"And while Bruce Schneier explains how the NSA uses similar techniques to those the Chinese government uses to spy on its users - something called Egotistical Giraffe - to break Tor, and the NSA has been able to crack other users' communications via their poor hygiene outside of Tor (as with this week's bust of Silk Road), the NSA has thus far been unable to systematically break the system."
"With manual analysis we can de-anonymize a very small fraction of Tor users, however no success at de-anonymizing a user in response to a TOPI request/on demand. Another complaint the NSA has is their methods for cracking Tor right now are "difficult to combine meaningfully with passive Sigint." That is, they can't just feed everything into a system and get potential targets to pop out."
NSA considers Tor difficult to de-anonymize and acknowledges inability to de-anonymize all users systematically. The agency uses targeted techniques such as Egotistical Giraffe and has exploited users' poor operational security to crack some communications, including cases like Silk Road. NSA reports confirm manual analysis can de-anonymize a very small fraction of users but no success on-demand via TOPI requests. Current Tor-cracking methods are difficult to combine with passive SIGINT, preventing bulk identification of targets. Effective tracking of identified users requires time-intensive, manual investigative work similar to traditional physical surveillance. The agency prefers targets to present themselves rather than be proactively identified.
Read at Emptywheel
Unable to calculate read time
Collection
[
|
...
]