Tor to communicate with their bosses, family and friends, without alerting possibly unfriendly local telecom engineers that USG officials are staying in a certain house or hotel room.

* Edward Snowden, someone in an excellent position to know the true capabilities of NSA through 2013 (he did after all teach technical countermeasures to USIC people as part of one of his earlier jobs with the USG), says that end-to-end encryption, properly implemented, works.

Snowden recently expanded on that view in an interview:

Edward Snowden urges professionals to encrypt client communications

Snowden also likes Spideroak:

Snowden: Dropbox is hostile to privacy, unlike 'zero knowledge' Spideroak

So the people who know best say more people should use Tor and GPG/PGP, not less, and I agree with them.

But Blunden seems to think some privacy advocate out there is telling citizens at risk that simply using Tor will by itself provide for all their security-anonymity needs [sic]. Of course that's not true at all. The blog he cites, from EFF, is here:


What EFF and other privacy advocates have really been saying is this: everyone is at risk to some extent from targeted attack by professional spooks (or their automated mass attack tools), so by all means use Tor, but try to use it wisely:


In more detail:


Tor is designed to do certain things, and thanks to Edward Snowden, we now know that, at least as of 2012 or so, it does those things well enough to foil the largest and most lethal intelligence agency which has ever existed. Not bad for a tiny nonprofit project with less than a dozen employees.

Tor is by no means the only software which has proven invaluable to bloggers at risk and other people targeted by NSA or competing intelligence agencies. Tails provides not only Tor and a modified Tor browser, but additional tools such as mat (a metadata scrubbing tool, for those publishing an image of a policeman misbehaving, for example) and ssss (Shamir's secret sharing system, a tool for distributing master keys and other critical information among the members of a cooperative).

Everyone who knows anything about computer security knows that in software, true perfection is impossible. (That's a theorem.) Computer security is not a destination to be reached, but a process to be pursued. Anonymity and digital privacy are not goals to achieve, but the almost complete lack of these two things at the dawn of the 21st century are urgent (and sometimes life threatening) dangers to ameliorate.

Multiple hostile agencies are scanning every computer in the world for vulnerabilities and exploiting zero days to suck up whatever they can, following Gen. Alexander's instructions to "collect it all".

The problem we all face is this: the People don't define who the spooks identify as targets: they do, and as we have seen in the most recent disclosures by Greenwald and Gellman, their choices often seem pretty strange.

Perhaps the most important lesson from the Snowden leaks is this: just because you are not doing anything wrong, or even suspected of doing anything wrong, does not mean that you will not come under targeted attack by professional spooks.

These days there is simply no way for any ordinary citizen to tell whether or when they might become a target. Unless they belong to one of the groups, like Muslims, journalists, human rights advocates, telecom engineers, network sysadmins or Tor users, who have already been proven to be targets, not because of anything they are suspected of doing, but because of who they are or what work they do. In which case you know you are under attack and you should exercise the natural right of self-defense of any innocent person who comes under attack by a hostile force.

When you are under attack, you can't stop to complain that the tools you have available to defend your computer and person are imperfect, you must use what you have and get on with defending yourself against the enemy. Using Tor, end-to-end cryptography, CNE-resistant computing systems such as Tails, and other legal countermeasures, would seem to just be common sense.

It's awful but true that thanks to Alexander and Hayden, everyone on Earth is potentially at risk of:

* being spammed by spooks:

Mass delivery of SMS messages to support an Information Operations campaign

* being maliciously manipulated by spooks:

Framework for automated interaction/alias management on online social networks.

Change outcome of online polls (previously known as NUBILO).

amplification of a given message, normally video, on popular multimedia websites (Youtube).

* being maliciously impersonated by spooks:

Ability to spoof any email address and send email under that identity.

Change outcome of online polls (previously known as NUBILO).

* being MTM'd by spooks:

is a delivery method (Excel Spreadsheet) that can silently extract and run an executable on a target's machine.

* having their PC, phone, home router, printer, etc., scanned by spooks:

Allows batch Nmap scanning over TOR.

* having their private communications copied and stored by spooks:

A tool for regularly downloading gmail messages and forwarding them on to CERBERUS mailboxes.

* having their encrypted data copied for cryptanalytic attack in case greatly improved techniques later become available to spooks:

Distributed network for the automatic collection of encrypted/compressed data from remotelyhosted JTRIG projects.

* having their electronic data stolen by spooks, not because you are suspected of doing anything wrong, but just because you live in the Bahamas or some other country targeted by spooks pursuing their covert goals:

is a port scanning tool designed to scan an entire country or city. It uses GEOFUSION to identify IP locations. Banners and content are pulled back on certain ports. Content is put into the EARTHLING database, and all other scanned data is sent to GNE and is available through GLOBAL SURGE and Fleximart.

* being malicious misdirected to a lookalike malware-punting website by spooks:

Real-time website cloning technique allowing on-the-fly alterations.

* being sent malware by spooks:

Technique of getting a targets IP address by pretending to be a spammer and ringing them. Target does not need to answer.

* having their bank balance monitored (or zeroed) by spooks:

The covert banking link for CPG JTRIG'S MS update farm

* being DOS'd by spooks:

Ability to deny functionality to send/receive email or view material online.

Targeted denial of service against SSH services.

is a tool that will permanently disable a target's account on their computer.

* being cyberstalked by spooks:

is a bulk search tool which queries a set of online resources. This allows analysts to quickly check the online presence of a target.

Provides 24/7 monitoring of Vbulletin forums for target postings/online activity. Also allows staggered postings to be made.

and having the most personal aspects of their private lives examined by spooks, not for "national security" but just for kicks:


What the leaks show is that these are things the spooks will do to us if they find that they CAN do those things. But if we take countermeasures, they will find it more difficult to do all or any of those things, and the more citizens who take countermeasures, the more difficult it will be for them to target us all.

So the latest revelations do not provide reasons to despair and give up without a fight. They provide reasons to defend ourselves against hostile attack.

We the People are not the evildoers; the spooks are, whether they work for President Assad, USG, HMG, or CHICOM. We have every right to defend ourselves by using the best tools currently available. Right now those tools include Tor, Tails, PGP/GPG, LUKS encryption, SSSS, SpiderOak, and more are coming soon (not silly things like dubious VPNs but credible tools being built by smart and well-informed researchers).

I say we get our hands on those tools and turn them loose on the NSA !
Attack THEM !
F**K the goverment !!!!!!!!!!!!!!!!!!!

Someone snarked:

"Having at least one key spokesman with an appearance that looks like it was groomed to shout, "Look at me! I'm an obnoxious, in-your-face narcissistic degenerate twerp!", doesn't exactly help Tor's image."

If there were really such a crime as felonious twerpitude, John Brennan would be bunking with KSM.

All joking aside, there are very credible allegations of real war crimes for which Brennan could very plausibly be charged at the ICC, and we should work to see that one day he IS charged with these crimes.

UK tracked 10000 and busted 660 pedo's using the 'dark web'

I think this is an interesting article on the relationsip between tor and the NSA:


Money quotes:

"In 2012, Tor co-founder Roger Dingledine revealed that the Tor Network is configured to prioritize speed and route traffic through through the fastest servers/nodes available. As a result, the vast bulk of Tor traffic runs through several dozen of the fastest and most dependable servers: “on today’s network, clients choose one of the fastest 5 exit relays around 25-30% of the time, and 80% of their choices come from a pool of 40-50 relays.”

And now guess who runs the "fastest and most reliable" tor servers:

"In his e-mail, Snowden wrote that he personally ran one of the “major tor exits”–a 2 gbps server named “TheSignal” {from his office at NSA in Hawaii) –and was trying to persuade some unnamed coworkers at his office to set up additional servers. He didn’t say where he worked. But he wanted to know if Sandvik could send him a stack of official Tor stickers. (In some post-leak photos of Snowden you can see the Tor sticker on the back of his laptop, next to the EFF sticker)."

So the bottom-line is, when you use tor, your traffic is guaranteed to get through NSA servers

Fortunately, we've gotten more diversity in the Tor network since that time years ago.

I encourage you to explore https://compass.torproject.org/ and look at the set of relays currently running.

We have a long way to go in terms of good location diversity, and one of the critical things we've been learning in the past year is just how centralized the Internet is compared to a large adversary like the NSA:

In general, the article you quote is a smear story with twisted quotes and wrong facts. But I encourage you to read all about Tor and learn things for yourself, rather than trusting either it or me.

Some recent comments from Edward Snowden seem to endorse and amplify some of the comments above about the urgent need for encryption and opposition to NSA:




More reasons to fight NSA:


More reasons to use end-to-end encryption of emails:




Could this be relevant to the claim that people who live in FVEY nations see Tor circuits which repeatedly cross the same national border far more often than would be predicted by published node weights ("bad W")? Or the allegation that domestic phone calls and domestic internet traffic is often deliberately directed through FVEY national borders to create the legal pretext for collecting content. (For Canadians, some say this is a real phenomenon, due to the economics of peering, but if so it seems to work to the advantage of the enemy.)

Another example of how the IT community is reacting to the Snowden leaks:


But this comment (at the end) raises an eyebrow: "We are also very grateful for assistance from Dave Täht of CeroWRT and the Wi-Fi router hackers at Independent Security Evaluators (ISE)." ISE appears to be associated with at least one former NSA cyberintruder (who worked there breaking into computers for a decade, not comparable to Roger's summer internship). I am not saying don't talk to experienced former (?) NSA baddies, just be very careful in evaluating the possible motivations behind what they tell you. Remember what happened at NIST and Google when they trusted NSA to play nice, because they swore they would.

Both HMG and USG have long regarded spooks as possessing a "license to lie", even in sworn testimony. One of the most troubling aspects of the new Snooper's Charter in the UK is that this principle has been extended to a license to break ANY law. No exceptions. Together with US Attorney General Eric Holder's very pointed refusal to rule out drone strikes inside the USA, this suggests that HMG and USG are preparing the ground for lethal action should future street demonstrations be deemed to pose "existential threats" to the regime.

The US media has been giving much space to an internment camp located on the grounds of Lackland AFB, where large numbers of unaccompanied children are being held. (The right wing press is furiously demanding instant deportation on the grounds that these children are "disease-ridden", while the left wing press is pointing out that these are not terrorists but desperate children fleeing violence in their homelands, who have walked hundreds of miles, so of course they are infested with lice, which is easily cured.) Curiously, neither side seems to have noticed that another facility of interest located on the same AFB is an NSA facility which includes workspace for almost a thousand analysts and cyberspies, plus the backup facility for the Utah Data Center recently overflown by Greenpeace and EFF.

No news media, not even The Intercept, appear to have yet so much as hinted at the malevolent implications of the JTRIG tool known as HACIENDA, which is designed to "pull back" content from every vulnerable computer in an entire city or even an entire country (e.g. the Bahamas), after another JTRIG tool (nmap for doughnuts) has identified vulnerabilities by scanning all the computers in a target country. It seems reasonable to assume that JTRIG scans all US small office and personal devices as a favor for the USG, while NSA Texas scans all UK devices as a favor for HMG.

While discussing the effectiveness of Tor in making things harder for the spooks who want to watch every move made by every potential terrorist, i.e. every ordinary citizen going about his/her daily business, we should not lose sight of the fact that Tor can help foil huge numbers of other intrusive spies.

Tell all your friends: another reason to use Tor Browser Bundle is that it provides some protection against canvas fingerprinting:

Meet the Online Tracking Device That is Virtually Impossible to Block
A new kind of tracking tool, canvas fingerprinting, is being used to follow visitors to thousands of top websites, from WhiteHouse.gov to YouPorn.
by Julia Angwin
ProPublica, July 21, 2014, 9 a.m.

Assuming you are not using TBB or Tails, and that you have enabled Javascript:

Reading the paper? You're being canvassed at these sites:

Looking for official health information? You're being canvassed:

Looking for a college? You're being canvassed:
4179 http://cuny.edu (City University of New York)
6557 http://ucdavis.edu (Univ. of California, Davis)
8369 http://ncsu.edu (North Carolina State University)
12256 http://uga.edu (University of Georgia)
43949 http://fitnyc.edu (Fashion Institute of Technology)

Looking to retire online? You're being canvassed:

Looking for other official information? You're being canvassed:

Trying to sound off? You're being canvassed:

Interested in overseas USG work? You're being canvassed:

Source for the websites is one of the cited researchers:

Yes indeed. We talked to Gunes last week at the PETS symposium. He's doing great stuff. I'm glad Mike Perry and the rest of the Tor Browser team are talking to him.

the interesting fact is that whitehouse.gov is using this. And youporn.

And now you have to think of these spooks at the upstream collection, where they listen to data in international fibers. From there, they get the communication of this canvas tracker, and when it sends your identity to the advertising company. NSA is known to use cookies, for example with google.

When they exchange intercepted nude photos, I'm sure that they also created, just for fun, a graph that shows which government site is most likely visited by regular youporn visitors...

"So the bottom-line is, when you use tor, your traffic is guaranteed to get through NSA servers".

I do not think that the facts do not support this conclusion.

The Snowden documents provide the most trustworthy account of what NSA and its allies were doing through early 2013, and these show that NSA and GCHQ ran only a few nodes. As already noted, in late 2012 GCHQ re-jiggered its infrastructure to incorporate Tor, but I see no indication that they did more than piggyback on the existing network. The JTRIG "Chinese menu" suggests they are running a thousand Tor browsers, not that they are running a thousand Tor nodes.

The documents do include a brief research project in which GCHQ ran about five nodes for a week or so, and I believe that Roger said somewhere that he knows which nodes they ran, and those nodes have not been operating for a long time now.

"In 2012, Tor co-founder Roger Dingledine revealed that the Tor Network is configured to prioritize speed and route traffic through through the fastest servers/nodes available."

This refers to circuits being built using existing nodes, with the choice of each node approximately weighted by its bandwidth. The precise way this is done is apparently too complicated for humans to grasp, but the basic idea is clear. One crucial point is that the Tor Project knows all about "Sybil attacks", and it checks the reported bandwidth of each node using its own servers to prevent such an attack.

Many design choices in Tor involve difficult tradeoffs. Often in order to thwart one type of attack, you try something which increases the risk of another type of attack. That is not really surprising if you know much about computer networks. I don't always agree with the design choices made by the Project, but these choices have been transparent, and have been discussed in public in advance. Anyone curious can find links at this website (torproject.org) to mailing lists like tor-dev where they can see lots of people discussing technical issues, with the goal of improving the security and anonymity of Tor users.

I believe that Roger has recently stated that he thinks that intelligence agencies could not run large numbers of nodes without being noticed. If I misunderstood, I hope he will correct me.

"As a result, the vast bulk of Tor traffic runs through several dozen of the fastest and most dependable servers"

Over the years I have gradually learned to distinguish the families known to operated by "friendlies" and I believe that the largest families are friendly. Some years ago, it was true that only a few dozen servers, operated by a handful of entitities, carried more than half of the traffic, but those entities were friendly, and things have improved since then. Not enough, but moving in the right direction.

"In his e-mail, Snowden wrote that he personally ran one of the “major tor exits”–a 2 gbps server named “TheSignal” {from his office at NSA in Hawaii)"

I'll have to check, but I believe it was called "TheSignul". In any case, you're greatly overestimating the fraction of the world's traffic which was carried by that node at its peak, and you're missing the point that Snowden is a known friendly operator. I would have thought that data diodes would rule out the delicious vision of Snowden literally running a Tor node from inside NSA Hawaii, so I hope someone will explain.

It might help to offer the public some RECENT statistics about large families of nodes in the current Tor network.

"The Snowden documents provide the most trustworthy account of what NSA and its allies were doing through early 2013, and these show that NSA and GCHQ ran only a few nodes."

No. Unfortunately, we have this information from the tor stinks slide


"Gchq runs tor nodes under newtons cradle. How many? on p. 4

and on p. 20:

"How many nodes do we have cooperative access to? Can we deploy similar code instructions to these nodes?"

So these guys, whoever they were, who wrote the TOR stinks presentation did not even have the clearance to know how many nodes the GCHQ operates.....

On the other hand, we have this statement of dingledine:


"But lately the Tor network has become noticeably faster, and I think it
has a lot to do with the growing amount of excess relay capacity relative
to network load:


At the same time, much of our performance improvement comes from better
load balancing -- that is, concentrating traffic on the relays that can
handle it better. The result though is a direct tradeoff with relay
diversity: on today's network, clients choose one of the fastest 5 exit
relays around 25-30% of the time, and 80% of their choices come from a
pool of 40-50 relays."

This is, against an adversary like the NSA quite toxic. Since they can deliver exit relays that are guaranteed to be under "the 5 fastest" for sure.

Here is the original article describing snowden running a major exit node called the signal:


"In his e-mail, Snowden wrote that he personally ran one of the “major tor exits”–a 2 gbps server named “TheSignal”"

Additionally, the NSA monitors Internet Exchange points, for example, de-cix: https://netzpolitik.org/2014/total-exklusiv-bnd-hat-zugriff-auf-deutschen-internetknoten-de-cix/

this together with them monitoring some exit nodes makes the ingredience of the various ways of attacks described in

which can be used to de-anonymize 80% of the tor users in some weeks.

The question is how far is the NSA in doing this attack. Unfortunately, we still lack information on this.

The tor stinks slide writes:
"Gchq runs tor nodes under newtons cradle. How many? on p. 4

and on p. 20:

"How many nodes do we have cooperative access to? Can we deploy similar code instructions to these nodes?"

Information on how far NSA is in their attack can not come from agents who do not even know how many nodes NSA or GCHQ run.

However, even those agents state that they have a desired use for tor. Namely to use it as a honeypot:

"Critical mass of targets use Tor. Scaring them away might be counterproductive.
We can increase our success rate and provide more client IPs for individual Tor users."

So even those spooks who wrote the tor stinks slides advertise that users should go on and use tor, so that NSA and GCHQ have an attack vector where they can find many targets.

Lots of news to discuss.

Don't panic. We're in an arms race. The evidence clearly shows the good guys are winning. Our only argument is over which side is which!

" we have this information from the tor stinks slide"

Can you be specific? What do you believe is the number of nodes they are running, and on what basis?

There are four documents of interest which are now in the public domain:
* 2006: CES writeup
* 2007: Tor Stinks (original)
* Oct 2010: Op Mullenize
* Jun 2012: Tor Stinks (update)

Here are the numbered slides of the last with a few notes (indicated by %)

Tor Stinks
June 2012
Derived from: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20370101
% The original slides date to 2007; the updates to Jun 2012

We will never be able to de-anonymize all Tor users all the time.
With manual analysis we can de-anonymize a very small fraction of Tor users,
however, no success de-anonymizing a user in response to a TOPI request/on demand
% True in 2007; we infer this remained true in 2012

Remation II
Joint NSA GCHQ Counter-Tor workshop
Week one at MHS focus on analytics
Week two at GCHQ focus on exploitation
% MHS = Menwith Hill Station

Laundry List
* Analytics to denanonymize users
- Circuit reconstruction
- Goes inta goes outta/low latency (2)
- Cookie leakage
- Dumb users (EPIC FAIL)
- Node Lifespan (17)
* Technical Analysis/Research
- Hidden services (4, 5, 6, 7)
- Timing pattern (3)
- Torservers.net/Amazon AWS
* Exploitation
- QUANTUM attacks (1, 20, 22)
- Existing options (8 + 11)
- Shaping (9 + 16)
- Web server enabling (10)
- Nodes (14)
- Degrade user experience (13 + 18)
* Nodes
- Baseline our nodes (21)
- Tor node flooding
% This slide is the table of contents; I don't read the parenthetical notes as stating that the enemy ran 21 nodes in 2012.

Analytics: Circuit Reconstruction
* Current: access to very few nodes. Success rate neglible because all three Tor nodes in the circuit have to be in the set of nodes we have access to.
- Difficult to combine meaningfully with passive SIGINT
* Goal: expand number of nodes we have access to
- GCHQ runs Tor nodes under NEWTONS CRADLE (how many?)
- Other partners?
- Partial reconstruction (first hops or last hops)?
% True in 2007; we infer this remained true in 2012

Analytics: Goes Inta Goes Outta/Low Latency
Find possible alternative accounts for a target: look for connections to Tor, from the target's suspected country, near time of target's activity.
* Current: GHQH has working version (QUICKANT). R has alpha tested NSA's version. NSA's version produced no obvious candidate selectors.
* Goal: Figure out if QUICKANT works, compare methodologies. Gathering data for additional tests of NSA's version (consistent, random and heavy user)
% "Low latency" refers to data stream into any given entry node is usually rapidly followed by corresponding packets out at some exit node; this is well known and by itself does not de-anonymize anyone.
% Tor Project has long been aware that if Tor user x is the only user in country K, x is all too easily deanonymized using "upstream access"

Analytics: Cookie Leakage
Use cookies to identify Tor users when they are not using Tor
* Current: preliminary analysis shows that some cookies "survive" Tor user. Depends on how target is using Tor (Torbutton/Tor Browser Bundle clears out cookies).
* Goal: test with cookies associated with CT targets
- Idea: what if we seeded cookies to a target?
- Investigate Evercookie persistence
% Torbutton has been obsolete for a long time; both current TBB and Tails appear to provide good protection against Flash Evercookies. I don't know how they fare against GooglePrefID cookie. Julia Angwin says current TBB should resist canvas fingerprinting (maybe true only if disable Javascript)
% So as of 2012, TBB was good enough at preventing cookie leakage.

Analytics: Cookie Leakage
DoubleclickIDE seen on Tor and non-Tor IPs
[Example Redacted]
% This appears to be an old issue that never affected all Tor users

Analytics: Dumb Users (EPIC FAIL)
GCHQ QFD that looks at Tor users when they are not using Tor.
* Current: GCHQ has working QFD based on hard selector (email, web forum, etc) but does not include cookies.
* Goal: NSA investigating own version (GREAT EXPECTATIONS) that would include cookies.
% hard selector means specific IP, specific forum running VBulletin, etc.

Analytics: Node Lifespan
How do I know WHEN a particular IP was a Tor node as opposed to IF was a Tor node?
* Current: detection done once an hour by NTOC. RONIN stores "last seen" and nodes age off slowly with no accurate lifespan.
* Goal: working with RONIN to add more details on node lifespan.
% the desired service was provided (for LEAs) by Tor Project; this does not by itelf deanonymize individual Tor users

Analytics: DNS
How does Tor handle DNS requests? Are DNS requests going through Tor? Does this depend on how the target is using Tor?
* Current: still investigating.
% As of Jun 2012, the enemy apparently still did not understand how Tor works, which struck me as very odd. Comments?

Technical Analysis: Hidden Services
What do we know about Hidden Services?
* Current: No effort by NSA, some DSD and GCHQ work on ONIONBREATH.
* Goal:
- Harvest and enumerate .onion URLS
- Identify similar HS based on referer fields
- Distinguish HS from normal Tor clients
% ONIONBREATH seeks to identify users of hidden services
% referer field appears in clear text if you surf to an http site

Technical Analysis: Timing Pattern
Send packets back to the client that are detectable by passive adversaries to find client IPs for Tor users.
* Current: GCHQ has research paper and demonstrated capability in the lab.
* Goal: Can we expand to other owned nodes?
% Timing patterns form a well-studied class of deanonymization attacks on Tor users, so Tor Project devs have been working to resist them for many years.

Technical Analysis: torservers.net
Investigate the Amazon AWS cloud instances of Tor servers. How are IPs allocated and reassigned once bandwidth limit is reached? Impact on RONIN's ability to detect nodes?
* Current: GCHQ set up Tor nnodes on the AWS cloud during REMATION II.
% In 2012, someone at Tor Project said, GCHQ ran about a dozen nodes for about two weeks. Tor Project figured out which nodes they ran and said they are no longer operating.

Exploitation: QUANTUM
* QUANTUM to degrade/deny/disrupt Tor access?
* QUANTUMCOOKIE - forces clients to divulge stored cookies.
% It is well known that the attempts do degrade/deny/disrupt Tor access to certain sites have been successfully used to infer enemy "chatter", and indicated the location and purpose of at least one SEAL operation a week in advance, so this can work both ways.
% The figures diagram the basic QUANTUM attack, which only works on http destination servers:
% a Tor client sends an triply encrypted GET to some entry node, which emerges in cleartext from some exit node; NSA/GCHQ detects this cleartext packet "upstream" as it passes to destination server, and uses its global network to beat the genuine reply with a faked reply which maliciously redirects clients torbrowser to hotmail and/or Yahoo!; that is, the client torbrowser is tricked into sending a second triply encrypted GET request to yahoo.com contaning a Y_cookie, which emerges at exit router as a cleartext GET request "stained" with the Y-cookie; similarly for hotmail.com with MUID "staining"

Exploitation: Existing Options
Test current CNE techniques (FA and SHORTSHEET) against Torbutton and TBB users.
* Current: Torbutton and TBB prevent CNE success. Possible success against "vanilla" Tor/Vidalia.
* Goal: modification to initial CNE surveys? Ignore user-agents from Torbutton or TBB? Improve browser fingerprinting? Using javascript instead of Flash?
% CNE = Computer Network Exploitation, i.e. illicit remote intrusion
% Flash disabled by default in recent TBB/Tails, for good reason
% Javascript enabled by default but users can choose to disable it

Exploitation: Shaping
* Given CNE access to a target computer can we shape their traffic to "friendly" exit nodes?
* Route users to a separate "private" Tor network?
* Stain their traffic or user agent?
* Instruct target computer to use a service that connects outside Tor and reveal true IP?
* Current: Can stain user agent working on shaping.
% The bad guys are trying to use their global "upstream" access to traduce DNS lookup, and may also attack the controller on the client machine using CNE (see note to slide 19 below)

Exploitation: Web Server Enabling
Given CNE access to web server modify the server to enable a "timing/counting" attack similar to timing pattern idea.
* Current: GCHQ has a research paper and demonstrated the technique in the lab.
% In 2012, GCHQ could trojan test web servers running in a cyberrange; this does not by itself imply they could trojan every Tor user's client in the real world

Exploitation: Nodes
Can we exploit nodes?
Probably not. Legal and technical challenges.
% Evading US or UK laws is not a moral issue, but merely poses a "challenge". This reminds one of Bethmann's notorious dictum from August 1914: "neccessity knows no law" (which is how he "justified" invading Belgium on the way to France). This is the only slide which is obviously out of date since we know that starting about 2012, FBI, NSA, and GCHQ all started pressing hard for additional "authorities" to directly attack the computer of every Tor user (a population whose IPs they have mostly enumerated). FBI in particular is reported by the NY Times to have argued (in closed door sessions in the US Congress) that it "needs" to remotely illicitly intrude into computers used by US-based journalists and bloggers in order to protect them from non FVEY intelligence agencies [sic].

Exploitation: Degrade Tor experience
Given CNE access to a web server make it painful for Tor users?
Given CNE access to a network can we deny/degrate/disrupt Tor users?

Nodes: Baseline Our Nodes
How many nodes do have cooperative or direct access to? Can we deploy similar code to these nodes to aid with circuit reconstruction?
Can we do packet timing attacks using these nodes?
Can we use the nodes to shape traffic flow?
Can we use the nodes to deny/degrade/distrupt comms to certain sites?
% In 2007, they apparently didn't know how many Tor nodes were operated by FVEY partners or Second Party agencies (such as the German, Swedish, and Dutch intelligence agencies and police agencies).

Nodes: Tor Node FLooding
Could we set up a lot of really slow Tor nodes (advertisted as high bandwidth) to degrade the overall stability of the network.
% This is an odd comment, since such Sybil attacks are well known and appear to be well defended against.

Tor Stinks... But it could be Worse
* Critical mass of targets use Tor. Scaring them away from Tor might be counterproductive.
* We can increase our success rate and provide more client IPs for individual Tor users.
* Will never get 100% but we don't need to provide true IPs for every target every time they use Tor.
% The enemy wanted to try harder to enumerate the IPs used by everyone who uses Tor, each hour. We infer that as of 2012, they felt they would never de-anonymize all Tor users, but consoled themselves that they could still get some intelligence from monitoring the Tor network


"And now you have to think of these spooks at the upstream collection, where they listen to data in international fibers. From there, they get the communication of this canvas tracker, and when it sends your identity to the advertising company. NSA is known to use cookies, for example with google"

Yes. For us it is very important to note that according to the article by Julia Angwin, TBB users may be immune:

Meet the Online Tracking Device That is Virtually Impossible to Block
Julia Angwin
21 Jul 2014

She writes: "In June, the Tor Project added a feature to its privacy-protecting Web browser to notify users when a website attempts to use the canvas feature and sends a blank canvas image. But other Web browsers did not add notifications for canvas fingerprinting."

It may or may not be a coincidence that AddThis, LLC is based in McLean, VA, which is also home to the CIA. As I understand, the company was founded in 2006, and acquired by Clearspring Technologies, Inc in 2008, which then adopted the name AddThis.

It would be useful to use some of the statistical methods mentioned above to estimate the true number of sites which use AddThis canvas fingerprinting (the researchers only examined the top Alexa rated sites). Their complete list is available at their website.

An article at The Register stresses "HTML 5 canvas fingerprinting should not be confused with the type of supercookie that can be created by force-caching images and then using the HTML5 Canvas to read them back, as demonstrated by the evercookie project".

"I'll have to check, but I believe it was called "TheSignul"."

Is this the (no longer operating) node in question?

TLD: voxility.net
Nickname: TheSignul
Bandwidth: 15588

We should mention some major news for Tails users:

On 0days, exploits and disclosure
23 Jul 2014

Exodus Intelligence, LLC is located in Austin, TX, with offices in Midlands. It partners with NSS Labs and Syndis, an "offensive security" firm located in Iceland. Exodus was co-founded by Aaron Portnoy, who previously headed HP's TippingPoint ZDI (Zero Day Initiative) project. Portnoy is also well known for founding the Pwn2own competition.

Exodus sells pentesting, analysis, and mitigation to major corporations. The company employees about 150 "researchers", including a foreign national who earned 115K annually in 2012.

More controversially, Exodus also sells advanced malware. The company admits to buying 0-day exploits from unscrupulous malware authors, in addition to "developing" its own exploits for sale. The company appears to claim that they produce exploits, buy exploits, and reverse engineer exploits found in the wild in order to sell patches to their exclusive vendors, before the world generally gets to find out about the problem. But they also appear to hint that they are selling 0-days to customers which they know full well will "weaponize" them.

The fact that many (most?) multinational corporations appear to now actively engage in commercially motivated cyberwarfare would be consistent with the decline of the nation state as predicted by MOD.

Exodus certainly does appear to be trying to frighten many people into not using Tails.

But on closer examination, I am not sure that their position is really very different what Tails and Tor project have been saying all along:

Everyone should use Tails and TBB, but try to use them wisely. In particular, be aware that security and anonymity are constantly evolving. We are all in an arms race, and like any reasonably well matched arms race, at any time one side or the other surges ahead.

Exodus appears to be playing both sides of the fence, claiming to be responsibly disclosing vulnerabilities to vendors in private and giving them time to patch before going public. But to their corporate clients they seem to be saying "we are holding their best stuff back from the vendors, but you can buy them from us for your exclusive use as you see fit". Not nice at all, if so.

In this case the "vendor" in question is the Tails project, so Tails users have valid cause for concern.

But don't panic. It's quite possible that contrary to their hints so far, the vuls they found do not affect every Tails user, or even most.

The most serious hole they claim to have demonstrated appears to exploit the i2p client. About two years ago, there was a long discussion about the wisdom or not of including i2p in Tails at all, since most users apparently never try it. By default, I believe, an i2p server doesn't start until the user calls it. At this point, it appears to be possible that the hole found by Exodus won't be exploitable unless the user starts an i2p server. That would be good news if so, but leaves open the question of what they might be holding back from Tails (but selling to entities like the US Chamber of Commerce, or energy companies interested in spying on fracking protesters, or windfarm protesters, or Greenpeace members).

Exodus promises to release details next week (in which case, the Tail Project may need to produce Tails 1.1.2 much sooner than previously planned).

Further reading:


Tails-hacking Exodus: Here's video proof of our code-injection attack

If you just read the headlines, Tails and Tor might seem to be taking a beating. But if you dig deeper, things do not yet look so bad. This is the time of year when vulnerabilities in high profile projects are exposed; usually the problems are quickly patched. We should all know more next week.

Is the correct size of the Tails 1.1 iso 857M? I keep getting a BAD signature. The Tails website offers no advice on what to try next if you get a BAD signature.

Am I imagining things, or does Whisperback really send UNENCRYPTED email (from the exit node) with your system map and identifying information about your hardware? We know that TLAs interecept such debugging messages and use them for their own purposes.

If you're getting a bad signature, it likely means you didn't download it correctly. I fetch it via the torrent and I do fine each time.

My Tails 1.1 iso is 1099026432 bytes.

As for whisperback... maybe you should ask the Tails people if you have Tails questions. :)

Who wants to be a millionaire?

Why, ex-DIRNSA Gen. Keith Alexander, Retd, who has reportedly been making the rounds of the big banks asking for a 0.666 million dollar monthly salary to buy his expertise in cyberwarfare. And, at least one US lawmaker charges, zero-days found during Alexander's tenure by NSA's black hat contract computer crackers:



And who is offering a cool four million for zero-days which will subvert Tor?

Why, the Russian government:




Sounds like a match made in heaven. The revolving door is spinning like madly for those with expertise in authoritarian-enabling technologies.

Just one catch for the Geek: that's four million in Rubles, or a mere 0.1 million US dollars, apparently a one time payment not a monthly salary, so he might not feel he's being offered enough moolah to cough up the goods so devoutly desired by Putin's minions.

Well, one other catch; you need to be a Russian citizen to apply for this contract.

No doubt many in the USG are thinking that the State Department should promptly match the Russian offer by paying a handsome salary to Edward Snowden for working on IMPROVING Tor and other helpful tools.

"At this point, it appears to be possible that the hole found by Exodus won't be exploitable unless the user starts an i2p server. That would be good news if so"

Unfortunately, it turns out that if you are visiting a website compromised with malware designed to exploit the flaw, if you have left Javascript enabled in Tails 1.1 (the current version) or earlier, your Tor browser can be tricked into starting i2p, leading to deanonymization of that Tails session.

Until Tails 1.2 comes out, the only known fix is to either disable Javascript in about:config, or to boot Tails with a root password enabled and to purge i2p; see:


Shane Harris, who formerly wrote the Danger Room column at Wired, now writes for Foreign Policy, and he recently scored a major interview which has resulted in some welcome criticism of former DIRNSA Keith Alexander:

The NSA's Cyber-King Goes Corporate
Shane Harris
29 Jul 2014

Some biting commentary from Conor Friedersdorf in the Atlantic has been republished by nextgov:

Keith Alexander Wants to Patent Method For Detecting Cyber Threats -- Is That Ethical?
Army General Keith Alexander, head of the National Security Agency
Conor Friedersdorf
31 Jul 2014

Friedersdorf is unsparing in ridiculing Alexander's absurd claim that during his tenure at NSA, he was working in his spare time on innovations worth at least nine patents (says he), innovations which he never shared with his NSA minions but which he now wants to sell to the likes of Bank of America, Wells Fargo, and the US Chamber of Commerce for a million dollars per month:

"While responsible for countering cybersecurity threats to America, Alexander presides over what he characterizes as staggering cyber-thefts and hugely worrisome security vulnerabilities. After many years, he retires. And immediately, he has a dramatically better solution to this pressing national-security problem, one he never implemented in government but plans to patent and sell!

... We're supposed to believe that Alexander went home and developed much of a million-dollar-per-month cybersecurity technology in his spare time, while doing two different demanding national-security jobs, without using NSA resources or classified information, in a way that was somehow separate from his core duties, which included a cyber-security portfolio?

He'd now have us belief that in his spare time he was developing even better techniques than the ones he developed in government. Even if true that would be a scandal! Harris posed the obvious question: "Asked why he didn't share this new approach with the federal government when he was in charge of protecting its most important computer systems, Alexander said the key insight about using behavior models came from one of his business partners, whom he also declined to name, and that it takes an approach that the government hadn't considered. It's these methods that Alexander said he will seek to patent."

... If the limited facts on offer don't stink enough to prompt a congressional inquiry—ideally one that gets Alexander testifying under oath—what possible fact pattern would rouse the branch of government charged with oversight? At the very best, he is stoking a perception of impropriety so extreme that it speaks poorly of his character that he's chosen to retire in this fashion. If anything more nefarious is going on, hopefully either Congress or the press will be able to expose it. The stakes are certainly high enough to justify digging."

Amen to that!

At the DailyKos, a blogger wrote:

"[Alexander] is now offering his consulting services on security for the tiny sum of $1,000,000…per month. Looking at this situation and considering his expertise, it is hard not to see the obvious: he is offering his knowledge of classified government information and tactics for money. This is illegal, as Representative Alan Grayson has pointed out: "Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information that he acquired in his former position, he literally would have nothing to offer to you." "

Syndicate content Syndicate content