NSA targets Tor: leaks show how US weakens the privacy tools it pays to build

A top secret slide show by the National Security Agency shows how the US government has been trying to compromise the Tor network, a tool that allows people to communicate anonymously on the internet.

The slide show, published by the Guardian is the latest in a series of leaks from ex-NSA contractor Edward Snowden. The Tor technology it describes was, ironically, largely paid for by the US government as a way to provide a private communication system for the military and for dissidents to escape surveillance.

Tor itself stands for The Onion Router. It relies on a system of encryption and bouncing messages around different servers in order to ensure Tor users’ communications are invisible and untraceable.

According to the slides, the NSA has been trying to lure Tor traffic to specific servers that it controls, and to get into users’ computers directly so as to compromise their web browser. It includes photos like this: (

Tor screenshot

Reports about the slide show suggest that the Tor network itself is not compromised, and is still effective as a secret communications system. But the NSA’s efforts to burrow into it have caused outrage in some quarters, and raised questions about America’s strategic goals.

Well-known security expert Bruce Scheier argued in the Guardian that the US is working at cross purposes by constructing secure communications tools while simultaneously undermining them. He pointed out that a backdoor put in place by a government would inevitably get discovered by others – including by criminals who will use it to attack others on the internet. While a secure network will make it harder to track terrorists, Scheier said all of us would ultimately be better off if we had a private way to communicate.

My colleague David Meyer has raised a similar point over revelations that the NSA had a program to subvert and undermine common encryption protocols. Doing so, he pointed out, undermines America’s integrity in the world or encryption and security, and will likely cost the country friends and customers.