Yes, Federal Agents Can Identify Anonymous Tor Users, Because Most People Don't Know How To Be Anonymous

from the well,-duh dept

Thu, Apr 3rd 2014 10:51am — Mike Masnick

For many, many years now, we keep hearing law enforcement whine about the "threats" of anonymity and how people would be able to get away with all sorts of criminal activity if they weren't given the ability to track, monitor and tap pretty much every communications technology that has come along. A decade ago the fear was that free and open WiFi was going to be a major boon to criminals who could use it "with no trace." As we pointed out, however, nothing about using an anonymous connection like that means you won't get caught, because criminals have to do a lot of things, many of which will expose them in other ways, without having to tap and track every technological interaction. What's known as good old-fashioned detective work can often track down criminals who used tools to be anonymous -- and for years, we've pointed out many, many, many examples of this.

More recently, law enforcement's concern has been about Tor (which is slightly ironic, given that Tor was created and funded by the US government). The Snowden revelations have shown that, try as they might, the NSA has not had much luck in compromising Tor, and Snowden himself has noted that properly used encryption mostly works.

A recent Wall Street Journal article notes that law enforcement is slowly realizing that perhaps Tor isn't a parade of horribles that must be encumbered with backdoors for wiretapping... after realizing that most criminals more or less reveal themselves by doing something stupid along the way anyway.

But officials are becoming more confident that Tor's shield of anonymity isn't impenetrable.

"There's not a magic way to trace people [through Tor], so we typically capitalize on human error, looking for whatever clues people leave in their wake," said James Kilpatrick, one of the HSI agents who is part of Operation Round Table, a continuing investigation into a Tor-based child-pornography site that has so far resulted in 25 arrests and the identification of more than 250 victims, all children.

This is a good thing. We should want law enforcement to be able to track down criminals -- and it's good to see that they're figuring out ways to do so. But it's important that they should need to do so via basic detective work, rather than by compromising important technology, creating security flaws and opening up all sorts of dangerous unintended consequences.

As with all kinds of new technologies, anonymizing technologies seem to create something of a moral panic among law enforcement types, who then insist those technologies need to be "broken" and backdoored or else criminals could somehow get away with everything. But that's silly. Sooner or later most criminals do other things that reveal who they are, opening them up to investigation and potential indictment, arrest, trial etc.

One hopes that as this realization becomes more widespread, law enforcement and intelligence agencies will finally pull back from constantly trying to expand wiretapping laws that will break important innovations and technologies, but perhaps that's being too optimistic.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: anonymity, criminals, detective work, tor

46 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ninja (profile), 3 Apr 2014 @ 5:45am

This is an interesting article. It highlights why mass surveillance is not needed (ie: mainly plain investigative efforts are needed to get the errors) and that humans will err at some point. Driving is a good example. When you just learned you'll be very cautious paying a lot of attention to everything. As you get used to it you'll take more risks and drive less carefully resulting in higher chances of accidents. I first caused an accident over 5 years after I got my license. A type of accident I wouldn't have caused on my early driver years because I would have waited before trying to go through.
[ link to this | view in chronology ]
- ChurchHatesTucker (profile), 3 Apr 2014 @ 11:10am
  
  Re:
  But kind of depressing when you think of the activists et al. that TOR was designed for.
  [ link to this | view in chronology ]
  - Ninja (profile), 3 Apr 2014 @ 11:25am
    
    Re: Re:
    The activists actually suffer from the very same problem the criminals do. If Governments put investigative effort they will get to any of those guys given enough time. My father-in-law used to run a "rogue" newspaper during dictatorship here. He ran it for years but every once in a while they needed more help in different ways. Once he met a guy that seemed to be very engaged and worked diligently for the cause. With time this guy earned more trust and ended up going up the ranks. Turns out he was a spy and my father-in-law got tortured because of him. A friend of his got involved with a girl that was actually loyal to the cause till the point they broke up. She denounced the whole thing and got a few people killed. Because of a break up. And you know, mass surveillance still wouldn't do a thing for these people.
    [ link to this | view in chronology ]
  - Anonymous Coward, 3 Apr 2014 @ 11:27am
    
    Re: Re:
    If you are being watched, the problem is getting on line, and some states will take use of VPNs, TOR or other encryption as evidence of anti-state activity. The problem activists have is getting material out without the act of getting it out being detected, rather than protecting the contents.
    [ link to this | view in chronology ]
    - Avenger, 10 Jun 2019 @ 4:38pm
      
      Re: Re: Re:
      Same applies to auto-blacklisting of people in the UK, under our disgusting mass surveillance laws. Designed to keep the oppressed in their place, NOT to prevent terrorism. Since Omagh at the very least, they've allowed certain atrocities to take place every so often, in order to fan the flames of fear. So they can take people's rights. They might even set-up the terrorism themselves from scratch, or at least encourage patsies, useful idiots and fanatics. Fast-forward to 2017 and the security services KNEW about the London Bridge stabber terrorists well in advance. Now it might be unfair to blame them due to (as they would claim) lack of manpower to pay attention to just another person on their list... but two factors show the mass surveillance justification to be a lie: One - the intel was gathered through HUMINT (Human Intelligence - the guy was a fanatic and a member of the community snitched on him as such but in terms of being ready to act on it, not just a big mouth, pretty basic stuff). Two: even WITH the help of that HUMINT, their massive surveillance powers did not (whether by accident or cynics might say WILFUL ignorance) prevent the London Bridge terror attacks.
      Incidentally, there was controversy as to why Paramedics didn't approach victims they could have saved, and who ended-up dead as a result of waiting HOURS for first aid. They claim to have been following procotol, but what if protocol can be tweaked on occasion to allow for greater headline loss of life? It sure would look just like this phenomenon. If your job (and passion) is helping people, AND the attackers are not putting dangerous chemicals around, thus the danger is SMALL, THEN you rush in and keep people alive, by ANY means necessary, even risking yourself, that's the proper version of the job. Of course, if you employ WOMEN, that kind of bravery is considerably less likely (with all due respect to the courage of both sexes in many tough situations in that job where it obviously DOES happen).
      
      Oh and the comment re: Breaking Bad's plot - put #spoiler next time, but yes, you're BANG on point about idiot-brained cops, who can be intelligent in a technical sense, brave and virtuous - but so brainwashed it's disgusting.
      [ link to this | view in chronology ]
  - woodworker2021, 14 Nov 2021 @ 7:13pm
    
    Re: Re:
    TOR is compromised in the same way PGP was compromised when they put a back door in PGP. The political activists in places where there needed to be political activists have been sucked into using tools that are completely owned and hacked by the governments of the world. You don't believe for a minute, for instance, that the NIST approved Rijndael as the "Advanced Encryption System" because the US government was NOT able to crack it, do you?
    [ link to this | view in chronology ]
Anonymous Coward, 3 Apr 2014 @ 11:00am

Still wont change anything...
The epitome of catching the bad guy in the average zealous law enforcement's eye is that they need to have carte blanche in whatever they do. Rights and liberty be DAMNED!

If you are innocent you have nothing to hide, right?
[ link to this | view in chronology ]
- Anonymous Coward, 3 Apr 2014 @ 12:54pm
  
  Re: Still wont change anything...
  America was shown what good people do when the law allows their job to be above the law : Hank Schraeder. Noble cause, perhaps, yet it seems that in the USA, extralegal manners to get at people your government says do illegal things or simply don't like is usual business.
  
  That's obviously not how it should be. I'm glad we have a more powerful piece of paper than the Bill Of Rights in Canada, the Charter On Human Freedoms is a much more recent document.
  
  Too bad the CONservative Harperians are doing everything they can to corrupt it. A recent example is them trying to make criticism of Israel, antisemitism, which is illegal in Canada.
  
  Yep, that's the part where I say, we might be less fucked up, but we don't have any first amendment.
  [ link to this | view in chronology ]
  - Anonymous Coward, 4 Oct 2015 @ 7:51am
    
    Re: Re: Still wont change anything...
    As a Breaking Bad fan, yep, Hank is not a hero either, the PTSD his job gave him, a job that shouldn't even exist and which thrives on breaking the law.
    
    But he was just a confused good person, because he views Walt as a betrayer of the law of family...the opposite is true, it's Walt who after looking at Hank alone in his hospital bed who kind of inadvertently offered to pay the bills for Hank when asking Marie if they (he and Skyler) can do anything at all. Then Skyler picks up with her gambling lie.
    
    Somehow I don't see Hank in Walt's position care enough to shell out some money because he does/did something he didn't like. Walt didn't like the ways of the DEA but still volunteered to save Hank and totally lost what was left of him when he was shot in front of him. The jingoistic culture he was raised in through the DEA makes him unable to count somebody as a human being when they're not the way he thinks they should be. It's a common trait of narcissists, yet Hank after getting shot changed for the better until Walt had that idiotic drunken rant about how Gale isn't a genius and his guy is still out there. That made him want to chase cockroaches again...what LEO's mostly think of their fellow human beings who aren't part of the "good side", which is pretty much the legal gangsters which are called cops.
    [ link to this | view in chronology ]
    - Anonymous Coward, 10 Jun 2019 @ 4:43pm
      
      Re: Re: Re: Still wont change anything...
      Ironic that PTSD is what many people use illegal drugs for in the first place, yet it's the state's business that causes so many of these brave people to be hurt like this. Let alone the child abuse caused by the Banking System's bullying/abuse travelling downhill with kids, the sick and disabled, and old people at the bottom. A pyramid scheme by any other name...
      [ link to this | view in chronology ]
- Anonymous Coward, 30 Sep 2020 @ 7:23pm
  
  Re: Still wont change anything...
  Do you let people watch you shower naked? Why not? Because you feel watched and it invades your right to privacy regardless if you’re doing anything wrong nobody like being constantly watched.
  As people we are entitled to our right to privacy, just because you don’t value your liberties and prefer a borderline communist government doesn’t mean everyone else thinks the same. You don’t have to be a bad person to value your privacy, the only reason you wouldn’t want someone to have privacy is because you’re spying on them.
  [ link to this | view in chronology ]
Anonymous Coward, 3 Apr 2014 @ 11:14am

From the article "Sooner or later most criminals do other things that reveal who they are, opening them up to investigation and potential indictment, arrest, trial etc."

So the question is, how many children have to be exploited, how many people killed, how many terrorist attacks have to happen before we get around to the sooner or later?
[ link to this | view in chronology ]
- Glen, 3 Apr 2014 @ 11:23am
  
  Re:
  Oh....the protect the children argument. That's cute.
  
  Sounds like you are willing to give up your rights so no bad things happen to anyone ever again.
  [ link to this | view in chronology ]
  - You must have something to hide, 14 Mar 2016 @ 10:01am
    
    Re: Re:
    [ link to this | view in chronology ]
- Ninja (profile), 3 Apr 2014 @ 11:31am
  
  Re:
  The question is, how many people should be persecuted, killed, have their freedom stripped, be unfairly prosecuted etc....
  
  Got my point? Are you really willing to sacrifice an entire nation for one or two children that can't get saved because due process is followed, investigative efforts are properly made and privacy is respected? Is that one children worth the risk of another possible Holocaust setting or some bloody dictatorship? I don't think so.
  [ link to this | view in chronology ]
- Mike Masnick (profile), 3 Apr 2014 @ 11:32am
  
  Re:
  So the question is, how many children have to be exploited, how many people killed, how many terrorist attacks have to happen before we get around to the sooner or later?
  
  How many innocent people need to have their lives ruined, privacy destroyed, etc.
  [ link to this | view in chronology ]
- Anonymous Coward, 3 Apr 2014 @ 11:33am
  
  Re:
  250 kids having a bad childhood. If thats the price of internet freedom, then i dont care about those kids.
  [ link to this | view in chronology ]
  - PRMan, 3 Apr 2014 @ 11:48am
    
    Re: Re:
    Oh, I care about them. I am saddened that people victimize others.
    
    But not enough to outweigh some freedoms (ie being spied on 24/7 and having that be used politically against people trying to fix the system).
    [ link to this | view in chronology ]
- Anonymous Coward, 3 Apr 2014 @ 11:53am
  
  Re:
  Zero tolerance policy is a great example of how well the government helps children.
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 May 2016 @ 5:49pm
    
    Re: Re:
    don't forget no child left behing, that screwed everyone over.
    [ link to this | view in chronology ]
- Anonymous Coward, 3 Apr 2014 @ 12:24pm
  
  Re:
  You want answers? You want the truth?
  
  So the question is, how many children have to be exploited
  
  27. But its the same one's over and over.
  
  Say, how's that Franklin Scandal investigation going?
  
  how many terrorist attacks have to happen before we get around to the sooner or later?
  
  3. Unless the "terrorists" are blowers of whistles
  
  Now that you know 27 and a conditional 3 as answers you can move on.
  [ link to this | view in chronology ]
- woodchuck, 3 Apr 2014 @ 2:10pm
  
  Re:
  Well , if everybody was under permanent surveillance, child abuse, crime and terrorism would probably be reduced to a certain degree. But wouldn't it even be better to sent everybody to jail - solitary confinement of course? Like this the problems of child abuse, crime and terrorism could be solved really efficiently.
  [ link to this | view in chronology ]
  - Bill, 3 Apr 2014 @ 3:55pm
    
    Re: Re:
    Oh, let's go one step further! In addition to preventing all crime, we also want to make absolutely sure that nobody is ever hurt at all!
    
    So, instead of traditional solitary confinement, we'll just put everybody in nice, safe, cocoons.
    
    And sedate them, so they won't get bored.
    
    Yes, no measure is too much to ensure total safety!
    [ link to this | view in chronology ]
    - James Jensen (profile), 3 Apr 2014 @ 4:05pm
      
      Re: Re: Re:
      Make sure you sterilize anyone who has to remain outside to monitor. Once the current generation dies off, there will no crime ever again!*
      
      * At least until the descendants of raccoons develop self-awareness.
      [ link to this | view in chronology ]
      - Anonymous, 3 Apr 2014 @ 4:26pm
        
        Re: Re: Re: Re:
        Once the Erudites take over, crime won't be a problem. They'll have the Dauntless eliminate both the divergents and the factionless.
        Oh, wait, they tried something like that already.
        [ link to this | view in chronology ]
        
        Eagerston, 24 Feb 2020 @ 9:57pm
        
        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
        Wish everyone can be identified
        [ link to this | view in chronology ]
    - The Crime Dawg, 3 Apr 2014 @ 6:52pm
      
      Re: Re: Re:
      You obviously don't care about protecting the children. Prisoners might escape from their cells, break into the other prisoners' cells, and harm them. Clearly the only solution-- the final one, if you will-- is to execute everyone. You can neither commit, nor be a victim of, a crime if you're dead.
      [ link to this | view in chronology ]
- MusicCityDawg, 27 Apr 2015 @ 12:48pm
  
  Re:
  How many children have to die in car accidents before we ban cars and alcohol?
  
  How many children have to die due to neglect before we take all children away from their parents and give them to the State?
  [ link to this | view in chronology ]
- ft, 14 Dec 2017 @ 3:36am
  
  Re:
  So you like security more than freedom? Then you deserve neither. And what you fail to understand is that the biggest criminal syndicates and traffickers are those very police orgs.
  [ link to this | view in chronology ]
madasahatter (profile), 3 Apr 2014 @ 11:21am

User Skill
Most users are not really computer literate in the sense they understand what is going on. I would suspect most of the people using TOR do not really understand how TOR works. Nor do many of them care. Like any crytographic system, TOR can easily be defeated by user carelessness. Also, with a relatively large ring in the criminal activity it is very likely a couple of members are either clueless or do not care. Either way, they make simple mistakes that allow others to break the system.
[ link to this | view in chronology ]
- PRMan, 3 Apr 2014 @ 11:47am
  
  Re: User Skill
  Exactly. If ANYTHING on your computer tries to connect to a service at the same time as you are on TOR, they may be able to track you. So, you pretty much would have to boot off a Live CD every time you used TOR, which is a massive pain, that is too cumbersome for most people.
  
  Also, any photo taken needs to have the GPS info stripped. If you forget even once, you're going down. Etc, etc, etc.
  
  Way too many things to think about to get it perfectly right every single time. But that's what it takes to stay anonymous.
  [ link to this | view in chronology ]
  - zolar1, 4 Dec 2014 @ 12:18pm
    
    Re: Re: User Skill
    Not true about other services at the same time as tor.
    
    When you have multiple connections from your computer simultaneously with TOR, it begins to be the needle in a haystack.
    
    It is also irrelevant when it comes to being tracked by the feds.
    
    In fact it is quite easy to hide from them if you know how.
    
    It is the dumb ones who are complacent with their internet use are the ones at risk,
    
    The biggest problem is th government itself.
    It literally has no right to make laws affecting personal behavior.
    
    If you want to see a naked baby picture, then you have that right despite any illegal laws the government passes. If you want to see a naked girl say 17 years, 11 months and 29 days old there is no problem but for the government tyranny against it.
    
    If you want to look at dead bodies, you again have that right.
    
    Jefferson said "I would rather live in dangerous freedom than in peaceful slavery"
    
    Want to be a ghost?
    You do not need tor to do it.
    Just a used laptop, and a few precautions...
    [ link to this | view in chronology ]
Julian Cook, 3 Apr 2014 @ 11:47am

Finally someone gets this right
Finally someone gets it right. Tor is awesome IF YOU KNOW WHAT YOURE DOING.

Tor offers a lot of anonymity but it's critical that you understand how Tor anonymity works. Your traffic is routed through three random hops that strip your info and the weak link in the equation has always been from the last relay to your target site. If you use https everywhere (a great extension from EFF) then you pretty much have all the anonymity you can ask for. Now for some landmines.... You need to be careful about leaving breadcrumb trails. The busting of the Silk Road founder was a failure of the human and not the technology. It's probably best to never do any kind of authentication if you can, or use user names that are similar on Tor and non Tor networks. Also be wary of the browser bundle from Tor. This bundle is the subject of special interest by FBI and they are constantly trying to exploit whatever version of Firefox that it uses and was recently successful. If you want to get on Tor you can always do it the easy way by using a router that has Tor embedded in it. I recommend PAPARouter (http://paparouter.com) because it's inexpensive (less than $100.00), allows you to anonymize several devices at once and best of all it has non U.S. exit nodes hard coded into it . Given all the uproar that other countries are having with U.S. spying, making your last Tor relay outside of the U.S. to your target site is great security and using https would be massive protection. TOR AND HTTPS PAGE https://www.eff.org/pages/tor-and-https FBI exploit using Firefox Bundle http://arstechnica.com/security/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-use rs/
[ link to this | view in chronology ]
- zip, 3 Apr 2014 @ 7:48pm
  
  Re: Finally someone gets this right
  It should be common sense to assume that the most common brand and version of operating system/web browser/anonymity software/etc will be the highest-priority target for exploitation.
  
  If authorities are going to invest a great deal of time and money into cracking an encryption method or underground network, they're naturally going to choose as a target something that delivers the most "bang for the buck" - not something that hardly anyone uses.
  
  The TOR users who got busted failed to understand this basic rule of both espionage and law enforcement -- as well as criminal hacking.
  [ link to this | view in chronology ]
- ivan hawkins, 21 Feb 2016 @ 2:58pm
  
  Re: Finally someone gets this right
  julian cook i know you don't know me, but i've been reading a lot about your Paparouter - would love to buy one if possible. Any help you can give me will be greatly appreciated! (keep trying to contact you at admin@papparouter.com - email can' get through - NSA?) Anyway you can call me on my phone here in hawaii @ 808 312-3436. Probably won't hear from you, but I'm going to keep trying. thanks for your time, Ivan
  [ link to this | view in chronology ]
Anonymous Coward, 3 Apr 2014 @ 11:54am

I'll give up my anonymous and secure communication channels, as soon as governments and corporations around the world give up their anonymous and secure communications too.

Then we can start exposing the real "criminals". I guarantee the crimes exposed in government and corporate communications, will eclipse the crimes in civilian communications.

Until then, I reserve the right to communicate as anonymous and secretive as everyone else.
[ link to this | view in chronology ]
Anonymous, 3 Apr 2014 @ 2:48pm

"...Tor was created and funded by the US government". That should tell you all you need to know.
[ link to this | view in chronology ]
- James Jensen (profile), 3 Apr 2014 @ 2:54pm
  
  Re:
  In this case, it really doesn't. Tor has been designed and implemented in a completely open process. They've dedicated an amazing amount of work to circumventing attempts to block Tor traffic � remember when Iran decided to shut down Tor communication, and it was back up the next day with the new traffic-obfuscation system?
  [ link to this | view in chronology ]
Bill, 3 Apr 2014 @ 3:52pm

A cop once told me that it's a good thing criminals are mostly stupid, because they outnumber the cops pretty badly. But, he said, they ARE mostly stupid.
[ link to this | view in chronology ]
Anonymous Coward, 6 Apr 2014 @ 9:39am

Smart criminals won't get caught.
[ link to this | view in chronology ]
Kevin, 2 Jul 2014 @ 7:40pm

TOR
I know that there is a lot of bad stuff on TOR. I have seen countless news reports about this or that sicko who was caught downloading child porn and it is sad that it even exists. But there must be a lot of people who use it to access their bank accounts and stuff to keep prying eyes away too. I was the victim of Identity theft and found that not only was my computer hacked but someone had found a way to copy the darn MAC address on my PC and was using my Wireless Router. I had even set up WEP key on that thing and still got hacked. So I started using TOR to access my account because it seemed a good way to keep the identity thieves out. Then I found out that there were people on TOR who were selling peoples credit card information. Criminy is there any way to keep these scum bags out? I know that the feds are working on it and I applaud their work but without these safety lines to stay anonymous you are open to all kinds of attacks. It is kind of a double edged sword. So why break TOR to get criminals? It is sad that you can have a tool that is so useful yet so easy to use for criminal activity. Seems a shame. I have been worried that the scum bag that hacked my stuff did something criminal. If they did what the heck do you do if it comes back to your IP address. THAT is scary!
[ link to this | view in chronology ]
Mitch (profile), 4 Aug 2014 @ 8:49am

TOR isn't all bad
The article is clear and well-stated.. I think that law enforcement can do more with observance than penetration of networks and that is absolutely the correct goal. When you develop penetration techniques they get shared and the tables turn every time... Whether or not everyone should be using TOR would be an interesting debate. If it protects consumers from marketers then it might be the right move... TOR can be improved upon as it has an obvious weakness that I think I can see pretty clearly. I think I could make it 1000 times harder to crack but I would never get the job, don't be surprised if they already have.
[ link to this | view in chronology ]
Anonymous Coward, 6 Oct 2014 @ 9:20pm

My childhood was fucked before the internet. It's called neglectful and abusive parenting
[ link to this | view in chronology ]
elite services, 7 Oct 2016 @ 1:17am

HIRE ELITE RUSSAIN SERVICES YOU WONT GET FOUND
We provide a whole bunch of neato services like control the stock exchange fuck the dow jones every day since sept 11 11:11pm well yep were controlling it fuckers you better search that whole fibre line right through wall street way down to the street retards in brooklyn yep we have tech HOMEYS know LUCYF3R IS IN THE HOUSE PRAISE SATAN 7777 AC BAYER PHRMECUTICALS OMEGA HAIL HYDRA
[ link to this | view in chronology ]
Anonymous Coward, 30 Jul 2017 @ 5:22pm

Rules of thumb:
- Install a GNU/Linux distro
- Don't change default settings in Tor Browser
- Change identity for each website and/or subject
[ link to this | view in chronology ]
clinton, 8 Aug 2019 @ 8:21pm

i got away with it.
The FBI showed my staff how to use bleachbit and how to hammer cell phones.
[ link to this | view in chronology ]