Apparently, the NSA has been watching some networks to try to build up their user profile data. The government agency has been targeting the Tor anonymising system to spy on its users.
The German public broadcaster, ARD, has said two Tor servers in Germany were keenly being watched by the US agency. ARD was citing information given by official sources, when they said almost anyone searching for Tor or installing it might be watched by the NSA.
A Tor network is pretty much as secretive as you can get on the Internet and therefore is a haven for unsavoury characters. Tor hides a users’ location and identity. It does this by randomly bouncing data throughout a number of the machines, which make up the network. The users’ data is encrypted during the transfer, to better conceal exactly who is visiting what.
Information that has been passed to ARD suggests the National Security Agency has tapped into traffic, both to and from, two German directory servers that are used by Tor to capture the IP addresses of users who have visited it. The data passing in and out of these servers was susceptible because it was unencrypted. The addresses the NSA captured were monitored via an analysis system that they developed called XKeyscore, said ARD.
A spokeswoman for the NSA told news site Ars Technica; “XKeyscore is an analytic tool that is used as a part of NSA’s lawful foreign signals intelligence collection system…Such tools have stringent oversight and compliance mechanisms built in at several levels….All of NSA’s operations are conducted in strict accordance with the rule of law,” she said.
XKeyscore works by snooping on data that is passing through the minority exchanges around the world where data jumps from one ISP to another. The data grabbed from these sources was then used to build up a user profile of the web browsing habits associated with those IP addresses.
As always, if you would like to leave a sensible comment, then please do so in the comments section below.
[Image via:thehackernews]