Research and News in Tor, Privacy, and Security – December 21, 2014
This article is part of a weekly series covering developments in Tor and the privacy-related tech world
TheCthulhu announced that his mirrors of Globe and Atlas, two popular Tor network index tools, are now available as hidden services. The Globe mirror’s hidden service is available here, and the Atlas mirror’s hidden service is available here.
WARNING: TheCthulhu has sent a signed message stating that he has lost control of all servers. An unknown USB device was reportedly plugged in 30-60 seconds before the connection was lost. ThuCthulhu states that this tactic is common during the seizure of running servers by law enforcement, and if any servers come back online without a PGP signed message, users should refrain from using any services. He plans to release updates over the tor-talk mailing list, and states that if no update is provided without 48 hours, he was likely served a gag order.
The relevant mirrors are:
Intrigeri of the Tails development team published a signed list of SHA256 hashes for every verified version of Tails. You can view the full list here.
Sukhbir Singh and Arlo Breault are requesting feedback on an alpha release of Tor Messenger. Tor Messenger is an instant messaging client that routes all traffic over Tor and uses Off-the-Record Messaging (OTR), encrypting conversations by default. The messenger is based upon the Instantbird IM client, and has an easy-to-use graphical user interface. At the time of this article, the alpha release is only available for Linux (32-bit and 64-bit).
Alden Page announced that he will soon begin development on a tool designed to protect against stylometry. Stylometry is the process of analyzing certain aspects of a person’s writing, such as preference for certain words, reoccurring spelling mistakes, or eccentricities in grammar, to help determine who authored an anonymous document or article. Page states that the tool is loosely based upon Anonymouth, a tool that points out stylometric “giveaways” to users, but is designed primarily for researchers. He envisions this tool as simple and user-friendly, and hopes that it could one day be prepackaged with Tails and included in official Debian repositories.
Alden Page is developing this software as part of a senior thesis, and therefore cannot accept any outside contributions at this time. He hopes to accept contributions from other developers after May 1st.
Researchers at the Delft University of Technology have developed a BitTorrent client that is designed to be censorship-resistant and to allow for anonymous file sharing . The client, Tribler, implements onion-routing with end-to-end encryption. Users can choose the number of “hops” to use, depending on the desired level of anonymity. Each user within the network is used as a proxy, relaying the traffic of other users. Tribler relies on no central servers for either content or , making it resilient to censorship attempts targeting trackers or torrent indexes. “The public was beginning to lose the battle for Internet freedom, but today we are proud to be able to present an attack-resilient and censorship-resilient infrastructure for publishing,” Dr. Pouwelse said in an interview with TorrentFreak.
The Electronic Frontier Foundation (EFF) is in court this week in a case against the US Department of Justice. The case has been in court for over six years, and back in July 2014, the EFF filed a motion for the court to find the government’s mass data collection against the Fourth Amendment. The case challenges “an illegal and unconstitutional program of dragnet surveillance conducted by the National Security Agency (NSA) and other Defendants in concert with major telecommunications companies.” The case is known as Jewel v. National Security Agency, and was originally brought to court by the EFF on behalf of Carolyn Jewels, a novelist from Petaluma, California. The original complaint alleged that the government and AT&T were participating in surveillance against the plaintiff, along with the dragnet surveillance practiced against millions of other Americans.
Earlier this week, Congress passed the Intelligence Authorization Act for Fiscal Year 2015. The bill received little to no public attention, although it has since been heavily criticized. The most controversial aspects of the bill authorize the collection of data on U.S. citizens without a court order or subpoena. Specifically, Sec. 309 authorizes the acquisition, retention, and dissemination of “nonpublic telephone or electronic communications” collected on U.S. citizens. The bill has passed in the House and the Senate, and will likely become law.
It was revealed that several UK ISPs have been hijacking unencrypted website requests from users, forcing them to choose whether they want to filter adult content. The move stems from a December deadline imposed by the UK government for the implementation of web filters. BT, Sky, and Virgin Media have employed the tactic. BT plans on disconnecting customers if they refuse to make a decision, while Sky and Virgin Media have stated that they would not take similar actions. Open Rights Group (ORG) has criticized the move, stating that it could teach customers to trust future hijacking attacks. An ORG spokesperson stated, “How can a customer tell the difference between an ISP hijack and a phishing site made to look the same? There are better ways for ISPs to contact their customers—particularly given that they have our phone numbers, email and actual addresses.”
The Federal Bureau of Investigation (FBI) has officially accused North Korea of being responsible for the recent attack targeting Sony Pictures Entertainment. The agency stated that there is enough evidence to conclude that the North Korean government is responsible for the attack. Technical analysis revealed “similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.” Other evidence revealed similarities between tools used in this attack and other attacks carried out by the government, such as an attack carried out last month against South Korean banks and media outlets. The official statement argues, “North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. “