Tor claims to allow people to connect to the internet and through their network become invisible and untrackable, this has made it very popular in recent years in which privacy online has become a big issue for both companies and home users alike. Scientists from Massachusetts Institute of Technology and Qatar’s Computing Research institute have released a research paper which may change that.
By gathering the network information from a pre-determined list of hidden services in advance, they are able to analyse patterns between the hidden service and the entry guard which helps protect users and make the service “anonymous”. This means that they were able to create a unique fingerprint for each service they came across, and later able to use this to identify the service. It should be noted though that while this means you can be identified on the network, they could not decrypt the network data, that would be a task for a different service.
Quoting an “88 percent accuracy” in determining the services identity. The attacks however must come from an entry guard, which are randomly assigned amongst the many users that use the tor network and therefore reduces the chance that you would have access to the entry guard required to find a particular person. The algorithm used to identify services did so by matching the number of packets (bundles of information sent) in patterns, a technique which Tor’s project leader has openly said could be fooled by simply adding padding to the network communications.
With secrecy and online monitoring becoming publicly known, even when it’s done illegally, tools like Tor are becoming more popular amongst users who feel they might be targeted online (for good or bad reasons). In the modern world, nothing is 100% secret.
Thank you Ars Technica for the information.
Image courtesy of WonderHowto.