Home | TECHNOLOGY | NSA and GCHQ agents 'leak Tor bugs', alleges developer

NSA and GCHQ agents 'leak Tor bugs', alleges developer

NSA

NSA

British and American intelligence agents attempting to hack the "dark web" are being deliberately undermined by colleagues, it has been alleged.

Spies from both countries have been working on finding flaws in Tor, a popular way of anonymously accessing "hidden" sites. But the team behind Tor says other spies are tipping them off, allowing them to quickly fix any vulnerabilities. The agencies declined to comment. The allegations were made in an interview given to the BBC by Andrew Lewman, who is responsible for all the Tor Project's operations. He said leaks had come from both the UK Government Communications Headquarters (GCHQ) and the US National Security Agency (NSA). By fixing these flaws, the project can protect users' anonymity, he said. "There are plenty of people in both organisations who can anonymously leak data to us to say - maybe you should look here, maybe you should look at this to fix this," he said. "And they have."

Mr Lewman is part of a team of software engineers responsible for the Tor Browser - software designed to prevent it being possible to trace users' internet activity. The programs involved also offer access to otherwise hard-to-reach websites, some of which are used for illegal purposes.

The dark web, as it is known, has been used by paedophiles to share child abuse imagery, while online drug marketplaces are also hosted on the hidden sites.

Data people

The Tor Browser is designed to allow people to use the internet anonymously

Mr Lewman said that his organisation received tips from security agency sources on "probably [a] monthly" basis about bugs and design issues that potentially could compromise the service.

However, he acknowledged that because of the way the Tor Project received such information, he could not prove who had sent it.

"It's a hunch," he said. "Obviously we are not going to ask for any details.

"You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don't get to see in most commercial software.

"And the fact that we take a completely anonymous bug report allows them to report to us safely."

He added that he had been told by William Binney, a former NSA official turned whistleblower, that one reason NSA workers might have leaked such information was because many were "upset that they are spying on Americans".

In response, a spokesman from the NSA public affairs office said: "We have nothing for you on this one."

bbc

comments powered by Disqus