Tor Project Responds to De-Anonymization Report: Network Remains Secure for Most Users
In response to an investigative report revealing a law enforcement de-anonymization attack on a Tor user, the Tor Project has issued a public statement addressing the concerns raised by the report. The attack, which exploited an outdated version of the long-retired Ricochet application, has left the community with questions, but the Tor Project reassures its users that the Tor Browser remains a secure and anonymous way to access the web.
The Tor Project confirms that the de-anonymization attack targeted a user of Ricochet, a now-retired Onion Service application. The attack was carried out through a guard discovery attack, leveraging vulnerabilities in the older version of Ricochet. According to the Tor Project, the compromised version lacked critical protections such as Vanguards-lite, which were introduced in later versions to defend against such timing attacks. The updated fork of Ricochet, Ricochet-Refresh, has implemented these safeguards since version 3.0.12, released in June 2022.
The Tor Project acknowledges that it has been provided with limited information about the case, unlike the Chaos Computer Club (CCC), which had access to more detailed documents. While the project was contacted by journalists, the lack of full access to the case documents left them with uncertainties regarding the facts. This prompted the team to go public, urging anyone with further details to share them, so the Tor Project can better understand how the de-anonymization occurred.
Despite the Ricochet attack, the Tor Project emphasizes that the network itself remains healthy, and Tor Browser users are not affected by the same vulnerabilities. The team has made significant strides in recent years to improve the security of the network. The introduction of Vanguards-lite and the identification and removal of malicious relays by the Network Health team have bolstered protections against similar attacks. Additionally, the number of exit nodes has surged, enhancing both security and speed for users.
The Tor Project highlights ongoing efforts to grow and diversify the network, recognizing that the diversity of relays is a crucial factor in protecting against surveillance and attacks. Initiatives such as the Tor University Challenge and the introduction of the Tor Network Health API aim to engage the community in bolstering the network’s resilience. By increasing the geographic and hardware diversity of relays, the Tor Project seeks to make attacks, such as guard discovery, increasingly difficult to execute.
In its statement, the Tor Project encourages users, developers, and volunteers to contribute to the network by adding bandwidth and relays. By doing so, the community can continue to enhance the security and privacy of users worldwide. For those concerned about privacy, keeping Tor software up to date is the best defense against emerging threats.
While the investigation into the Ricochet de-anonymization attack continues, the Tor Project remains committed to transparency and the protection of its users. As the team works to gather more information, it reassures the public that Tor remains one of the most robust tools available for secure and anonymous browsing.
