According to new reporting by The Guardian, the NSA and the U.K.'s GCHQ have developed complex and "dangerous" programs to infiltrate the encryption and privacy online system known as "Tor" in order to expand their ability to monitor users of the program, first built and funded by the U.S. government to protect online anonymity on the internet around the world.
"Tor"—which stands for The Onion Router—is a system used by journalists, human rights activists, and political dissidents globally in order to evade monitoring by the censorship systems of repressive governments or to maintain secrecy for the protection of sensitive communications. Of course, the "Tor" network—which maintains a series of "nodes" and "relays" which can mask the origin and destination of emails and other online data—is also used by drug traffickers, terrorist networks, or for other criminal purposes.
"The NSA is subverting the internet and turning it into a massive surveillance tool. The NSA's actions are making us all less safe, because its eavesdropping mission is degrading its ability to protect the US." –Bruce Shneier, journalist who worked on latest Guardian story on NSA's attack on Tor system
It is because "bad guys" use the protocol that the NSA defends its right to infilitrate and monitor those who use it. Critics, however, warn that building such capabilities create inevitable vulnerabilities in the system that could generate serious blowback.
Despite Tor's important role in maintaining secure online communications for people around the world, The Guardian reports that
the NSA and its UK counterpart GCHQ have devoted considerable efforts to attacking the service, which law enforcement agencies say is also used by people engaged in terrorism, the trade of child abuse images, and online drug dealing.
Privacy and human rights groups have been concerned about the security of Tor following revelations in the Guardian, New York Times and ProPublica about widespread NSA efforts to undermine privacy and security software. A report by Brazilian newspaper Globo also contained hints that the agencies had capabilities against the network.
While it seems that the NSA has not compromised the core security of the Tor software or network, the documents detail proof-of-concept attacks, including several relying on the large-scale online surveillance systems maintained by the NSA and GCHQ through internet cable taps.
The revelations about the agency's activities, according to The Guardian, are likely to trigger both legal and privacy concerns.
Foremost among those concerns is whether the NSA has acted, deliberately or inadvertently, against internet users in the US when attacking Tor. One of the functions of the anonymity service is to hide the country of all of its users, meaning any attack could be hitting members of Tor's substantial US user base.
Several attacks result in implanting malicious code on the computer of Tor users who visit particular websites. The agencies say they are targeting terrorists or organized criminals visiting particular discussion boards, but these attacks could also hit journalists, researchers, or those who accidentally stumble upon a targeted site.
The efforts could also raise concerns in the State Department and other US government agencies that provide funding to increase Tor's security – as part of the Obama administration's internet freedom agenda to help citizens of repressive regimes – circumvent online restrictions.
In a separate piece published alongside the reporting on "Tor" he did with colleagues Glenn Greenwald and James Ball, Bruce Schneier—an expert on technology and the freedom of information—explained why the NSA attempt to hack into the Tor system, taken with other recent revelations about the spy agency's other surveillance programs, is so dangerous. He writes:
The common thread [...] is that the NSA is subverting the internet and turning it into a massive surveillance tool. The NSA's actions are making us all less safe, because its eavesdropping mission is degrading its ability to protect the US.
Among IT security professionals, it has been long understood that the public disclosure of vulnerabilities is the only consistent way to improve security. That's why researchers publish information about vulnerabilities in computer software and operating systems, cryptographic algorithms, and consumer products like implantable medical devices, cars, and CCTV cameras.
Historically, explains Schneier the discovery and disclosure of weaknesses in online systems resulted in software and other computer firms constantly publishing updates to patch detected vulnerabilities, but that now the NSA "has turned that process on its head" by not only concealing possible weaknesses in systems like Tor, but actively creating them. Schneier continues:
The NSA not only develops and purchases vulnerabilities, but deliberately creates them through secret vendor agreements. These actions go against everything we know about improving security on the internet.
It's folly to believe that any NSA hacking technique will remain secret for very long. Yes, the NSA has a bigger research effort than any other institution, but there's a lot of research being done – by other governments in secret, and in academic and hacker communities in the open. These same attacks are being used by other governments. And technology is fundamentally democratizing: today's NSA secret techniques are tomorrow's PhD theses and the following day's cybercrime attack tools.
It's equal folly to believe that the NSA's secretly installed backdoors will remain secret. Given how inept the NSA was at protecting its own secrets, it's extremely unlikely that Edward Snowden was the first sysadmin contractor to walk out the door with a boatload of them. And the previous leakers could have easily been working for a foreign government. But it wouldn't take a rogue NSA employee; researchers or hackers could discover any of these backdoors on their own.