Join Transform 2021 this July 12-16. Register for the AI event of the year.

The U.S. National Security Agency’s analysis and collection program XKeyscore is targeting Tor servers, according to a report from German public broadcaster ARD.

The ARD report details an investigation conducted by American security expert and Tor Project member Jacob Appelbaum as well as a Tor Project volunteer and a contractor—though the ARD report maintains that this investigation does not reflect the views of the Tor Project, anyway.

The investigation looks at a particular NSA code for XKeyscore that defines the parameters for who it watches and what information it stores. “The rules specifically target the Tor Project’s email and web infrastructure, as well as servers operated by key volunteers in Germany, the United States, Sweden, Austria, and the Netherlands. Beyond being ethically questionable, the attacks on Tor also raise legal concerns. The IP addresses of Tor servers in the United States are among the targets, which could violate the Fourth Amendment of the U.S. constitution,” the report says.

The Onion Router, or Tor, is a downloadable software that conceals a computer’s location and keeps individuals anonymous on the Web. It was originally a project of the U.S. Naval Research Laboratory, but it has since become its own nonprofit organization. Journalists and activists around the world use it, and anyone can make use of it.

But it’s not just Tor the NSA is collecting data from. The report also reveals this code:

These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.

$TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
$TAILS_websites=('') or ('*');

The key flags Tails, a Linux-based operating system aimed at protecting user privacy, as a software program advocated by extremists on extremist forums.  The code goes on to indicate Linux Journal, a website for Linux users and enthusiasts, as one of these forums. The report has privacy advocates concerned about their privacy being invaded by NSA. “Now we know that just visiting this site makes you a target,” a recent post on Linux Journal says.

Glen Greenwald, one of the journalists Edward Snowden came to with information about NSA’s surveillance program, made a similar observation at SXSWi in March, “In [the NSA’s] mind, if you want to hide what you’re saying from them, it must mean that what you’re saying is a bad thing.” He also noted that because so few people use encryption software, it’s easy to target those who do.

For that reason, Tails, Tor, and Linux Journal may seem like fairly specific search criteria, but to others its vague and leads to larger questions like should the NSA be able to survey a person just for researching anonymity tools?

As concern over privacy issues mount, it’s likely we’ll only see more discussions about the ethics of NSA searches — hopefully that will extend to government legislators. See the full code here.


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member