Advertisement
Singapore markets closed

  • Straits Times Index

    3,280.10
    -7.65 (-0.23%)
     

  • Nikkei

    37,934.76
    +306.28 (+0.81%)
     

  • Hang Seng

    17,651.15
    +366.61 (+2.12%)
     

  • FTSE 100

    8,139.83
    +60.97 (+0.75%)
     

  • Bitcoin USD

    63,076.84
    -909.86 (-1.42%)
     

  • CMC Crypto 200

    1,311.25
    -85.28 (-6.10%)
     

  • S&P 500

    5,099.96
    +51.54 (+1.02%)
     

  • Dow

    38,239.66
    +153.86 (+0.40%)
     

  • Nasdaq

    15,927.90
    +316.14 (+2.03%)
     

  • Gold

    2,349.60
    +7.10 (+0.30%)
     

  • Crude Oil

    83.66
    +0.09 (+0.11%)
     

  • 10-Yr Bond

    4.6690
    -0.0370 (-0.79%)
     

  • FTSE Bursa Malaysia

    1,575.16
    +5.91 (+0.38%)
     

  • Jakarta Composite Index

    7,036.08
    -119.22 (-1.67%)
     

  • PSE Index

    6,628.75
    +53.87 (+0.82%)
     

MIT researchers have bad news for users of anonymity browser Tor

Jeff Stone
Updated
onion
onion

(matt) on Flickr

Researchers at the Massachusetts Institute of Technology have found a way to identify websites hidden with the Tor anonymity service, the most-respected online anonymity service in the world, with an 88 percent accuracy rate.

That’s big, and bad, news for the 2.5 million or so daily Tor users around the world, who rely on the service for everything from criminal activity to getting around government censorship.

Tor, an acronym for “The Onion Router,” was developed by the U.S. military to let American intelligence sources communicate with Washington freely without the watchful eye of an adversarial government.

ADVERTISEMENT

Now, since the software has gone public, it has attracted journalists, dissidents, child pornographers andmillions of other Internet users who create websites within Tor’s hidden services section. It’s those hidden services, which shield a site’s IP address and other identifying information, that computer scientists at MIT have unveiled.

The attack works by collecting a vast amount of network data from already known Tor hidden services in advance, assigning a digital fingerprint to each of the services in question.

By following that fingerprint through computer connection points around the world, and analyzing traffic patterns, the team found that those connections could find a hidden service computer’s information 88 percent of the time. They did all of this without breaking Tor’s encryption.

“Our goal is to show that it is possible for a local passive adversary to deanonymize users with hidden services actives without the need to perform end-to-end traffic analysis,” wrote MIT researchers in a new paper with the Qatar Computing Research Institute.

tor
tor

EFF

 

“We assume that the attacker is able to monitor the traffic between the user and the Tor network. The attacker’s goal is to identify that a user is either operating or connected to a hidden service. In addition, the attacker then aims to identity the hidden service associated with the user.”

The researchers said they have been in contact with Tor’s security team, which plans to institute improved measures.

More from International Business Times:

This article originally appeared at International Business Times. Copyright 2015. Follow International Business Times on Twitter.

NOW WATCH: How to hide on the internet


The post MIT researchers have bad news for users of anonymity browser Tor appeared first on Business Insider.