The cluster of arrests and takedowns related to Freedom Hosting, the Silk Road and its successor must be worrying for Tor users who rely on anonymity, as The Powers That Be have demonsrated, on at least three occasions, the capability to unmask hidden services and those who frequent them. I can’t really find a common thread that reveals their methods yet.
What I do know is Tor by itself can only mask IP addresses, and it must be used in conjunction with good OPSEC and something like Privoxy. Part of the problem is true and total anonymity doesn’t exist, it’s a concept native to the computational idea of security, and in the real world an identity of sorts will accrete around any handle used on the Internet. Markers can be embedded in traffic, and one endpoint can make the other act in a way that identifies it – which is what happened in the case of Freedom Hosting.
The authorities (FBI, NCA and Europol) didn’t reveal much about their methods, but I’ll post some guesswork anyway. The FBI has a fairly skilled digital forensics team and can pretty much demand records from service providers. Here in the UK, the NCA’s ‘cyber crime’ capabilities are considerably more limited, judicially and technically. I can’t see anything to suggest GCHQ or the NSA were actually involved in Operation Onymous.
From this, we could surmise that Silk Road 2.0 was taken down through less technical means, a mixture of old-fashioned police work and bad OPSEC on the part of Blake Benthall – Silk Road 2.0, which didn’t use bulletproof hosting and was allegedly registered under Benthall’s personal email address that revealed his full name, was infiltrated at an early stage, enabling law enforcement to become entrusted, gain some degree of control of the servers, and gather intelligence since November 2013. That’s how I thnk it played out.
Although I have the impression Operation Onymous was almost entirely a law enforcement effort, there’s the matter of the ‘sophisticated’ DDoS that happened wo months before the arrests. By attacking the normal entry nodes, the FBI could hypothetically divert traffic to the ones it controls and determine the actual IP addresses of whoever was on the Tor network. However, Tor was already designed against something like this, so the FBI couldn’t have known the destination addresses from this alone.
What if there was something a the other end, between the exit nodes and the Silk Road 2.0 server? Something like the DPI kit that pipes traffic to the NSA, or maybe access to carrier routers’ performance monitoring functions? If the FBI knew the size and timings of packets entering the Tor network during the DDoS, they could potentially filter for those packets at the other end, narrow down candidates and inspect headers to obtain the destination addresses.
So does this mean Tor is busted as an anonymising system we can feel safe using? Depends on how you use it – that’s the honest answer. I still believe Tor is among the best privacy tools remaining, but there are still a few ways The Powers That Be can get at whoever really takes their interest. Again, it’s about computational security vs. what’s realistic. Privacy is about making surveillance inconvenient and costly, rather than going to extreme lengths to become surveillance-proof.
Our main concern, since 2001 (and maybe even before that) is arbitrary surveillance, the mass skimming (the NSA and GCHQ, strictly speaking, don’t collect traffic) of our personal communications, and the archiving of material that could damn us under future laws and governments. Tor (and many cryptographic-based solutions) are a good safeguard against that.