The FBI carried out a successful operation with ease and detained a Harvard University student, Eldo Kim, who sent a message about a bomb in the university building. Note that Tor did not help the "miner" and now the joker faces up to 5 years in prison and a fine of 250 thousand dollars.
Student mined university
The 20-year-old student admitted that he wrote a letter hoping to avoid the final exam, for the sake of fidelity, he duplicated the threatening letter to the university security department and the university newspaper. Although he succeeded here: due to the evacuation, all morning exams were postponed, but now the guy has more serious problems.
Tor won't save intelligence agencies from computing
Kim took steps to avoid identification. He set up an anonymous email address and used the Tor anonymization service. Nevertheless, it was still possible to calculate it. Based on the testimony of the FBI agents in the documents filed for the court, the secret service received a list of users of the local computer network in the university dormitory. They studied the traffic and determined which student is using the Tor service. As you know, Tor traffic can be identified by its characteristic features. The FBI then interrogated all the users of the anonymous network one by one. There were not too many of them, so it turned out to be quite simple to find the culprit.
Promotional video:
Public Wi-Fi is better than Thor
One might argue that the student was unlucky that he was sending a message from the student's computer. If he did it from public Wi-Fi, passing traffic through some outside machine, then the FBI method would not work.
Tor won't save the police
However, history demonstrates the weakness of relatively rare information security tools, writes well-known cryptographer Bruce Schneier. "The same thing that allows you to hide your involvement makes you a prime suspect." The FBI didn't have to hack Tor, they just used standard police methods to identify the sender of the letter. In other words, even in the most powerful cryptographic protection, there is a weak point - it is the person himself. If you can't break the code, you can always break a person.
Providers identify Tor users
Similar methods for identifying Tor users are suitable for use at any provider level. Don't be surprised if intelligence agencies already have a list of Tor users in every city.
Is it possible to track a person if he uses the Thor?
As easy as pie. First, intelligence agencies have keys in common use in operating systems. This means that the user can sit behind Thor and consider himself completely safe, while his real IP address is merged along a parallel line. Secondly, Thor guarantees safety only if the rules are strictly followed. Are you sure you know these rules 100%? For example, JavaScript cannot be enabled. But some sites don't work without it. Turned on - and your IP is already known to everyone.
Tor does not hide IP
Very often the site requires JavaScript to be enabled and refuses to continue working until the user fulfills this requirement. Well, you should know that if you have enabled JavaScript execution in the Torah, then your IP is no longer a secret for an outside site.
Is it possible to track down the VPN user?
Can. This is harder to do than calculating the TOR user. But the fact is that setting up a VPN is a very complicated process and mistakes often happen here. Research has recently been done on this topic. It turned out that about 40% of existing VPN services make it fairly easy to calculate the IP of users - due to gross configuration errors.
What is the Tor browser for?
To hide your IP address when visiting sites. The second task of the Tor browser is to provide access to those sites that have been blocked in Russia.
Why is Thor not anonymous?
Because free cheese is only in a mousetrap. Thor was created with financial support from the US government. TOR entry nodes see your real IP address, TOR exit nodes see all your traffic. What kind of anonymity is there?
How to hide the use of TOR
No way. Your real IP will be replaced with the IP of the TOR exit node. This IP can be checked against the list of TOR hosts and established the fact of use.
How to download files via TOR
You can configure the download of files to work through a proxy, but this is not recommended - TOR is too slow for downloading files. Plus, you clog the channel and interfere with those who really need anonymity. If you want to secretly download files - use VPN, not TOR.
Why Tor is insecure
Only pioneers believe in the security of Tor, and they do believe it, and do not try to analyze how this tool really provides anonymity. But experts have been warning about the unreliability of Tor for a long time:
- in 2008, a method was presented that allows you to de-anonymize any Tor user in 20 minutes;
- in 2013, there were reports that intelligence agencies have learned to mark Tor traffic and, in some cases, disclose the identities of network members;
- there is a way to track users using the Google Adsense advertising network;
- and in general, Tor's budget is 40% from donations from the US government.
It should be especially noted that using Tor without learning all the nuances of this system can turn into serious troubles even for law-abiding users. For example, in December 2012, police broke into the home of a 20-year-old Tor node operator and charged them with 10 years or more in prison. And this despite the fact that the user did not commit illegal actions, but only provided his computer for the passage of anonymous traffic.