FBI Allowed To Hack Anyone That Uses Online Anonymity Tools

2000px-US-FBI-ShadedSeal.svg (1)Last Thursday, the US Supreme Court approved a new rule that would make it easier for law enforcement agencies including the FBI to hack any computer, regardless of its location. This decision will take effect from December unless the Congress opts to bring up a competing legislation against the decision. The FBI will have the powers to search any computer (even those that are remotely located) that has online anonymity software installed in it. The new ruling also allows the FBI to hack into computers that have been hacked once or those infected by a botnet, which is a type of malware program that takes over many computers and infect them with viruses.

Beware Online Anonymity Seekers

Federal judges would now be able to issue search warrants that would allow law enforcement agents to search or seize any computer anywhere. The rule also incorporated a small paragraph that is related to computers using privacy software. According to approved change to Rule 41, a federal magistrate judge has the power to issue a search/seizure warrant for any computer anywhere in the world that uses online anonymity tools like VPN and Tor. The US Supreme Court has purportedly approved the rule change to combat the rising incidents of cyber-crime. Interestingly, this rule was approved just a day after advancement of a bill by the US House of Representatives that made it a prerequisite for the government to obtain a judge’s cause warrant before seizing stored data from company computers such as Dropbox, Facebook or Google.

John Roberts, Chief Justiceof the Supreme Court,submitted the rule change to Congress as part of the annual collection of amendments to the Federal Rules of Criminal Procedure.Kevin Bankston, Open Technology Institute director (policy advocacy group) opined that the changed rule would authorize much more of government hacking than what is happening currently. He urged the Congress to pose questions to the FBI in this regard. It is alleged that FBI is fighting cases in court to keep its spying tactics a secret from the public.

As a deviation from the current Rule 41 which allows a magistrate judge to issue search warrants only within their jurisdictions, the amended rule would allow the same magistrate judge to issue search/seize warrants on any computer if its location has been hidden through technical means.It is also possible for the government to search millions of computers all at once with just a single warrant. There was added concern that the computers searched would belong to the victims of the cyber-crime that seek online anonymity instead of the perpetrators in most cases.

Whereas many of the experts that testified against such changes of the rule and privacy advocates are smarting against the upper handedness of the government, many are calling on the Congress to reject the rule that could mean an end to online anonymity. Senator Ron Wyden, an advocate of privacy, added that the amendment was clearly a debate that the Congress and the elected representatives of the country should take up and resolve after adequate public vetting. This is important in the light of the fact that there are over a million people that use Tor and other online anonymity tools for very legitimate reasons just as some others are using it to hide their crimes.

2000px-US-OfficeOfJusticePrograms-Seal.svgAbsence of any opposition to the rule means that it will come into effect in December this year and will result in spying by the government on users of Tor or VPN services without the user having any knowledge of it. The Department of Justice, however, welcomed the amendment. Their argument was that this change would help to prosecute those criminals that use Tor or similar tools to maintain online anonymity while perpetrating their crimes.

Earlier in the month, an Oklahoma federal judge had to turn down evidence in a case relating to child pornography owing to the limitations of Rule 41. Though the amendment to Rule 41 was proposed in the year 2015 by the Department of Justice, Google, in collaboration with other privacy advocacy groups wrote a letter expressing concerns about the violations of international agreements that this amendment would bring about as a result of the authorization of the government to conduct searches on computers outside of the United States.

Ricochet: Instant Messenger That Uses Tor Online Anonymity Network

With so much of our information available on the internet, maintaining online anonymity can be a challenge. Many of us look for privacy and online anonymity especially in chat services. Ricochet software is the perfect solution as it lets users connect through instant messaging without having to disclose their identity.

1

Ricochet is open-source software that operates on multiple computing platforms. It was developed initially by John Brooks and was called Torsion IM. It underwent multiple changes since then and was renamed to Ricochet in June 2014. Ricochet recently passed its first security audit conducted by NCC Group and had been sponsored by the Open Technology Fund (OTF). The vulnerability that was found which could deanonymize users has been fixed in the recent version release.

Ricochet is a decentralized instant messenger which means it does not connect to any server or does not share data with any server to maintain online anonymity. It uses Tor to create a hidden service locally on the computer of the user. A user with this Tor hidden service running on his computer can connect to any other user who also runs the hidden service.

Tor maintains online anonymity by directing traffic through several thousand relays over a free, volunteer, worldwide network making it extremely difficult to track traffic back to the user. This hides the user’s details, location and usage from anyone who is trying to identify users through traffic analysis. This detailed relay of traffic also protects disclosure of identity through network surveillance.

Tor networks make it difficult to track Internet activity back to the user keeping the online anonymity of the user intact. These activities include all forms of communication like emails and instant messages, online posts and visits to different websites. To maintain online anonymity, Tor uses encryption of the information in the application layer itself of the communication protocol. This communication protocol is layered like an onion and hence the name. The innermost layer contains the information to be communicated while all outer layers consist of randomly selected relays through which the information passes before reaching the final destination.

When the information is passed over the network, each relay decrypts a layer of the encryptions and receives the information of the next relay through which the remaining encrypted data needs to be passed. Thus the peeling of the encrypted layers happens one after the other and the data passes through multiple relays. The final relay decrypts the actual data that needs to be sent to the recipient’s address and forwards it to the destination. Thus the final relay does not even know and hence cannot reveal the source IP address maintaining complete online anonymity.

Using this complex Tor network, Ricochet sends instant messages to recipients and these messages never leave the Tor network, which maintains complete online anonymity. Ricochet provides every user a screen name which is unique. This screen name is generated automatically the first time a user starts Ricochet. This user name is a combination of two parts, the first part is the word “ricochet”’ and the second part is the address of the Tor hidden service that gets started in the local system of the user when he starts Ricochet.

For two Ricochet users to be able to communicate and yet maintain online anonymity, at least one of them has to share their unique screen name with the other. This can be done either privately or publicly. Sharing screen name does not in any way mean that any details of the user get shared with the others. Neither the IP address, nor the physical location of any of the users is revealed when screen names are shared.

12

The advantage of Ricochet is that along with online anonymity, even the information shared is encrypted. Users do not have to register themselves at any servers which can pose any kind of threat to their online anonymity. The contact lists are saved locally on the system of users making it tough to know who the user is chatting with. Even chat histories are not saved to preserve online anonymity. Thus, Ricochet offers an instant messaging solution that maintains online anonymity and keeps all communication secure.

Facebook Android App Now with Internet Anonymity Tor

For the past couple of years, Facebook has been allowing users to log into their account on their personal computers using Tor-enabled browsers. This support for Tor network will receive a new boost, after Facebook announced that they will now extend Tor support to Android mobile users. In a move that is aimed to increase Tor functionality for Facebook users, a new feature that supports Tor network will be added to the Android app, which will allow users to browse privately. The announcement comes at a time when there is a heated debate on the issue of Internet anonymity.

About Tor network

Tor is an Internet anonymity network, which encrypts the traffic from the connected device and routes it through several network nodes all over the globe. This helps to conceal the identity of the Internet user and the location of the connection, allowing them to browse anonymously. The network has been the go-to option for Internet users who want to maintain their privacy while browsing online. However, it has gained a lot of popularity in the past few years, especially with the revelation of the massive surveillance of civilians in the USA by the NSA.

Orbot

With the integration of the new feature, Facebook Android app will now come with a button that allows users the option of connecting to the internet using Tor network. However, users will have to download and install Orbot, the Tor app for Android phones. The new feature will however not be available to iPhone users.

orbot-connected

Effects of the Tor Support for Facebook Android App

1) Increase in Internet anonymity

Internet users are always looking for more ways to increase their Internet anonymity, and with over 1.5 billion online users on Facebook, the new feature will significantly increase the ability of people to browse privately. Facebook users who use Tor network to log into their accounts will also benefit from improved online security, as the service encrypts important information such as the IP address and the location, which can help to protect them from hackers.

2) Easy access to Facebook in countries where it is censored

Facebook censorship is a main issue in several countries. The social media network has been banned in some countries. Since Tor network encrypts traffic and provides the user with Internet anonymity, people in countries where Facebook is banned or censored will now be able to use the service without fear of any repercussions.

3) A boost for human rights activists

With about 1.5 billion active users, Facebook is a communication channel that has a very wide reach all over the world. As a result, it has become a popular weapon for human rights activists who oppose authoritarian regimes. The social media network has been used in some countries to oppose human rights violations. However, the massive Internet censorship that exists in some of these countries has always made it hard for human rights activists to effectively use the network. With the Internet anonymity that is offered by the Tor network, activists can now use the network to communicate privately without fear of being discovered and prosecuted.

Conclusion

407016

With about 80% of users connecting to Facebook through their phones, the integration of the Tor network to the Facebook Android app will help to boost Internet anonymity for many online users. In addition, it will increase the number of people who can be able to access Facebook, by allowing people in countries where Facebook is banned or censored to gain access to the social media network.

Tor On Mobile Devices Will Give More Internet Anonymity To Users

With 4G mobile functionality available on most mobile platforms, users would now be able to download video and other types of data with ease while they are on the move. The complete implementation of 4G would mean more available bandwidth to the mobile phones and transfer of data between phones would become easier.

Following the launch of the 4G services, companies such as Apple have hinted at introduction of Tor mobile apps that will support Internet anonymity on mobile phones. Apple’s iOS9 would have this feature. Tor apps would, therefore, be freely available to users of iPhone and iPad that run on the iOS9 operating system. Tor apps have been made available on android devices for many years now.

Tor On Mobile DevicesThe Tor software enables Internet anonymity for users browsing the web. Tor apps encrypt and mask the users’ browsing data such as IP addresses and offer Internet anonymity. Commonly associated with crime and black market sites, Tor’s popularity in this area is bigger because it is known to provide a greater level of anonymity to both the publisher as well as the viewer of uploaded content. Security concerns however, Europol, the premier law enforcement agency in Europe has concerns of a different nature. The increased bandwidth provides additional possibilities for exchange and download of HD images and video. Enforcement agencies are therefore concerned that child pornographers would take maximum advantage of the 4G functionality. They would use Internet anonymity on mobile devices to their advantage. They believe that this type of masking and encryption of users’ identities would encourage troublemakers to operate at a level where they cannot be easily traced. Though Tor is known to slow down a user’s browsing speed, using the network along with 4G services would help to speed up the data transfer process.

According to Europol, Tor Internet anonymity platform has been identified as a leading player in both the creation and subsequent distribution of child pornography content. This finding was based on a report by the Virtual Global Taskforce that outlined important issues in the different ways in which the Internet anonymity software was being used by pedophiles. In their report on the techniques and methods used to commit offences and stay away from detection, it was cited that in about 40 hidden services that were reviewed and were purportedly proving child pornography material, Europol detected more than 300,000 active users. Some of the factors that were attributed to the use of the Tor Internet anonymity software for upload and circulation of child abuse material were the secrecy that the network software provided, the demand for new material to be uploaded regularly and the anonymous environment which allowed the offenders to reveal their desires more explicitly. Europol also has concerns that the Internet anonymity software technologies offered on mobile phones would add on a new layer of strain for the investigators to identify child abuse offenders.

Tor on Mobile Devices – Will It Be the Offenders’ Nemesis

orbot
The Orbot app is popularly used to access Tor by android phone users. This was revealed by the Tor Project, the non-profit organization that is responsible for the maintenance of the network software that provides Internet anonymity to its users. This information was obtained when they were asked to provide numbers of mobile users who used Tor. Orbot is easy to use and booting the app helps to access the Tor network by clicking on a button. Once the Internet anonymity software is on, certain apps have their traffic directed through Tor. Europol’s concern is that there are over 6 million installs of Orbot on android devices. Out of this number it has been observed that there are over 1.2 million who use it actively. However, nothing more is obvious about these users. Orweb browser, which is additional software that provides extra privacy and security has had 4 million installs from the Google Play Store and purportedly has 900,000 active users. In spite of the concerns about the secrecy that the Internet anonymity software will provide to child abuse offenders, security experts feel using Tor on mobile devices may have its own pitfalls. In spite of the fact that the Internet anonymity software hides IP addresses of the users, other data that can be traced to the users include the location of the mobile and data that is transferred to other mobiles through apps that are not configured to route data through Tor. Another pertinent point that works against offenders is that Orbot has had some bugs in software that leaked website addresses visited by the user when the VPN feature (of the app) was used. However, the company has claimed that these bugs have been fixed for the present.

California Representative Defends Library Supporting Tor

Zoe Lofgren

Zoe Lofgren, California Representative, wrote to Jeh Johnson, the head of the Department of Homeland Security (DHS), defending the right of library in New Hampshire as regards offering Internet anonymity. In her letter that demanded an explanation, she stated that the possibility of DHS employees persuading or pressurizing public as well private entities to degrade or discontinue their services, which would help US citizens protect their anonymity and privacy, has disturbed her a lot. Meanwhile, a congressman in California is trying to have a clear understanding about the idea of Internet anonymity and as to why the DHS singled out one small library in New Hampshire.

Towards the end of summer season this year, an agent from the Department of Immigrations and Customs Enforcement, a subsidiary of DHS, put pressure on the Kilton Public Library in New Hampshire. The agent persuaded the library to disable the Tor relay which it was making use of to connect to a network that offered Internet anonymity. Librarians working at Kilton, located in West Lebanon, unanimously voted for the library to continue to offer Tor relay services. In fact, they also decided that they would step up their game. In the meantime, a number of other libraries have also started joining the movement.

Tor software
Tor relays, like the one that the Kilton Public Library is using, bolsters the Tor network which allows Internet users to access the World Wide Web without the surveillance of the authorities. This network is dependent on volunteers who donate bandwidth.

The library decided to temporarily stop the use of its Tor relay following the pressure put on them initially by the enforcement authorities. However, the library decided to reverse its decision and reboot its Tor relay. The local community has whole heartedly supported Kilton Public Library’s decision. Further, news outlets as well as civil rights groups all over the country have taken note of the issue.

Lofgren wrote in her letter addressed to Jeh Johnson that the product Tor network has been developed on the basis of research carried out at the DPRPA and Naval Research Laboratory in the United States of America. She also drew his attention to the fact that Tor network is being made use of by journalists, dissidents, intelligence sources, activists and other individuals who are concerned about their privacy and Internet anonymity. Tor enables them to keep details of their browsing activity private. The version of the Internet anonymity network that is being used currently continues to receive significant amount of funding by way of government grants.

The gist of the questions posed by Lofgren in her letter is as follows:

Question #1: Is the interference with the offering of the Kilton Public Library to protect the privacy of the Internet users the result of the policy of the DHS to persuade private or public entities from providing such services or is this an independent action by an agent without any kind of authorization?

Question #2: If an agent of the DHS has acted independently, what steps are being taken by the DHS to ensure that agents do not interfere in this manner with privacy protection services that are being made available to the public?

Question #3: Is there any other instance wherein a DHS agent was involved in either pressurizing or persuading private or public entities in either stopping their offering of privacy or Internet anonymity services or reducing the effectiveness of the services provided by them?

Further, Lofgren has requested the DHS to submit to her office relevant copies of the DHS guidance, policy or memo, if any, that deals with the issue of deterring or supporting the provision of privacy protection services by private entities, public entities or individuals.

It was Alison Macrina who helped the Kilton Public Library to set up its Tor relay system. Alison Macrina who founded the Library Freedom Project is passionate when it comes to this issue. According to her, libraries are the most democratic among public spaces. It is, therefore, important to ensure protection to an individual’s intellectual freedom, unencumbered access to information and privacy or Internet anonymity, she noted.

Vuvuzela: New Online Anonymity Tool

Researchers from Massachusetts Institute of Technology (MIT) have developed a new messaging system called Vuvuzela which can be used to provide online anonymity and is believed to be more secure than the popular Tor system.

The researchers, who have been working on the project for close to six months now publicized their success early in December in a press release and have put down this achievement to imperative piety and close scrutiny of the Tor network.

Earlier this year, an all-best partnership between researchers from Qatar Computing Research Institute (QCRI) and MIT did a deep going-over on the undisputed online anonymity tool Tor in a bid to expose its bugs and vulnerabilities, and came up with a report deeming the network as 88 percent accurate.
Vuvuzela
The Vuvuzela system is basically modeled on Tor, and the analysis of the directions taken by various packets on Tor nodes helped them design the new 99 percent accurate Text Messaging System.

The main difference between the two soon-to-be rivals is that Vuvuzela doesn’t allow third parties to develop patterns and use them as a way through to the original servers, something Tor cannot guarantee. What’s more the new system, unlike Tor, has undergone mathematical validation by experts in a public paper “Scalable Private Messaging Resistant to Traffic Analysis” as proof for its online anonymity credentials.
Man Using Tor
For the old Tor system to work, every user leaves their message on predefined locations like, say, Internet-connected dread drop servers, where other people can retrieve the message. If there were four people using the system, for instance, and only two of them were exchanging text messages, the fact that there is a conversation between two people on the server would be obvious and anyone would easily make a pattern and find a way into the servers.

On Vuvuzela, though, the complexity of the goings-on leaves no room for online anonymity jeopardy. With or without information, in this system, information flow towards the dead-drop server is kept constant, making it hard for anyone analyzing patterns to find a clear-cut track into the server as the traffic seems’ to come from numerous untraceable locations all the time.

Of course the hacker can take a further step and infiltrate the server to find the real users and the locations from which the messages are coming, and that makes the system still unreliable. So, to make it perfect, the researchers created two more servers to make it three and two more layers of encryption, a measure that makes it downright impossible for a hacker to study the patterns and look into the message threads and the identity of the users.

And that’s not all. The dead drop servers have been designed in such a way that understanding them would be difficult for anyone. The first server, for instance, sports the top most encryption layer on the messages whose order has been deliberately tampered with. The second layer does the same, and only the third layer provides and displays the messages in the order preferred by the recipient.

Not unless all the three layers are compromised, which is next to impossible, according to the brains behind the architecture, messages and user identity is safe from third party access and online anonymity is guaranteed.

According to Nickolai Zeldovich, co-leader of the Parallel and Distributed Operating Systems group, who clearly doesn’t intend to cast Tor in bad light, believes that Tor’s assumption that no single hacker in controls multiple nodes in his system cannot be relied on to provide online anonymity these days because “maybe there’re people out there who can compromise half of your servers.”

While it would be tricky for some of us to buy this idea (every new invent comes with a load of hype, basically), the team from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) believe their advanced text message system can guarantee 100 percent online anonymity and allow for exchange of messages approximately once a minute. “Statistically, it’s next to impossible for a hacker to tell whether messages received at the same time window were destined for the same recipient,” explains CSAIL. “Those statistical assurances stand even if one or two of the servers get infiltrated. The system will conventionally work as long as one server remains uncompromised.”

Tor Announces Their New Executive Director

After five months of pursuit for a new Executive Director, Tor’s quest has finally come to an end. Tor had been looking for someone to continue leading the organization with the same enthusiasm and having in mind the same values this giant has been promoting over the years; someone who can work on educating the public about the importance of online anonymity.

It is Shari Steele, a former Executive Director at Electronic Frontier Foundation (EFF), that has been announced as the new Executive Director of Tor Project. The choice is really quite logical, for the two organizations have more than one thing in common.

While Tor provides online anonymity for its users using the encrypted multilevel relays, the EFF describes itself as the leading nonprofit organization defending civil liberties in the digital world. Tor provides specific online service to its users and EFF is more involved in protecting human rights in legal sense.

Who is Shari Steele?

Shari Steele

According to Wired’s opinion, Steele sounds like an ideal person for leading the Tor Project. She started her career at EFF as a leader of a small group of lawyers and led them into becoming the world-class team. EFF has been involved in almost every significant legal battle of the digital world; it even battled with NSA’s dragnet surveillance programs and challenged the government’s use of National Security Letters.

Shari Steele is often described as a passionate advocate of free speech, and during her time at EFF as Executive Director her main responsibilities were fundraising, financial structure, employee welfare and benefits, support system for the office and many other things. Her leaving the organization was the result of her wish to move.

Shari Steele has proven herself a great leader and probably the best testimony for that is the “Farewell blog post” by her former colleagues.

The founder of EFF, Mitch Kapor recalled the early days of the organization which also coincides with the early days of cyberspace. He also spoke about Steele’s role in stabilizing and transforming the organization into, as he put it “a beacon of freedom in today’s online world.” Kapor went on to express his huge personal gratitude to Steele, wishing her best of luck in her future business ventures.

Her interest in taking the role of Tor’s ED is not a big surprise, since this is not the first time Steele is involved with Tor. At very same farewell blog post, Roger Dingledine, Project Leader, Director, Researcher at Tor Project remembered Steele’s crucial decision when she “took a chance” and helped fund the project in 2004, despite EFF being more focused on legal aspect of the similar idea. Dingledine pointed out that Tor and online anonymity might not even exist today if it wasn’t for Steele at the crucial moment. On two more occasions Steele stepped in for Tor, once with resources in staff and the second time as fiscal sponsor when Tor applied for Omidyar grant.

Tor Today

Despite being created as means for online anonymity, which was supposed to provide Internet users with security and freedom, Tor has met with many negative reactions of the general public, mainly due to excessive misuse by the drug dealers selling illicit drugs on darknet markets. These darknet markets can only be accessed via Tor Browser; hence its appeal.
tor browser logo

Nevertheless, there are still more positive applications of Tor network and online anonymity it provides, for many journalist and freedom fighters use it a tool for communicating with whistleblowers, especially in countries with limited freedom of speech.

New Executive Director of Tor will have a difficult job of presenting it to the public as a good thing; an idea of online anonymity that really should be supported with heart and soul; as well as sponsored. Shari Steele believes that no major turnover in Tor’s business will take place after she assumes her position – it will remain the leading provider of online anonymity and security on the internet today; plus, she is promising to expand the boundaries to new horizons. What this boundaries-and-horizons part means exactly remains for us to see.

In the meantime, Roger Dingledine is relieved to have the new Executive Director and is very excited that his team of developers will finally be able to completely devote to improving Tor network.

Roger DingledineSome might say “About time!” because earlier this year one of the darknet markets, Agora, “retired” from business claiming that they have found a glitch in Tor’s security system and decided to wait some time until this is fixed.

Another incident is also related to this glitch in Tor network. Back in 2014 in the Operation Onymous more than 27 darknet markets have been seized because the online anonymity Tor was supposed to provide was compromised.