Security

How (& why) feds killed a talk on Tor-hacking at Black Hat (exclusive)

Image (1) black-hat-phone-.jpg for post 202266

LAS VEGAS — Here at Black Hat, hackers are talking about the talk that never was.

Two Carnegie Mellon University researchers from the school’s Software Engineering Institute, or SEI,  were set to present an abstract on Tor at Black Hat today. Alexander Volynkin and Michael McCord’s talk was to center on how adversaries could “de-anonymize hundreds of thousands Tor clients and thousands of hidden services within a couple of months,” and do so cheaply.

Tor is a network that allows people to browse the Web or send messages anonymously and in complete privacy. While it’s not totally secure, it provides a higher level of anonymity than almost any other technology that’s widely available.

And now, VentureBeat has learned the likely reason behind CMU’s cancellation: The feds put the hammer down — most likely the National Security Agency.

“NSA has a long history working with academia and researchers. The relationship is sometimes amicable and sometimes less amicable. The abstracts coming from Black Hat are oftentimes how the government finds out about this kind of stuff,” a former intelligence official who has studied Tor told VentureBeat.

“So with this, the researchers suddenly can’t talk about it because of a National Security Letter. This stuff tends to happen a lot. There are pressure points with arms growing in different directions that can be twisted, so its a reality, and there is revenue turn off in the form of government funded research,” the former intelligence official said.

The source didn’t have first-hand knowledge of this incident but based their assessment on knowledge of the NSA’s operation and its background with Tor.

Indeed, SEI derives funding from the U.S. Department of Defense. SEI also runs the highly vaunted CERT, or Computer Emergency Response Team, which helps the feds and the private sector combat computer crimes, working closely with the Department of Homeland Security on cybersecurity issues.

As for Tor itself, that technology was spun out from the U.S. Naval Research Laboratory.

CMU received a $2 million grant from the NSA in late April to kick off an extensive joint research endeavor called a “lablet” on the hot topic of Science of Security, of SoS. That money is being used by a team of 15 CMU computer science researchers and NSA engineers to launch a small lab, or lablet, initiative.

A CMU spokesperson declined to speak about the cancellation and sent this email to VentureBeat early Wednesday, saying only, “We are not able to comment about Tor. Thanks.” Sounds like a gag order to us.

Tor has long been a thorn in the NSA’s side because it allows people to communicate freely without fear of interception. According to sources in the intelligence community, Tor is one of the best methods to communicate anonymously because it makes it nearly impossible to get a read on where the traffic is originating from or what’s included in the message.

To be sure, Tor has its vulnerabilities. The NSA likely put the screws to CMU to back off, the former intelligence official said, and there are two probable reasons: either to protect its own use of Tor or to ensure that knowledge of how to crack Tor remains within a more limited circle.

Tor and its variants are used by U.S. intelligence case officers operating in the field to communicate securely wherever they may be — but it is likely also being used by some terrorists, drug dealers, and pedophiles, according to the former intelligence official.

“So this paper [at Black Hat] could show how adversaries are controlling the nodes in order to enter and exit Tor. This could allow adversaries to figure out who the two communication partners are,” the source said.

Tor, which stands for The Onion Router, wraps messages in encryption and then hands them off to another Tor user. But before it reaches the intended participant, the message bounces around the Tor network. Eventually, the message finds its way to the endpoint.

NSA officials, as the Edward Snowden leaks showed, have a hard time dealing with it.

“If you’re a drug dealer, or into child pornography, or want to hire somebody to murder your wife, Tor is a great way to do it,” the former intelligence official said.