Surprise! Tor Privacy Technology Mainly Helps Botnets

According to the MIT Technology Review, a short-lived security flaw in the anonymousTor network allowed researchersOnion-layers to analyze and categorize the traffic that Tor was protecting.  The results weren’t pretty:

The Tor network is an online service that allows users to surf the web anonymously. Its main benefit is to reduce the chances of network surveillance discovering a user’s location or web usage. For that reason it is championed as an important tool for promoting free speech and protecting personal privacy, especially for people under authoritarian regimes such as that in China.

However, Tor is also often criticised for carrying illegal, shady or controversial content such as pornography and “Silk Road” traffic for illegal goods. So an interesting question is what kind of traffic prevails?

Today, we get an answer thanks to the work of Alex Biryukov, Ivan Pustogarov and Ralf-Philipp Weinmann at the University of Luxembourg. And the results are not as eye-sparklingly freedom-protecting as you might imagine.

These guys conclude that the Tor network is dominated by botnet traffic and that much of the rest is adult content and traffic related to black market and illegal goods.

First up, if Tor is so anonymous, how did these guys get their data? It turns out that until recently, the Tor protocol contained a flaw that allowed anybody in the know to track users back to their origin.

This flaw was actually discovered by Biryukov, Pustogarov and Weinmann earlier this year and immediately corrected by Tor. However, before the flaw became public, these guys took the opportunity to analyse Tor traffic to see where it came from and what it contained.

Of the top twenty most popular Tor addresses, eleven are command and control centres for botnets, including all of the top five. Of the rest, five carry adult content, one is for Bitcoin mining and one is the Silk Road marketplace. Two could not be classified.

The FreedomHosting address is only the 27th most popular address while DuckDuckGo is the 157th most popular, according to this analysis.

PHOTO credit: Will Swan