#### Investigations in the so-called darknet: Law enforcement agencies undermine Tor anonymisation
***The Tor network is considered the most important tool for surfing the internet anonymously. Law enforcement agencies have apparently begun to infiltrate it in order to expose criminals. They have been successful in at least one case.***
https://www.ndr.de/fernsehen/sendungen/panorama/aktuell/Investigations-in-the-so-called-darknet-Law-enforcement-agencies-undermine-Tor-anonymisation,toreng100.html
##### Tor-Relays Mailing List Response from Isabela Fernandes
Hi Tor,
I am reaching out to inform you of an upcoming news story concerning a
potential deanonymization attack on Onion Services.
What is happening?
On September 9, 2024, The Tor Project received a press inquiry from
Norddeutscher Rundfunk (NDR, part of ARD, a German public broadcaster) with
a request for comment to their upcoming reporting of "investigative
measures by German and international law enforcement agencies in the Tor
network, in particular the localisation and deanonymisation of onion
services." We complied with the outlet's deadline of September 12th and
answered a series of questions.
The reporter claims to have "evidence that shows that in several cases
German law enforcement authorities were able to locate the Tor entry node
of onion services and thus successfully deanonymise Tor users. V2 and V3
onion addresses were affected at least between Q3/2019 and Q2/2021." The
reporter further claims that "law enforcement agencies used so-called
timing analyses and broad and long-term monitoring of Tor nodes in data
centres."
As of today, The Tor Project has not been granted access to supporting
documents, and has not been able to independently verify if this claim is
true, if the attack took place, how it was carried out, and who was
involved.
In the absence of facts, it is hard for us to issue any official guidance
or responsible disclosures to the Tor community, relay operators, and users
at this time.
We are calling for more information from you.
If you have any information that can help us learn more about this alleged
attack, please email security at torproject.org.
If you want to encrypt your mail, you can get the OpenPGP public key for
this address from keys.openpgp.org. Fingerprint: 835B 4E04 F6F7 4211 04C4
751A 3EF9 EF99 6604 DE41
Your assistance will help all of us take the necessary steps and
precautions to keep Onion Services safe for the millions of users that rely
on the protections Tor provides.
Are Tor users safe?
Tor users can continue to use Tor Browser to access the web securely and
anonymously. Nothing that the Tor Project has learned about this incident
suggests that Tor Browser was attacked or exploited. We encourage Tor
Browser users and relay operators to keep software versions up to date.
The reporter's questions focus on the use of onion services and .onion
addresses. Which leads us to assume that the alleged attack was targeting a
specific .onion site.
We will continue to share updates on this email as this situation evolves.
Thank you!
Isabela
https://lists.torproject.org/pipermail/tor-relays/2024-September/021855.html
##### Tor's Official Response
***We are writing this blog post in response to an investigative news story looking into the de-anonymization of an Onion Service used by a Tor user using an old version of the long-retired application Ricochet by way of a targeted law-enforcement attack. Like many of you, we are still left with more questions than answers--but one thing is clear: Tor users can continue to use Tor Browser to access the web securely and anonymously. And the Tor Network is healthy.***
https://blog.torproject.org/tor-is-still-safe/
#ikitao #tor #anonymity #privacy nostr.fmt.wiz.biz
ReplyGuy on wss://nostr.fmt.wiz.biz /
npub1wh…meh7c
2024-09-18 19:18:33
in reply to nevent1q…6fqw
Author Public Key
npub1whjr77vxen8zj0gndll0q6tehd2xszd74f3gk2r0f5kxz6wz4xesameh7cPublished at
2024-09-18 19:18:33Event JSON
{
"id": "b80082025cc0fddac678ffff6d27b96eb536cff6a2d4c8a66f95e9f49692b8a6",
"pubkey": "75e43f7986ccce293d136ffef06979bb546809beaa628b286f4d2c6169c2a9b3",
"created_at": 1726687113,
"kind": 1,
"tags": [
[
"e",
"144ab8060ebe24fdc062cd12049636b84464d4cb8914ea741a214e1ee17b0384",
"wss://nostr.fmt.wiz.biz",
"root",
"4eb88310d6b4ed95c6d66a395b3d3cf559b85faec8f7691dafd405a92e055d6d"
],
[
"p",
"4eb88310d6b4ed95c6d66a395b3d3cf559b85faec8f7691dafd405a92e055d6d"
]
],
"content": "#### Investigations in the so-called darknet: Law enforcement agencies undermine Tor anonymisation\n\n***The Tor network is considered the most important tool for surfing the internet anonymously. Law enforcement agencies have apparently begun to infiltrate it in order to expose criminals. They have been successful in at least one case.***\n\nhttps://www.ndr.de/fernsehen/sendungen/panorama/aktuell/Investigations-in-the-so-called-darknet-Law-enforcement-agencies-undermine-Tor-anonymisation,toreng100.html\n\n##### Tor-Relays Mailing List Response from Isabela Fernandes\n\nHi Tor,\n\nI am reaching out to inform you of an upcoming news story concerning a\npotential deanonymization attack on Onion Services.\n\nWhat is happening?\n\nOn September 9, 2024, The Tor Project received a press inquiry from\nNorddeutscher Rundfunk (NDR, part of ARD, a German public broadcaster) with\na request for comment to their upcoming reporting of \"investigative\nmeasures by German and international law enforcement agencies in the Tor\nnetwork, in particular the localisation and deanonymisation of onion\nservices.\" We complied with the outlet's deadline of September 12th and\nanswered a series of questions.\n\nThe reporter claims to have \"evidence that shows that in several cases\nGerman law enforcement authorities were able to locate the Tor entry node\nof onion services and thus successfully deanonymise Tor users. V2 and V3\nonion addresses were affected at least between Q3/2019 and Q2/2021.\" The\nreporter further claims that \"law enforcement agencies used so-called\ntiming analyses and broad and long-term monitoring of Tor nodes in data\ncentres.\"\n\nAs of today, The Tor Project has not been granted access to supporting\ndocuments, and has not been able to independently verify if this claim is\ntrue, if the attack took place, how it was carried out, and who was\ninvolved.\n\nIn the absence of facts, it is hard for us to issue any official guidance\nor responsible disclosures to the Tor community, relay operators, and users\nat this time.\n\nWe are calling for more information from you.\n\nIf you have any information that can help us learn more about this alleged\nattack, please email security at torproject.org.\n\nIf you want to encrypt your mail, you can get the OpenPGP public key for\nthis address from keys.openpgp.org. Fingerprint: 835B 4E04 F6F7 4211 04C4\n751A 3EF9 EF99 6604 DE41\n\nYour assistance will help all of us take the necessary steps and\nprecautions to keep Onion Services safe for the millions of users that rely\non the protections Tor provides.\n\nAre Tor users safe?\n\nTor users can continue to use Tor Browser to access the web securely and\nanonymously. Nothing that the Tor Project has learned about this incident\nsuggests that Tor Browser was attacked or exploited. We encourage Tor\nBrowser users and relay operators to keep software versions up to date.\n\nThe reporter's questions focus on the use of onion services and .onion\naddresses. Which leads us to assume that the alleged attack was targeting a\nspecific .onion site.\n\n\nWe will continue to share updates on this email as this situation evolves.\n\nThank you!\n\nIsabela\n\nhttps://lists.torproject.org/pipermail/tor-relays/2024-September/021855.html\n\n##### Tor's Official Response\n\n***We are writing this blog post in response to an investigative news story looking into the de-anonymization of an Onion Service used by a Tor user using an old version of the long-retired application Ricochet by way of a targeted law-enforcement attack. Like many of you, we are still left with more questions than answers--but one thing is clear: Tor users can continue to use Tor Browser to access the web securely and anonymously. And the Tor Network is healthy.***\n\nhttps://blog.torproject.org/tor-is-still-safe/\n\n#ikitao #tor #anonymity #privacy nostr.fmt.wiz.biz",
"sig": "be6af1fc757e44c4299ee62fd0c0cbc18a0532e5daa692b45ad3bfd325fe5733a38a6fe9ae101738b8b6ca5006c19f46ab8705b1c3299910f332bd30c46539f9"
}