Exposed: Establishment-funded ‘security network’ spying on users
An experiment by a Swedish researcher reveals that an online network used to ensure secure Internet communications may itself be under surveillance. Tor is free open source software and a popular open network used to anonymize communications on the Internet.
In 2013 it received more than $1,800,00 in funding from the US government and previous sponsors include; Google, The Ford Foundation and DARPA.
Tor stands for The Onion Router and was originally developed by the U.S. Naval Research Laboratory. In 2002, the Electronic Frontier Foundation took up and developed the project to provide a free means of ensuring the privacy of Internet users. The number of Tor users is estimated to be 2.5 million each day.
Internet security researchers have suspected for a while that security and intelligence agencies might have set up their own nodes to “sniff” or read data as it is routed through the Tor network.
To test this, the researcher known only by the pseudonym “Chloe”, set up an experiment with a honeypot. This was essentially a fake domain name with multiple logins. She then used different nodes to log in, and then waited for a month for any signs that the nodes were being used to steal the login information.
She found that seven of the 1400 nodes she had tested were used to steal passwords and log in. As of now, though the bad nodes have been reported to Tor, they are still in operation.
Chloe also came to the startling conclusion that as a consequence of the data sniffing by some exit nodes, Tor users might actually be drawing attention to their own sites, rather then ensuring their privacy.