Documents leaked by Edward Snowden as part of his massive document dump on top-secret NSA programs reveal a targeted effort to get around the TOR anonymity network. TOR is used worldwide by political activists and even those who work with US intelligence agencies outside the US. According to the NSA, it’s also used by terrorists. The NSA documents consist of a PowerPoint presentation that demonstrates a weakness that the agency has successfully exploited.
TOR comes packaged in a bundle that’s designed to be idiot proof. It contains a specific build of Firefox, which comes equipped with the NoScript extension. NoScripts allows the user to shut off any scripting language—including Java, Flash and so forth—on websites to increase their levels of anonymity.
Those scripts present security holes that intelligence agencies can use to identify TOR users. According to the PowerPoint presentation, the agency has already done so. The vulnerability has also been used by the FBI, allegedly to bust a child porn ring.
The NSA has been trying to weaken the TOR network by exploiting a number of security flaws in the system. Some of these are related to user errors, such as disabling the NoScript extension, thereby allowing compromised sites to serve information to the browser, revealing the identity of the user. In the Washington Post, one of the developers behind TOR said that the vulnerability would only likely be something that could be exploited against a very small number of users. Many users who are more knowledgeable would avoid any site that required a scripting language, being aware of the vulnerability.
The NSA refers to TOR as the “TOR problem”. The agency has gathered information on the servers on the network and experts have stated that the agency could likely infect the computers of users on the TOR network who visit specific sites.
In response to the vulnerability related to the browser build, Firefox released an update. The NSA, however, continues to seek vulnerabilities in the system so that they can get a peek into what users on the TOR network are doing.
While the system may be used by some terrorists, it’s also a valuable tool for those who have legitimate reasons to protect their anonymity. The NSA hunting for exploits in software is one of the most contentious issues between privacy advocates and the NSA and, as the leaked documents reveal, the NSA continues to conduct such operations.