Written by: B.M.
In an attempt to secure the privacy and personal freedom of internet users, which should be the right of any user, TOR project was run voluntarily to provide anonymous online browsing under the name of Tor anonymity online. Tor has even aimed to keep the privacy of users’ relations whether personal or business and to enable access to websites which are censored by the government.
Although the intention of this project was to protect internet users, recently, TOR administrators have confirmed an attack on its services for online anonymity, in July 2014, with one victim in mind: internet users. Those attacks has made their point in de-anonymizing Tor users.
Arguments were raised regarding the identity of the attackers, however, the research done by Alexander Volynkin and Michael McCord was a main suspect. That is because they were supposed to have a talk entitled: ‘Attacking Tor and de-anonymizing’ at Black Hat Conference but it was cancelled for unclear reasons. This could have had serious issues regarding the ethics of academic research if it was to be proved. As they researchers have neither asked for the consent of the users nor can tell the consequences of the release.
Surprisingly, the second suspect is the Russian Government. It apparently did offer 114,000 US Dollars for anyone who can break Tor anonymity, where the FBI and the US government usually are a common suspect with high interest in the matter.
Regardless of the current confusion of the attacker’s identity, Tor stated that users from Jan 2014 to Jun 2014 could have been highly ‘affected’ by such attacks without specific details about to what extent the ‘effect’ could have been .
The flaw in Tor and other similar systems was thought to be in the I2P software in which the relays can know the IP address of the user and the destination of the hidden service of Tor, thus, de-anonymize the users’ activities.
To solve the problem, users are greatly recommended to upgrade to 0.2.2.23 or 0.2.5.6-alpha release of Tor as the team was able to remove all the possible wicked relays. Finally, Tor users can enjoy the secure private browsing again, at least for a while.