Possible upcoming attempts to disable the Tor network

The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.) We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use.

We hope that this attack doesn't occur; Tor is used by many good people. If the network is affected, we will immediately inform users via this blog and our Twitter feed @TorProject, along with more information if we become aware of any related risks to Tor users.

The Tor network provides a safe haven from surveillance, censorship, and computer network exploitation for millions of people who live in repressive regimes, including human rights activists in countries such as Iran, Syria, and Russia. People use the Tor network every day to conduct their daily business without fear that their online activities and speech (Facebook posts, email, Twitter feeds) will be tracked and used against them later. Millions more also use the Tor network at their local internet cafe to stay safe for ordinary web browsing.

Tor is also used by banks, diplomatic officials, members of law enforcement, bloggers, and many others. Attempts to disable the Tor network would interfere with all of these users, not just ones disliked by the attacker.

Every person has the right to privacy. This right is a foundation of a democratic society. For example, if Members of the British Parliament or US Congress cannot share ideas and opinions free of government spying, then they cannot remain independent from other branches of government. If journalists are unable to keep their sources confidential, then the ability of the press to check the power of the government is compromised. If human rights workers can't report evidence of possible crimes against humanity, it is impossible for other bodies to examine this evidence and to react. In the service of justice, we believe that the answer is to open up communication lines for everyone, securely and anonymously.

The Tor network provides online anonymity and privacy that allow freedom for everyone. Like freedom of speech, online privacy is a right for all.

[Update Monday Dec 22: So far all is quiet on the directory authority front, and no news is good news.]
[Update Sunday Dec 28: Still quiet. This is good.]

This sounds like a possible denial of service attack would be to seize a single server, leave it online, and program it to never agree with the other eight thereby preventing the hourly networkstatus-consensus publication.


December 19, 2014


What if this isn't happening and they only passed this information in hopes of finding the source of other leaks...

What if Tor Project *knows* it's a decoy leak, but published it as a credible report anyway to avoid revealing that they've compromised the adversary's leak-detection operation...


December 19, 2014


'countries such as Iran, Syria, and Russia'

You forgot to include USA and UK and UAE.

Well,you forgot to include China.

yeah, and Turkmenistan, Singapore, Burma, Vietnam, Saudi Arabia....

lets restrict the list to big countries. say more then nnnM people. all "nk hackers" are just section 12345 nsa team to compare with.

So without these DA's, these servers that you control and everyone entrusts their anonymity to, Tor can be killed? Great design you have there.

Thanks for the insightful and productive comment. No, it's not the best design; but it is the best design we have right now. Also, The Tor Project doesn't control the directory authorities. They are run independently by individuals and groups Tor trusts.

I can't claim to have a very good idea of how the physical infrastructure looks behind tor, but by the sound of this comment it sounds like it would scale well horizontally? Is the tor project in need of hardware? I can't contribute with colo's but i have access to used ibm x-series servers and similar. See you guys at 31c3

Those servers have absolutely no ability to compromise any Tor user's anonymity. They're each just a directory of where all the nodes in the network can be found at any given hour.

Best wishes, appreciation for your hard work, and hopes for peace in these hyper-annoying times. I say good things about you folks, often with passion, and sometimes using strong language. :-)


I'll second that.

Thanks Bob!

I'm sorry, but the "right to privacy" does not mean what you assert it means here, at all, even in those jurisdictions that (unlike the US) have that right enshrined in law or constitution.

If you are going to rely on political explanations for your actions, I think it is fair to ask that you get your politics right.

The meaning of the right to privacy is quite clear. It does not give you a right to Tor-like services; it never has, and you'll find very little in Brandeis or even current EU law to justify this.

You might argue that it should include Tor-like services, but it currently does not.

Live in the world you want to live in. (Think of it as a corollary to 'be the change you want to see in the world'.)

We're not talking about any particular legal regime here. We're talking about basic human rights that humans worldwide have, regardless of particular laws or interpretations of laws.

I guess other people can say that it isn't true -- that privacy isn't a universal human right -- but we're going to keep saying that it is.

brilliant comment, roger

Just as the Second Amendment to the US Constitution does not grant a right ... it merely acknowledges it as pre-existing ... the most any other political "grant" of rights can do is acknowledge pre-existing rights and agree not to infringe upon them. Whether the Second Amendment has been infringed or not is not the point under consideration but the issue of whether a right exists outside of any declaration by a government that it does.

There is a right to privacy. There is a right to speak freely. There is a right to defend oneself and neighbors from attack regardless of the source of the attack. These rights await no dictum from any source. They are rights possessed by all mankind at the moment of birth.

Arma is correct. If "rights" depend on grants by authority, then there are no rights to be had anywhere for anyone. If a "right" must first be granted and can later be withdrawn, it is not a right ... it is a privilege.

Free men and women assert rights, servants seek privileges. Might I suggest that the rallying cry of "Live Free or Die" remains the essence of all freedoms all over the globe?

"RINO" takes on a new meaning: "Right In Name Only".

Actually, you're mistaken: a right to anonymity is enshrined in many laws around the world.

don't forget to put on your pants when leaving government premises. should i talk with my children as we are in jail? fuck you "law" which justify this.
I'm sorry, but i don't need your interpretation of humanity.

So is the aim of this attack to disable the network or to de-anonymize users en masse? If the latter then how? If the former then what would be the point, since I assume you guys will just establish new DAs and be on your merry way?

Thanks for all your great work!

This cyber attack has really spooked the govt...it seems they have -finally- realized just how vulnerable we are to cyber attack. One can only imagine the scene if someone does this to the electrical grid.

Speculation here but I wonder if the prez has authorized for Tor to be nuked? Given this and the recent drugs and cp busts the FBI may have convinced him that the downsides outweigh the upsides. Man the DoD is gonna be pissed.

Re the electrical grid, you're right that there sure is a lot of vulnerability going around.

As for the speculation part... while we're speculating, I'll counter-speculate that Obama has never even heard of Tor. The DoJ is full of people trying to make a name for themselves, who get unhappy when something slows that down. And those people are super unhappy that companies like Apple and Google have been working on architecture changes that make compliance harder.

At the same time as we're freaking out that all the intelligence agencies have spiraled out of control and are illegally watching everything, these people are freaking out that they're about to become unable to see anything and unable to fight any crimes. It's an odd contradiction, but here we are.

Obama never heard of TOR??? wtf? I bet he never heard of Edward Snowden either
please don't tell me the people behind TOR are this naive

which one obama? before or after words "forget all i promise before it was just joke". newest design obama for sure will say "never heard of internet."

If 5 or 6 directory servers are compromised would that mean all trafic could be routed to bad nodes?

Why not use namecoin as a DA?

price spiked last week

Have the tor devs considered the possibility of using satellite technology? I'd like to see the FBI try to go up there as seize a satellite. I know that sounds prohibitively expensive but I think it would be possible to raise funds.

just bounce it off the moon

this is my favorite Tor blog comment.

Large antennas are very hard to hide.

expensive for FBI, perhaps, but probably not for NRO

even more expensive for NRO -- it would reveal the capability very publicly

I'd say something about the epic irony here regarding your last update here, but your censor comments. Also ironic.

The epic irony of "Tor matters to a lot of people and we wanted to let people know of this possible upcoming attack"? Thanks for your understanding I guess.

As for censoring comments, we've disabled all the parts of the blog comment system that report your IP address and other details to recaptcha or other spam engines. That's a feature in my book, but the downside is that we get a bunch of spam that we have to manually delete.

Oh, and yes, we also delete the small number of comments that are deliberately hateful or harmful. I'm a fan of free speech, but in this case those people should go take their free speech elsewhere.

Yes, the flood of spam comments for shoes and Chinese herbs.

Or Chinese herb shoes. Ooo, new band name.

What prevents the united states government from using the resources discovered in the seized servers to permanently infiltrate the network?

In North Korea we have ways to make you talk, ARMA! We will now turn all of your blog pages upside-down so you get headache.

Going public probably averted a catastrophe. OTOH, law enforcement types don't like to be outdone. They may just go after you personally now. By hook or by crook...

Well, I'd like to think it wouldn't have been a catastrophe no matter how it played out.

But it could be a big distraction, especially since we've all got more important things to do next week (31c3 is coming up, with no doubt more embarrassment for governments about how they've broken their own laws and done horrible things).