Hackers Build New Tor Client Designed to Beat the NSA

Astoria-tor-client-software.jpg


Anonymity’s toughest adversaries are hackers with the full-force and backing of Beijing, London, and Washington, DC. 
With the threat of powerful intelligence agencies, like the NSA, looming large, researchers have built a new Tor client called Astoria designed specifically to make eavesdropping harder for the world's richest, most aggressive, and most capable spies.

Tor, the world’s most popular anonymity network, works like this: A user fires up the client and connects to the network through what's called an entry node. To reach a website anonymously, the user’s Internet traffic is then passed encrypted through a so-called middle relay and then an exit relay (and back again). That user-relay connection is called a circuit. The website on the receiving end doesn’t know who is visiting, only that a faceless Tor user has connected.
An eavesdropper shouldn’t be able to know who the Tor user is either, thanks to the encrypted traffic being routed through 6,000 nodes in the network.
But something called "timing attacks" change the situation. When an adversary takes control of both the entry and exit relays, research shows they can potentially deanonymize Tor users within minutes.
A full 58 percent of Tor circuits are vulnerable to network-level attackers, such as the NSA or Britain’s Government Communications Headquarters (GCHQ), when they access popular websites, according to new research from American and Israeli academics. Chinese users are the most vulnerable of all to these kinds of attacks, with researchers finding 85.7 percent of all Tor circuits from the country to be vulnerable.
Even though Tor is designed to provide complete anonymity to its users, the NSA’s position means they can potentially see and measure both traffic entering the Tor network and the traffic that comes out. When an intelligence agency can see both, simple statistics help an autonomous system at their control match the data up in a timed attack and discover the identity of the sender.
This kind of threat has been known for over a decade. They’ve been trying to make eavesdropping difficult for spy agencies for just as long.
To counter the threat, American-Israeli researchers built Astoria, a new Tor client focused on defeating autonomous systems that can break Tor’s anonymity.
Astoria reduces the number of vulnerable circuits from 58 percent to 5.8 percent, the researchers say. The new solution is the first designed to beat even the most recently proposed asymmetric correlation attacks on Tor.
Designed to beat such attacks, Astoria differs most significantly from Tor's default client in how it selects the circuits that connect a user to the network and then to the outside Internet. The tool, at its foundation, is an algorithm designed to more accurately predict attacks and then securely select relays that mitigate timing attack opportunities for top-tier adversaries.
Astoria adroitly considers how circuits should, according to the researchers, be made “when there are no safe possibilities,” how to safely balance the growing bandwidth load across the Tor network, and how to keep Tor’s performance “reasonable” and relatively fast even when Astoria is in its most secure configuration.
Defeating timing attacks against Tor completely isn’t possible because of how Tor is built, but making the attacks more costly and less likely to succeed is a pastime that Tor developers have dedicated a decade to. Astoria follows in those footsteps.
By choosing relays based on lowering the threat of eavesdropping by autonomous systems and then choosing randomly if no safe passage is possible, Astoria aims to minimize the information gained by an adversary watching an entire circuit.
DailyDot:  http://bit.ly/1ISWezb

« Review of Organised Cyber Crime
North Korean Hackers 'could kill', Warns Defector »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NCX Group

NCX Group

NCX Group is committed to helping customers identify and mitigate the risks inherent in today’s interconnected environments and business processes.

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

Connectitude

Connectitude

Connectitude IIoT Platform ™ is a complete solution for industrial IIoT.

CyFIR

CyFIR

CyFIR is a network investigation and Incident Response tool for performing live computer investigations across any size enterprise.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

FPT Software

FPT Software

As a leading technology service provider, FPT assists customers of all sizes and from any industries in implementing and adapting digital technologies including cybersecurity.

Techstep

Techstep

Techstep is a complete mobile technology enabler, making positive changes to the world of work; freeing people to work more effectively, securely and sustainably.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Riot Security

Riot Security

In today's world, most successful cyberattacks start by a human failure. Riot have developed a platform that makes it easy to prepare your employees for cyberattacks, in a way they love.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.