(Page 2 of 2)
"While it appears that the infections were targeted, there is no guarantee that the infections were limited to the designated targets. We have our hands full enough with the traditional criminal element releasing malware into the wild that we don't need well-funded government agencies joining the party."
Kevin O'Brien, enterprise solution architect at CloudLock, told us he's not surprised but he is disturbed.
"The NSA has demonstrated that the privacy of individuals is of no consideration or concern in light of their efforts to monitor all modern communication traffic, and any system that serves to make that more difficult is a target," he said. "Tor is a well-designed system focused on anonymity, so this targeting is to be expected. In a sense, this revelation may serve to complicate that effort, since the de-anonymizing effort is predicated on the NSA controlling the majority of the exits from the network and working a profiling angle."
From O'Brien's perspective, if the Tor community is serious about keeping the system secure, this represents an opportunity to dramatically increase the number of relays and exits being run for legitimate purposes, thereby lowering the chances of the NSA controlling a majority of the network.
One way the NSA has attempted to compromise Tor has been to use a flaw on a small fraction of Firefox browsers to install spy malware on the computers of users who visited compromised Web sites. The flaw since has been fixed on Firefox, and the attack, known as FoxAcid, no longer works.
"The FoxAcid details, and its use to gain long-term access to the clients it attacks, underscore another key point: If you care about privacy, assume that any system is compromised by default," O'Brien said. "A Linux .ISO-based OS that's running from read-only media -- like a DVD -- or a known-clean VM environment should be the default for anyone who is regularly using Tor."
Posted: 2013-10-14 @ 2:17pm PT
Tools like Tor are being used more because it's depressing to realize Big Brother is really watching. No online data is secure nowhere no how. If you keep it in your home, they still need a warrant to get to it. So far, the best way to keep your stuff safe from prying eyes is to get a private cloud, like a Cloudlocker (www.stoamigo.com) that works like a regular cloud service but stays at home. Look for more inventions like this to help protect us from the people supposed to protect us.
Posted: 2013-10-08 @ 12:06pm PT
The dystopian fantasies of yesteryear are now a reality. We’ve allowed the coming of an age where the civil liberties our forefathers fought so hard for are being eroded by the day. Freedom of Press, Freedom of Speech and Freedom of Assembly are mere ghostly images of their original intent. We’ve woken up to an Orwellian Society of Fear where anyone is at the mercy of being labeled a terrorist for standing up for rights we took for granted just over a decade ago. Read about how we’re waging war against ourselves at http://dregstudiosart.blogspot.com/2011/09/living-in-society-of-fear-ten-years.html
Robert J Monette:
Posted: 2013-10-08 @ 9:37am PT
Americans should live in FEAR at the thought of government only having a right to privacy. How much greater should our concern be when government demands complete TRUST, but NO RIGHT TO PRIVACY FOR THE PEOPLE?