Tor is having a bit of a crisis, as it's become increasingly clear that the wildly popular network isn't the internet invisibility cloak it was once thought to be. Don't panic. It's not perfect, but it's still the best we've got.
The Tor network is the most popular way to get online anonymously, and that's not going to change in time in the short term. But the service has been rollicked in recent months. A wave of busts that brought down 17 illegal enterprises hidden behind the Tor network last month illustrated that though Tor is largely safe, it's more vulnerable than the average user wants to admit.
The service has also been attacked by reporters who feel the system is compromised because it was originally developed by the U.S. Navy, and because some of the developers behind it have worked with the government before. In a post on Pando, Quinn Norton does a nice job dispelling the myths surrounding Tor's federal ties, which basically comes down to: No level of government interaction can undermine the basic math of encryption.
And Tor's encryption is solid. For those unfamiliar, Tor is software that conceals the location of users and web servers by firing traffic through a global network of relays. It's an ingenious system that for years facilitated basically untraceable internet activity, both illegal and otherwise. It's been used to traffic weapons and drugs, circumvent censorship, and conceal the identity of whistleblowers like Edward Snowden. If you're not using Tor, your location and activity is constantly being tracked. With Tor, the pitch goes, you're basically invisible.
That sense of security was undermined when an international coalition of agencies including the FBI, Immigration and Customs Enforcement, and Department of Homeland Security (in the U.S.) and Europol and Eurojust (in Europe, duh), laid the smack down. The highest profile bust brought down the drug marketplace Silk Road 2.0 and its alleged proprietor Blake Benthall, but it included a total of 17 people and 27 sites, all of whom had put misguided faith in Tor's ability to mask their online dealings.
But how did it happen? Did the agencies crack the anonymous network? A blog post on the Tor Project's website a few days after the attack was quite frank about the organization's ignorance:
So we are left asking "How did they locate the hidden services?". We don't know. In liberal democracies, we should expect that when the time comes to prosecute some of the seventeen people who have been arrested, the police would have to explain to the judge how the suspects came to be suspects, and that as a side benefit of the operation of justice, Tor could learn if there are security flaws in hidden services or other critical internet-facing services.
The post went on to outline myriad ways that law enforcement might have tracked down the operators of illegal websites and the location of their servers. One-by-one, Tor listed vulnerabilities that might have been exploited. They range from technical ways to exploit the code base to unmask users to capturing relays and analyzing their traffic, or even infiltrating the organizations that were running the sites.
What's most striking about Tor's reaction is that the people in charge are completely aware of its vulnerability. The Tor Project operates much like other open source efforts you're probably more familiar with, like Mozilla's Firefox browser or Google's Android operating system. This is admittedly an oversimplification that will horrify developers, but the point is that like those projects Tor evolves thanks to the contributions of an open community. (In fact, the Tor browser is based on Firefox—and it's where it gets one of its known bugs.)
A set-up like that has obvious advantages, but it can also complicate security. The project's administrators have limited resources with which to test and implement improvements, fix bugs and vulnerabilities. This means that patching up the holes that could be exploited is a slow and imperfect process. The research to build Tor was originally funded by the U.S. government, and going forward, Tor's future relies on the generosity of donations keep it afloat.
If you think about it, the fact that busting 17 people amounts to a huge victory for an international coalition of law enforcement is a testament to the strength of the existing network. From this point of view, you can see the hacks as an aberration. In fact, for all of the government's sassy statements about bringing down criminals no matter where they hide, the reality is that that 17 arrests is not a lot in the greater scheme, though there's no official number of people on Tor or how many services are hidden behind it.
I asked a few experts what people can do to use Tor most safely. The simplest advice? Follow Tor's instructions for using the software properly. "More often than not, the problem is not the Tor software itself, but how it is being used," security researcher Runa Sandvik told me over email. Human error.
Another expert, Pierluigi Paganini, told me that if possible, you should also use Tor-based systems "that come pre-configured with settings that avoid the disclosure of the user's IP address." I asked him to clarify. "Tails, for example, is a live operating system equipped with a suite of tools to anonymize user's experience online. It is a live distribution (operating system) that is configured to leave no trace on the computer user is using."
In other words, experts say that the best thing you can do to protect yourself is to ensure that you're not screwing up when you use Tor. And you should use it, because the service is incredibly important. I don't care about protecting the perverts peddling kiddie porn, but for foreign dissidents and whistleblowers in our own country, anonymity technology is imperative.
Ultimately, the raids last month proved what any informed Tor users should've known all along: Tor has never been a perfect way to hide, and law enforcement's capabilities are improving all the time. In the end, a law enforcement agency with a lot of resources and a great interest in uncovering a particular IP address can theoretically unmask Tor users. But if you're careful, Tor—for the most part—is still safe.
Illustration by Tara Jacoby; source image via Shutterstock