NEWS - October 07, 2013
by Carol~ - 10/7/13 8:32 AM
How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID
Bruce Schneier @ his Schneier on Security Blog:
The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA's application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.
According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identifies Tor users on the Internet and then executes an attack against their Firefox web browser.
The NSA refers to these capabilities as CNE, or computer network exploitation.
The first step of this process is finding Tor users. To accomplish this, the NSA relies on its vast capability to monitor large parts of the Internet. This is done via the agency's partnership with US telecoms firms under programs codenamed Stormbrew, Fairview, Oakstar and Blarney.
Continued : https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
Tor, the NSA, and the government's internal debate over online anonymity
NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show
Report: NSA unmasking Tor users
NSA using Firefox flaw to snoop on Tor users