Researchers find more than 100 Tor nodes that are snooping on users
The Tor browser which users use to keep away snoopers may actually be snooping on them!
Tor aka“The Onion Router” is a famous weapon to beat censorship laws around the world. It also provides a private method of communication for journalists, activists, dissidents, students etc. If you are worried about government snooping on your online behaviour, Tor is the answer. But this seems to be a false hope as two researchers say they’ve uncovered snoops inside the Tor network that may be listening in on what you’re doing.
Tor works by bouncing your connection between multiple encrypted nodes or “relays” before you reach your destination. Your identity is preserved on Tor because the relays are all encrypted, and only know where a connection just was and where it’s going next. After a few jumps, your true location is lost. The end user only sees the tor exit relay which can in no way identify you or your online activities.
To protect your anonymity, Tor relies on thousands of such nodes spread over the world and hosted by good samaritans. However, the researchers have not found that nearly a 100 or so of the above nodes may have been compromised. The issue spotted by Amirali Sanatinia and Guevara Noubir from Northeastern University seems to suggest that there is plenty of snooping going on this compromised nodes.
The researchers report that 110 live nodes in Tor are “misbehaving” by collecting data on the connections that pass through it. While the researchers have found that these 110 nodes have been collecting information, they could not find why the nodes were collecting it. They found that the information collected could identify the final user sitting behind all Tor mask while the other information was just tracking statistics. The most likely scenario is that some computer science researchers are running studies on Tor, which involve collecting some data. At the same time, law enforcement is running similar nodes that are trying to unmask users of illegal “hidden services” that are hosted in Tor. The Silk Road was one such hidden service.
The researchers say that the data mining has two plausible reasons. The most plausible reason seems to be that some computer science researchers are running studies on Tor, which involve collecting some data. A bit far fetched yet possible reason is that FBI or some other government agency may be running these 110 nodes to unmask users of illegal “hidden services” like pedophile or drug distribution network run on Tor.
The researchers are set to detail their investigation at a hacking conference in August. For its part, the Tor Foundation says it is aware of the compromised nodes discussed by the researchers. A future version of the system should be able to lock these nodes out.
However, a warning from Techworm, next time you surf using Tor, dont assume that your browsing is all that private or anonymous!