Tor users could be targeted by police next year as governments seek to combat crime and reduce political dissent, according to a researcher at the security firm Cloudmark.
Andrew Conway claimed the anonymity network is “reasonably fragile”, with police able to unmask service providers by comparing traffic spikes, generated by distributed-denial-of-service (DDoS) attacks, from just a small number of endpoints.
He added that the network was at risk of a complete shutdown if a government decided to launch a massive DDoS attack against it, which would overload the system with traffic.
Conway said: “There are only a few thousand endpoints where Tor connects to the rest of the internet. Attacking those with a DDoS is well within the capability of many organisations and states.”
“I think some oppressive regimes may decide that they have had enough of their dissidents using it and just want to shut the thing down, or some group in law enforcement may decide the same.”
The security of Tor was called into question when the FBI arrested Blake ‘Defcon’ Benthall in November for his alleged work on the second iteration of Silk Road, an ecommerce site specialising in contraband that could only be accessed through Tor.
Conway added that the police mole planted in the second Silk Road admin team was “probably” involved in the arrests that caused the first version’s collapse, and that he suspected they had used the DDoS and endpoint approach to monitor network traffic.
Despite this, he said police are still unable to track down Tor user’s IP addresses, which would be necessary to identify those purchasing contraband online.
“[Tor] still does give a level of anonymity for people looking for child pornography, but not if they are providing it,” he said.