Right now, Many of the websites talking about “TOR” —a free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.
It is being reported that NSA tried to compromise TOR, but failed to do that every-time, but a new report rooted on the documents revealed by Edward Snowden tells us about a secret way, which is being used by NSA to compromise TOR users.
NSA has been able to track TOR users through ad networks like Google and The Onion Router’s own entry and exit nodes on the Internet, reported by security researcher Bruce Schneier with the Guardian.
Robert Hansen, a browser specialist at the security firm White Hat Security, said that Tor access node tracking is not new.
“A couple of years ago a hacking group published exactly 100 embassy passwords from Tor exit nodes. One hundred is too round of a number,” he said. “Just logically there must be more. If you get enough exit nodes and entrance nodes, they can be correlated together.”
After a plethora of NSA tracking reports out in the Media, Director of National Intelligence James Clapper criticized reporters and said in a statement that his office is not doing anything illegal, citing the threat of “adversaries.”
|The articles fail to mention that the Intelligence Community is only interested in communication related to valid foreign intelligence and counterintelligence purposes and that we operate within a strict legal framework that prohibits accessing information related to the innocent online activities of US citizens.|
“You are using Tor, that doesn’t mean your browser isn’t storing Cookies,” said Jeremiah Grossman, a fellow security researcher of Hansen’s.
Grossman described the complete procedure—How NSA surveillance work on TOR through Google Ads:
He told, The NSA buys ads from ad display companies like Google and seeds them around Tor’s access points. “The NSA then cookies that ad, so that every time you go to a site, the cookie identifies you. Even though your IP address changed [because of Tor], the cookies gave you away,” he said.
The above trick is not any special script made by NSA, It’s how tracking ads were intended to function, said Grossman. “That’s the Web by design, not a hack,” he said.
Grossman also stated, it wouldn’t be doable for Google to block ad buys from the NSA, and if the company did, “they could just buy through a proxy.”
Both Tor itself and Schneier noted that the NSA has not been able to track every Tor user this way. “They are hard for any organization other than the NSA to reliably execute, because they require the attacker to have a privileged position on the Internet backbone,” Schneier said.
In the meantime many of the websites use Google Adsense ads to earn revenue from their sites, as we also do. But, if the condition will remain same—that day is not far, when a user will never explore or visit that website that serves Google ads ;-).