Ever since a Carnegie Mellon talk on cracking the anonymity software Tor was abruptly pulled from the schedule of the Black Hat hacker conference last year, the security community has been left to wonder whether the research was silently handed over to law enforcement agencies seeking to uncloak the internet’s anonymous users.
Now the non-profit Tor Project itself says that it believes the FBI did use Carnegie Mellon’s attack technique—and paid them handsomely for the privilege.
The Tor Project on Wednesday afternoon sent a statement from its director Roger Dingledine directly accusing Carnegie Mellon of providing its Tor-breaking research in secret to the FBI in exchange for a payment of “at least $1 million.” You can now read the full statement on the Tor Project’s blog.1 And while Carnegie Mellon’s attack had been rumored to have been used in takedowns of dark web drug markets that used Tor’s “hidden service” features to obscure their servers and administrators, Dingledine writes that the researchers’ dragnet was larger, affecting innocent users, too.
“Apparently these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes,” Dingledine writes. “Such action is a violation of our trust and basic guidelines for ethical research. We strongly support independent research on our software and network, but this attack crosses the crucial line between research and endangering innocent users.”
Tor’s statement all but confirms that Carnegie Mellon’s attack was used in the late 2014 law enforcement operation known as Operation Onymous, carried out by the FBI and Europol. That dark web purge took down dozens of Tor hidden services, including several of the most popular Tor-based black markets for drugs including the Silk Road 2, and led to at least 17 arrests. Tor, for its part, has made efforts to subsequently block the attack, which it says it first detected in July of 2014.
When experts contacted Carnegie Mellon, it didn’t deny the Tor Project’s accusations, but pointed to a lack of evidence. “I’d like to see the substantiation for their claim,” said Ed Desautels, a staffer in the public relations department of the university’s Software Engineering Institute. “I’m not aware of any payment,” he added, declining to comment further.
Tor’s Dingledine responded to that call for evidence by telling that it identified Carnegie Mellon as the origin of the attack by pinpointing servers running on Tor’s network that were used in the de-anonymization technique. When it asked Carnegie Mellon if the servers were being run by its researchers—a suspicion based on the canceled Black Hat conference presentation—the anomalous servers disappeared from the network and the university offered no response. The $1 million payment, Dingledine says, was revealed to Tor by “friends in the security community.”
Experts have also reached out to the FBI for comment, and we’ll update this story if the agency responds. Tor’s accusations against Carnegie Mellon were triggered Wednesday morning by a report from Vice’s Motherboard news site, which found a reference in legal documents obtained by the defense attorneys of alleged Silk Road 2 drug dealer Brian Richard Farrell. According to the documents, prosecutors revealed to Farrell’s lawyers that the technique used to identify him was “based on information obtained by a ‘university-based research institute’ that operated its own computers on the anonymous network used by Silk Road 2.0.”
In his statement, Tor’s Dingledine excoriates Carnegie Mellon for violating its academic ethics to help invade the privacy of Tor’s users. “This attack…sets a troubling precedent: Civil liberties are under attack if law enforcement believes it can circumvent the rules of evidence by outsourcing police work to universities. If academia uses ‘research’ as a stalking horse for privacy invasion, the entire enterprise of security research will fall into disrepute,” Dingledine writes. “We teach law enforcement agents that they can use Tor to do their investigations ethically, and we support such use of Tor–but the mere veneer of a law enforcement investigation cannot justify wholesale invasion of people’s privacy, and certainly cannot give it the color of ‘legitimate research.'”
“Whatever academic security research should be in the 21st century,” he concludes, “it certainly does not include ‘experiments’ for pay that indiscriminately endanger strangers without their knowledge or consent.”