Tor Is Being Kept Safe By Dissenting GCHQ And NSA Agents, Claims Project Director

Employees of the UK and US intelligence services have been helping the Tor network maintain anonymity of its users, claims Andrew Lewman, executive director of the Tor Project.

Lewman told the BBC that his development team regularly gets ‘tipped off’ when the National Security Agency (NSA) or Government Communications Headquarters (GCHQ) find a vulnerability that could compromise the security of the network.

“There are plenty of people in both organisations who can anonymously leak data to us to say – maybe you should look here, maybe you should look at this to fix this,” he said. “And they have.”

Spy games

The Tor Project is a free encrypted network that is believed to conceal a user’s location and Internet use from anyone conducting network surveillance or traffic analysis. Originally sponsored by the US Naval Research Laboratory, today the project hosts a variety of content, from news and secure communication services to drugs bazaars and things like The Hidden Wiki, a collection of illegal instructions and manuals.

The project simultaneously helps activists, dissidents and journalists evade oppressive governments, while also enabling cyber criminals to conduct their dealings in secret.

The documents released by Edward Snowden last year detailed repeated efforts by the NSA to crack Tor, and similar work has been conducted by the UK’s National Cyber Crime Unit (NCCU). The Russian government is currently trying to do the same.

Lewman claims that the network is warned about vulnerabilities discovered by government agencies almost every month, giving developers time to patch any holes before they can be abused. Although there’s no sure way to establish who sends these messages, he suggests such information could only come from someone intimately familiar with the workings of Tor.

“You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don’t get to see in most commercial software,” Lewman told the BBC.

He added that while the attempts to break the security of Tor have been well-documented, the safety of a large number of intelligence operatives relies on the integrity of the protocol, which is used by GCHQ to run some of its secret operations.

Last month, organisers of the Black Hat security conference cancelled a keynote which was apparently due to reveal how to track Tor users on a budget, after receiving a complaint from Carnegie Mellon University where this research was conducted.

Tor Project leader Roger Dingledine later said the Tor community had “a handle on what they did, and how to fix it.”

What do you know about Edward Snowden and the NSA? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

Baltic Sea Power Cable Severed In Latest Incident

Undersea internet and power cable in Baltic sea between Finland and Estonia suffers outage. Finland…

18 hours ago

US Begins Investigation Into Legacy Chinese Chips

The Biden Administration has launched a last-minute investigation into older Chinese-made legacy semiconductors - weeks…

21 hours ago

Iran Lifts Ban On WhatsApp, Google Play

State media reports the Iranian regime has lifted the ban on WhatsApp and Google Play,…

22 hours ago

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

4 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

4 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

4 days ago