Defense Department, NSA Did Not Get User Data From Tor Service: US
Advertisement
The U.S. Department of Defense did not receive personal data on users of Internet privacy service Tor through a government-funded project to detect vulnerabilities, a Defense spokeswoman told Reuters on Tuesday.
"This particular project was focused on identifying vulnerabilities in Tor, not to collect data that would reveal personal identities of users," said Defense Department spokeswoman Lieutenant Colonel Valerie Henderson, adding that the National Security Agency also did not receive data.
The project was conducted by two researchers at Carnegie-Mellon University's Software Engineering Institute with funding from the Defense Department.
She did not rule out the FBI or other agencies obtaining the data. The FBI and Carnegie-Mellon declined to comment.
Funded in large part by other arms of the government, Tor hides the Internet protocol addresses of users by routing their traffic through multiple layers of volunteered servers.
Advertisement
In a note last week on Tor's website, Tor Project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to what are known as "hidden services," which include drug bazaars and whistleblower sites.
Dingledine said it was likely the attacking computers, which were removed on July 4, had operated on behalf of the Software Engineering Institute team.
Advertisement
He warned then that "users who operated or accessed hidden services from early February through July 4 should assume they were affected."
Dingledine said the physical locations where the hidden services were housed could have been exposed, although probably not which content was viewed by a visitor.
Advertisement
In an email to Reuters, Dingledine said that Carnegie-Mellon had stopped cooperating and would not share more information about the effort.
The researchers had planned to describe their work at the Black Hat security conference that begins Wednesday in Las Vegas but the university cancelled the talk amid the controversy.
© Thomson Reuters 2014
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Advertisement