Cryptography vs. Cryptanalysis: Black Hat Talk on Hacking Tor Pulled from Conference

Historians of cryptology often describe the development of the discipline of "secret writing" in terms of a dialectic between cryptography and cryptanalysis, that is, between code makers and code breakers.  Cryptographers seek to create ever more indecipherable encryption schemes and cryptanalysts seek to break them.  An article on the cancellation of a Black Hat conference talk on the Tor privacy service from Reuters provides us with an interesting glimpse of how this tension is currently playing out among hackers and security researchers within the US government.  From Reuters, on the cancelled talk:

A highly anticipated talk on how to identify users of the Internet privacy service Tor was withdrawn from the upcoming Black Hat security conference, a spokeswoman for the event said on Monday.

The talk was canceled at the request of attorneys for Carnegie Mellon University in Pittsburgh, where the speakers work as researchers, the spokeswoman, Meredith Corley, told Reuters . . . a Carnegie Mellon attorney informed Black Hat that one of the speakers could not give the Tor talk because the materials he would discuss have not been approved for public release by the university or the Software Engineering Institute (SEI). . . .

Its abstract, titled "You don't have to be the NSA to Break Tor: De-Anonymizing Users on a Budget," had attracted attention within the security and privacy communities. The abstract had been published on Black Hat's website but has since been removed.
While the media often identify Tor as the preferred browser of child pornographers, criminal cartels and terrorist groups they often fail to note that it was actually originally developed by US government researchers. Or perhaps their implication is that the US government naturally falls under one of those umbrella terms? Whatever the case may be in that regard, the Reuters article hints at the state of the arms race between US government cryptographers and cryptanalysts. Another excerpt:
The U.S. government funded the creation and much of the operation of Tor as a communications tool for dissidents in repressive countries. But Tor has frustrated the U.S. National Security Agency for years, according to documents released by former agency contractor Edward Snowden.
That revelation has helped increase adoption by those seeking privacy for political reasons, as well as criminals, researchers say. 
Some criminal suspects on Tor have been unmasked by the U.S. Federal Bureau of Investigation and other law enforcement or intelligence agencies using a variety of techniques, including tampering with software often used alongside Tor.

Check out the EFF for more information on Tor.

3 comments:

  1. If you are interested in spying software, cyber security and all the related topics, you should view this spy-related blog http://spying.ninja/spy-snapchat/

    ReplyDelete
  2. 📁ARE YOU IN NEED OF A PROFESSIONAL HACKER?(CATCHING A CHEATING SPOUSE, RECOVERY OF LOST FUNDS, WEBSITE HACK...)
    High prolific information and Priviledges comes rare as i would be sharing with you magnificent insight you wish you heard years before now. As it's been understood that what people don't see, they will never know. This post is definitely for those who are willing to turn their lives around for the better, either financial-wise, relationship-wise or businesses.
    Welcome to the Global KOS hacking agency where every request on hacking related issues are met within a short period of time.
    If your shoe fits in any of the required services below, you will be assigned to a designated professional hacker who is systematically known for operating on a dark web V-link protocol.
    The manual Operation of this hackers is to potentially deploy a distinguished hacking techniques to penetrating computers and various type of database system to meet your request.
    Penetration of computing systems are achieved using core software tools like Ransomeware, SQL/Keylogger injection. botnet, trojan and DDOS attacks.
    Providing value added services to clients as a hacker has been our sustaining goal.
    Are you faced with cyber challenges like
    💰Recovery of lost funds:✅It saddens our mind when client expresses annoyance or dissatisfaction of unethical behaviours of scammers. We have striven to make tenacious efforts to help those who are victims of this flees get off their traumatic feeling of loss. The cyber security technique used to retrieving back the victims stolen funds is the application of a diverse intercall XX breacher software enables you track the data location of a scammer. Extracting every informations on the con database, every requested information required by the Global KOS would be used to tracking every transaction, time and location of the scammer using this systematic courier tracking base method.
    📲 Hacking into the mobile phone of a cheating spouse.✅ This type of hack helps you track every movement of your cheater as we are bent on helping you gain full remote access into the cheater's mobile phone using a Trojan breach cracking system to penetrate their social media platforms like Facebook, whatsapp, snapchat etc. This spy processing is used via an HDSI folder which synchronizes the target mobile operating system into a clone S-Drive unit.
    💳Credit Score Upgrade:✅Due to our transformed changes on Equifax tracking , upgrading of credit score are backed by our cyber tech breaching licence, This hacking process drastically generates you an undestructive higher credit score which correlates to a higher level of creditworthiness. The time frame for upgrading a credit score requires eighteen(18) hours
    🅱️ BITCOIN GENERATOR:✅ (Higher job profile). This involves using the ANTPOOL Sysytem drifting a specialized hardware and software implementing tool in slot even-algorithms to incentivize more coins into your wallet which in turn generates more coins exponentially like a dream at specified intervals.
    The company is large enough to provide comprehensive range of services such as.
    • Email hacks📲
    • Hacking of websites.📲
    • Uber free payment hacks.📲
    • website hack.📲
    Our strength is based on the ability to help you fix cyber problems by bringing together active cyber hacking professionals in the GlobalkOS to work with.
    Contact:
    ✉️Email: clarksoncoleman(at)gmail • com.
    Theglobalkos(at)gmail •com.
    ©Global KOS™
    2030.•

    ReplyDelete