Tor has always been loved by those who seek to hide their location, protect information about their browsing habits and fight for their anonymity. However, if you have been using this program from February 2014 to July 4, you should be concerned because it has been announced that Tor software was probably deanonymizing its users during this time. According to blog.torproject.org, it did that because of a “relay early” traffic confirmation attack. It is believed that this attack was initiated by two university researchers who had been preparing a talk at the Black Hat conference in Las Vegas next week. However, it hasn’t been confirmed yet.
It seems that this attack was combined of two different classes of attacks: a traffic confirmation attack and a Sybil attack. However, what harm has really been made is still unknown. For avoiding problems related to privacy, Tor users should upgrade their software to the most recent version. This should help them reduce the damage from future attacks like this one. In addition, hidden service operators should think about changing location of their hidden service.
Final notes: There are lots of military, law enforcement and other government agencies that are interested in masking their browsing and use Tor software. In addition, lots of illegal businesses, such as drugs dealers and similar, use Tor for hiding themselves. That’s why there is no surprise that someone is trying to unmask these users. Russia’s Government has recently announced that it will give a grand-prize of $110,000 for any Russian hacker that’s able to crack Tor.