Clickability tracking pixel

Carnegie Mellon University Engineers Aim to Unmask Surfing Software

Governments in the United States, Russia and Great Britain have worked for years to identify users of Tor, a software program that provides online anonymity. But it seems university researchers may have cracked it.

by Matt Nussbaum, Bill Schackner and Liz Navratil, McClatchy News Service / July 31, 2014
Roger Dingledine, Tor Project director Flickr/quinn norton

Two Carnegie Mellon University researchers may have removed the veil of secrecy from the Tor Project, a free software program that allows users to anonymously surf the Internet.

Tor was the preferred mode of covert communication used by Edward Snowden, a former National Security Agency contractor. Mr. Snowden leaked a trove of confidential documents that revealed secret snooping of personal communications conducted by the NSA.

Governments in the United States, Russia and Great Britain have worked for years to unmask users of Tor, which, according to the British Broadcasting Corp., has been linked to illegal activity including drug deals and the sale of child-abuse images.

It seems that the CMU researchers may have cracked it.

Alexander Volynkin and Michael McCord work at the university’s Software Engineering Institute, whose efforts in Oakland are financed by the Defense Department.

Mr. Volynkin was slated to give a talk titled “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” at the Black Hat USA hacker conference in Las Vegas beginning Saturday.

The talk was canceled after CMU said neither the university nor SEI had approved of the talk, according to a post by Black Hat organizers.

Messages left Wednesday night for Mr. Volynkin and Mr. McCord were not returned.

According to the university’s website, Mr. Volynkin is a research scientist and Mr. McCord is a software vulnerability analyst, both with SEI’s cybersecurity solutions department.

“Right now, I’m told we’re not commenting,” CMU spokesman Ken Walters said when asked Wednesday night about the scientists’ work.

SEI spokesman Richard Lynch said he could offer no elaboration beyond a schedule update added to the Black Hat conference website.

According to the Black Hat website, Mr. Volynkin has research interests that include network security, malware behavior analysis, advanced reverse engineering techniques and cryptanalysis. He wrote various scientific publications and a book on malware behavior analysis, and has a patent related to full disk encryption technologies, the site said.

One of Tor’s creators, Roger Dingledine, announced on his blog Wednesday that an attack on the site was discovered July 4.

He wrote that he believes the attack, initiated in January, was led by the CMU researchers, who were trying to “deanonymize users.”

“We spent several months trying to extract information from the researchers who were going to give the Black Hat talk,” Mr. Dingledine wrote. “They haven’t answered our emails lately, so we don’t know for sure, but it seems likely that” they were the hackers.

SEI is a federally funded research and development center with a mission to “research software and cybersecurity problems of considerable complexity,” according to its website.

In 2010, the Defense Department extended its contract with SEI through June 2015. The contract was worth $584 million, or a little over $110 million a year.

In what may have been a coincidence, the director of the FBI, James B. Comey, and the assistant U.S. attorney general for national security, John Carlin, came to Pittsburgh on Wednesday to laud the city's contributions to efforts to fight cyber crime.

Mr. Carlin spoke to a crowd of about 100 at the SEI in Oakland but didn't mention Tor.

Later, he stood beside Mr. Comey at a news conference at the FBI's Pittsburgh office.

Mr. Comey, who did not mention Tor, either, said his plan to boost FBI staffing across the nation by 1,500 later this year will include sending more agents to the FBI's Pittsburgh office to focus on cybercrime.

Briefly touching on the first-of-their kind indictments of Chinese officials for stealing trade secrets from Pittsburgh-based companies, Mr. Comey said, “It is no coincidence the work that has come out of Pittsburgh is the product of something that I was just about to describe as magical. I hope it's not magical because that will be harder to replicate.”

©2014 the Pittsburgh Post-Gazette

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

E.REPUBLIC Platforms & Programs