Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
The NSA has defended itself against spying accusations since day one. One of the long standing NSA defenses is that they only collect data on legitimate foreign intelligence targets. But NSA’s XKeyscore program has been targeting and gathering data on the Tor network. Some users are foreigners, but not all Tor users fall under the category of legitimate targets.
Tor Directory Authority Servers Targeted
Germany’s biggest broadcaster, the Consortium of public-law broadcasting institutions of the Federal Republic of Germany, is known as ARD. It is the world’s second biggest public service broadcaster, after BBC. ARD reported that the NSA singled out the Tor Directory Authority servers, two of which are in Germany. They did not reveal their source, but say that the XKeyscore program has tapped into these servers and collected data from them. The ARD report was written with the help of Tor employee Jacob Appelbaum. One of Appelbaum’s systems that is part of the Tor network was also targeted. There is reason to believe that other Tor users, volunteers and contractors who helped with the report are also NSA XKeyscore program targets.
Tor is a popular tool that many Internet users have turned to for anonymous surfing. The Tor network is an open source project that encrypts and reroutes traffic so users can’t be tracked. It was originally a navy project known as the Onion Router. It has since grown to include reporters, police, campaigners and other individuals all over the world. It is still mostly funded by the US government, however.
XKeyscore Program Used to Monitor Tor Traffic
We know from the Snowden documents that Tor has been a target of the NSA XKeyscore program for quite some time. Now we have from ARD actual code from the XKeyscore program’s database that shows specifics of how the tool intercepts traffic in real time. The process is programmed to look for traffic that seems to be from outside the US. It then searches for those who send requests for Tor bridge or downloads. The IP addresses associated with those requests are them tracked.
The code that ARD shared shows that the XKeyscore program was tracking the IP addresses of the Tor Directory Authority. This means that the NSA was monitoring these nine key servers that control Tor traffic. The NSA could then see all Tor relays in real time. The XKeyscore program was also actively tracking MixMinion users. MixMinion is a private email service that provides anonymity to users. MixMinion is run in part by MIT and Tor Project Leader Roger Dingledine.