NSA Agents Leak Tor Bugs To Developers 116
An anonymous reader writes: We've known for a while that NSA specifically targets Tor, because they want to disrupt one of the last remaining communication methods they aren't able to tap or demand access to. However, not everybody at the NSA is on board with this strategy. Tor developer Andrew Lewman says even as flaws in Tor are rooted out by the NSA and British counterpart GCHQ, other agents from the two organizations leak those flaws directly to the developers, so they can be fixed quickly. He said, "You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don't get to see in most commercial software." Lewman estimates the Tor Project receives these reports on a monthly basis. He also spoke about how a growing amount of users will affect Tor. He suggests a massive company like Google or Facebook will eventually have to take up the task of making Tor scale up to millions of users.
Not entirely surprising (Score:5, Interesting)
The NSA has two directives that often conflict with each other:
1) Protect communications that are critical to our nation's security. This is mostly military/government comms, but they have a role in securing banking and other civilian networks. An example of what comes from this side of the NSA is SELinux - which is now heavily used by Android to provide additional security against malware.
2) Compromise and monitor the communications of our enemies. These guys overstepping their bounds are what has been routinely making the news lately.
While I can't see an obvious reason for the guys in category 1 to want to strengthen Tor, it's possible. (Potentially on behalf of another agency... Think in terms of Tor's use by Chinese dissidents.)
I'm fairly certain the people in categories 1 and 2 don't get along with each other. While in theory their goals should not conflict (one focuses on our enemies, one focuses on strengthening friendlies), the truth is that it's hard for the guys in category 1 to strengthen friends without also making those tools available to our enemies - and the guys in category 2 are routinely overstepping their bounds and attacking friendlies.
Re:OPSEC (Score:5, Interesting)
I don't think that these bug reports that the NSA is making are actually leaks. My theory is that these exploits have already been used by the NSA, and are believed to be at the end of their useful life cycle (ie; the NSA suspects that someone else has found the bug and may report it) so they go ahead and report it - it boosts the NSA's image because they're supposedly reporting zero-days, but in reality they're just getting rid of what they don't need anymore.
Re:Another Angle (Score:5, Interesting)
Re:Reading source for months... (Score:4, Interesting)
SELinux is a good stab at that. While not 100%, it has helped ensure that a program that manages to get a root context still doesn't have full superuser reign over the system. It isn't simple, but it does a good job at security over previous tools like SUID wrappers.
I wouldn't mind a code review of web browsers and browser add-ons, as those are the first points of contact and generally a primary vehicle for malware to get a foothold.
Re:Beware of Greeks bearing gifts.... (Score:4, Interesting)
Beware of Greeks bearing gifts....
Remember, the NSA is the group that originally gave us Tor. If I was one of the original developers, and I took pride in my work - it is likely I would continue to help the project improve, even if my employer had changed focus.
Also, remember that the NSA is not just one huge monolithic group with only one task on their plate. I find it easy to believe that some folks there question the wisdom of attempting to cripple security (such as they seem to have done with the elliptic curve ciphers). Plus code breakers and cryptographers are, in general, going to be working at cross purposes - it's the nature of their jobs.
Re:Why Facebook or Google? (Score:4, Interesting)
Cause the NSA ain't providing code, bandwidth, or servers to scale the system to millions of users. Google and Facebook have the knowledge and resources to actually do it, if they want.
But yeah, its a pretty dumb hope. They don't want you to have any anonymity as it is.
I think it would be cool if some one were to design a cryptocurrency wherein the proof of work was somehow related to the number of connections proxies. So mining would actually be providing anonymity to those who needed it and their would be an incentive to provide service. However that trick of providing indisputable proof of work, while not reveling the traffic or inbound/outbound connections might be a bit tricky to get right.