Following an investigative report about the authorities potentially deanonymizing users of Onion services, Tor assured users of its safety. The private web browser service asked all users to keep using the latest browser versions and tools to avoid such threats.
Tor Assured Safety As Reports Hint At Authorities Deanonymizing Users
According to a recent investigative report from the German media Panorama, German investigators have been practicing a scrutinizing strategy for Tor users, deanonymizing their identities over Onion services.
Generally, the Tor Network is considered one of the most robust internet layers, where a user experiences complete online anonymity. The Tor browser provides access to the dark web, making it a preferred choice for sensitive users, such as whistleblowers, journalists, and criminals alike. However, the recent Panorama report suggests otherwise, hinting at the potential vulnerability of Tor users to law enforcement.
Briefly, the report sheds light on the “Timing” attacks, which the law enforcement authorities employ to track users. This attack doesn’t exploit any vulnerability in the Tor browser. Instead, it focuses on the way a user generates traffic. The attack involves analyzing the “Timing” of the encrypted data packets, linking them with a previously anonymous user. Then, carefully noting down the data packets’ pattern of flow, the authorities can link the user to a real IP address. As stated in the post,
The so-called “timing” analyses record the size of encrypted data packets in particular and assign them to individual users. You cannot then see what users are sending, but you can see that they are communicating.
The report includes the details about this seemingly novel attack.
While recognizing the authenticity of the attack, the Tor browser denied facing any threats in this regard. As explained in their blog post, Tor is aware of the timing attacks. However, it can’t validate the authenticity of the report’s deanonymizing claims. Moreover, since Tor was not given precise access to the attack details available with the researchers, it can’t decline or admit these claims hinting at user tracking.
Nonetheless, they explained that the Timing attacks suggested in the report aren’t a new threat. Most of the attacks referred to in the report happened between 2019 and 2021. Since then, significant improvements have been introduced in the Tor network for enhanced user safety. Hence, performing such attacks today to deanonymize users isn’t as easy, according to Tor, unless the users use old, vulnerable software.
Thus, the service advised all users to keep their systems up-to-date with the latest browser versions and security tools to avoid potential threats.
Let us know your thoughts in the comments.