Written by: B.M.

In an attempt to secure the privacy and personal freedom of internet users, which should be the right of any user, TOR project was run voluntarily to provide anonymous online browsing under the name of Tor anonymity online.  Tor has even aimed to keep the privacy of users’ relations whether personal or business and to enable access to websites which are censored by the government.

Although the intention of this project was to protect internet users, recently, TOR administrators have confirmed an attack on its services for online anonymity, in July 2014, with one victim in mind: internet users. Those attacks has made their point in de-anonymizing Tor users.

Arguments were raised regarding the identity of the attackers, however, the research done by Alexander Volynkin and Michael McCord was a main suspect. That is because they were supposed to have a talk entitled: ‘Attacking Tor and de-anonymizing’ at Black Hat Conference but it was cancelled for unclear reasons. This could have had serious issues regarding the ethics of academic research if it was to be proved. As they researchers have neither asked for the consent of the users nor can tell the consequences of the release.

Surprisingly, the second suspect is the Russian Government. It apparently did offer 114,000 US Dollars for anyone who can break Tor anonymity, where the FBI and the US government usually are a common suspect with high interest in the matter.

Regardless of the current confusion of the attacker’s identity, Tor stated that users from Jan 2014 to Jun 2014 could have been highly ‘affected’ by such attacks without specific details about to what extent the ‘effect’ could have been .

The flaw in Tor and other similar systems was thought to be in the I2P software in which the relays can know the IP address of the user and the destination of the hidden service of Tor, thus, de-anonymize the users’ activities.

To solve the problem, users are greatly recommended to upgrade to 0.2.2.23 or 0.2.5.6-alpha release of Tor as the team was able to remove all the possible wicked relays. Finally, Tor users can enjoy the secure private browsing again, at least for a while.

Links: Hide your identity from your internet provider & government and surf anonymously

______________________________________________________________________________

References:

http://thehackernews.com/2014/07/attackers-compromise-tor-network-to-de.html

https://www.torproject.org/

http://www.idigitaltimes.com/articles/24097/20140730/tor-attack-revealed-anonymous-users-identities-who.htm

Written by: Anonymous Watcher

“No U.S troops or combat missions have been compromised due to the intrusion,” is the formal line held by an anonymous U.S official who wished not to be identified.

The intrusion referred to occurred in 2009 when Iranian-backed Shiite militants hacked into a U.S military feed with the use of a software program available to the mass-market. It enabled them to view live feeds of U.S “predator drones” that monitored Irag targets.

In light of this incident, it has also been discovered that UAV (Unmanned Aerial Vehicle) feeds had also been hacked in Afghanistan, though CNN reported that the militants were able to gain control of the aircraft. Pentagon spokesman, Bryan Whitman refused to comment on the situation of how the tools were gained to hack into the system. Instead, he offered that “…the department constantly evaluates and seeks to improve both the performance as well as the security of various intelligence, surveillance, and reconnaissance systems and platforms,” Whitman said. “If and when we identify any shortfalls we obviously correct them as a continuous process of seeking both improved capabilities as well as improved security.”

The software at the time was said to be responsible for this is called SkyGrabber, an inexpensive program downloadable from the internet that permits users to expose weaknesses in unprotected communication links in some UAV’s. [1]

However, it seems in the current climate, the situation is yet to be rectified in recent years.

In 2013 it was reported to U.S. Intelligence Agencies that Pakistani Taliban attempts to “hack” UAVs via the acquisition of technical expertise were occurring. It was this, that experts at Texas University claimed, that once hacked, live feeds are intercepted, leading to frequencies obstructed and ultimate control of the UAV. “Input suggests that Iraq Mujahideen had passed on the details of UAVs design and vulnerable features prone to exploitation to Taliban operatives. Security agencies were forewarned about the Taliban’s move to recruit cadre drawn from Al-qaeda technical unit to target UAVs,” an official stated. [2]

According to the Recommendations and Report of the Task Force on US Drone Policy, there is a “Slippery Slope” that the U.S government must be made aware of. Released in June 2014, this document outlines the use of UAV during battle, and potential consequences. “The increasing use of lethal UAVs may create a slippery slope leading to continual or wider wars…[leading to] adversarial states may be quicker to use force against American UAVs than against US manned aircraft or military personnel.” The document goes on to outline the use of UAV strikes leading to an “increased instability” and “widening conflicts in regions around the globe.” [3]

So, why place such a strong focus on the UAV? In Michael Boyle’s study, the costs and consequences of drone warfare, 2013, he presents the argument that the Obama administration launched more drone strikes (284) between 2009 and 2012, than the Bush administration (46 strikes) by comparison in 2004 and 2008. It is in this retrospect that he suggests why the UAV is considered to be a target by insurgents. As he quotes Faisal Shahzad telling a judge, ‘Well, the drone hits in Afghanistan and Iraq, they don’t see children, they don’t see anybody. They kill women, children, they kill everybody. It’s a war and in war, they kill people…” [4]

__________________________________________________________________________________________________________________________________________________________________

[1]Mike Mount and Elaine Quiiano (18 December 2009) “Iraqi insurgents hacked Predator drone feeds, U.S. official indicates.” CNN. (Retrieved 1 August 2014)http://edition.cnn.com/2009/US/12/17/drone.video.hacked/

[2] Yatish Yadav (25 July 2013) “UAVs Prone to Hacking, Warn Intel Agencies.” New Delhi, The Indian Times. (Retrieved 2 August 2014) http://www.newindianexpress.com/nation/UAVs-prone-to-hacking-warn-intel-agencies/2013/07/25/article1700651.ece?pageToolsFontSize=70%25

[3] Stimson; Task Force Co-Chairs Gen. John P. Abizaid (US Army, Ret.) & Rosa Brooks (2014) “Recommendations and Report of the Task Force on US Drone Policy.” (Retrieved 1 August 2014)

[4] MJ Boyle (2013) cited in “The Costs and Consequences of Drone Warfare.” (Retrieved 3 August 2014.)

http://bit.ly/1Arlzu5

FOR MORE DATA ON UAV, GO TO: http://securitydata.newamerica.net/drones/pakistan/analysis