Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

German authorities apparently cracked Tor anonymity, but onion heads say its still safe

Tor.

German police were able to identify individuals using the Tor network, link them to certain criminal activity, and have them arrested and later convicted of the crimes. This is according to multiple German media outlets, who recently reported on the law enforcement using so-called “timing analysis” attacks.

Tor’s heads, on the other hand, argue that the network is perfectly fine and safe, and that the person that was arrested was, in fact, using outdated software that exposed its identity to the police, The Register found.

The Onion Router (Tor) is a privacy-focused network that enables anonymous communication by routing internet traffic through a series of volunteer-operated servers, or nodes. It hides users' IP addresses and encrypts their data, making it difficult to trace their online activity.

Unmanaged IT

In its writeup, the German outlet Panorama briefly explains the logic behind timing attacks: “By timing individual data packets, anonymised connections can be traced back to the Tor user, even though data connections in the Tor network are encrypted multiple times.” That would presumably require the law enforcement to add, or compromise, the nodes, and use them to observe clues about users sending traffic into the network.

It seems to be a long shot, and the maintainers of the Tor network believe the individual gave themselves away by using outdated third-party software. Namely, an anonymous messaging app called Ricochet, which didn’t have protections against so-called guard attacks. A “guard” is an entry node - the first one to receive data that’s later moved through the Tor network.

By getting a list of all subscribers connecting to a specific guard (in this case, by asking a telecommunications provider for the information), and then cross-referencing this data with Ricochet, the police were able to de-anonymise one user, an individual known as “Andres G”, allegedly operating a website hosting child sex abuse content.

"The claim that the network is 'not healthy' is simply not true," Tor's PR director Pavel Zoneff told The Register.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.