[tor-relays] [Important] Update on an upcoming German broadcasting story about Tor/Onion Services
isabela fernandes
isabela at torproject.org
Wed Sep 18 18:25:11 UTC 2024
Hello, we just published more information on our blog:
https://blog.torproject.org/tor-is-still-safe/
On Mon, Sep 16, 2024 at 7:31 AM isabela fernandes <isabela at torproject.org>
wrote:
> Hi Tor,
>
> I am reaching out to inform you of an upcoming news story concerning a
> potential deanonymization attack on Onion Services.
>
> What is happening?
>
> On September 9, 2024, The Tor Project received a press inquiry from
> Norddeutscher Rundfunk (NDR, part of ARD, a German public broadcaster) with
> a request for comment to their upcoming reporting of "investigative
> measures by German and international law enforcement agencies in the Tor
> network, in particular the localisation and deanonymisation of onion
> services." We complied with the outlet's deadline of September 12th and
> answered a series of questions.
>
> The reporter claims to have "evidence that shows that in several cases
> German law enforcement authorities were able to locate the Tor entry node
> of onion services and thus successfully deanonymise Tor users. V2 and V3
> onion addresses were affected at least between Q3/2019 and Q2/2021." The
> reporter further claims that "law enforcement agencies used so-called
> timing analyses and broad and long-term monitoring of Tor nodes in data
> centres."
>
> As of today, The Tor Project has not been granted access to supporting
> documents, and has not been able to independently verify if this claim is
> true, if the attack took place, how it was carried out, and who was
> involved.
>
> In the absence of facts, it is hard for us to issue any official guidance
> or responsible disclosures to the Tor community, relay operators, and users
> at this time.
>
> We are calling for more information from you.
>
> If you have any information that can help us learn more about this alleged
> attack, please email security at torproject.org.
>
> If you want to encrypt your mail, you can get the OpenPGP public key for
> this address from keys.openpgp.org. Fingerprint: 835B 4E04 F6F7 4211 04C4
> 751A 3EF9 EF99 6604 DE41
>
> Your assistance will help all of us take the necessary steps and
> precautions to keep Onion Services safe for the millions of users that rely
> on the protections Tor provides.
>
> Are Tor users safe?
>
> Tor users can continue to use Tor Browser to access the web securely and
> anonymously. Nothing that the Tor Project has learned about this incident
> suggests that Tor Browser was attacked or exploited. We encourage Tor
> Browser users and relay operators to keep software versions up to date.
>
> The reporter's questions focus on the use of onion services and .onion
> addresses. Which leads us to assume that the alleged attack was targeting a
> specific .onion site.
>
>
> We will continue to share updates on this email as this situation evolves.
>
> Thank you!
>
> Isabela
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20240918/6cef8daa/attachment.htm>
More information about the tor-relays
mailing list