Welcome to a special post on the Tor Project's recently announced planned upgrades to the security and privacy of Tor. We will take a closer look at the implications of these pending upgrades - and who they may potentially affect (including us here at OWL Cybersecurity).
TOR Project Upgrades
When Wired reported that the Tor Project was planning a series of security upgrades two weeks ago, the internet quickly took notice. The cybersecurity industry has since been attempting to determine how any measures taken to further obfuscate (or "harden") Tor's darknet websites will impact individual users, cybersecurity firms, and the darknet as a whole.
Here at OWL Cybersecurity, for example, a portion of the data that OWL Vision (our darknet scraping tool and search platform) collects comes directly from Tor. So, it makes sense that we've started hearing from customers and associates who have heard about the proposed changes to Tor, and want to know what these increased measures of security- intended in part to make it more difficult for tools like OWL Vision to scrape- will mean for us.
Will this impact our platform's capabilities? Will we have less data? More? How does this impact the usage of Tor? What are our plans?
Our team is well aware of the hardening of Tor and is actively preparing for it. Behind our technology is an agile team of engineers and intelligence analysts who are adept at being flexible with the changes we face working in the ever-shifting realm that is information security.
As such, we've taken a look at a couple of potential outcomes of these recent proposals from the Tor Project, which are set to "go live sometime later this year." The measures that Tor plans on taking are:
- Hidden services will no longer declare .onion addresses to hidden service directories; instead, they'll derive a cryptographic key from that address, which will be given to the hidden service directories.
- Hidden services will switch to ED-25519 elliptic curve keys, which are shorter but more difficult to decrypt.
- Hidden service directory URLs will grow from 16 to 50 characters in length.
Our Core Approach
The OWL Vision platform has mature and sophisticated methodologies for finding hidden services that do not rely on the privacy variables Tor plans on updating.
While finding these services after the proposed hardening of Tor will indeed be slightly more challenging, our core approach will remain applicable, and we are very confident that this approach will outshine the competition in our space. Nor will this hardening affect our ability to scrape hidden services once we have discovered the addresses.
In some cases, scraping content may actually become easier as some hidden services relax their requirements under the assumption that Tor itself has become more secure.
Furthermore, while some hidden services (such as the larger darknet marketplaces) will move quickly to implement the proposed standards, many hidden services are likely to upgrade in a less timely manner. During this transition period, we will be able to collect both "old" hidden services and "new" hidden services. And, our historical archive of Tor material will continue to remain available to our clients.
Sites Want to Find Customers
We also believe that no matter what encryption is applied, many of Tor's darknet sits actually want to be discovered. Even if the majority of sites did want to limit their exposure to a specific subset of target users, this is more easily said than done.
For example, many of the darknet marketplaces (AlphaBay, Hansa, etc.) have spent a significant amount of time on not only obtaining a vanity URL but then also on sharing that URL, marketing and advertising themselves across both the darknet and the surface web and gaining customers.
While these marketplaces no doubt would prefer to keep themselves hidden to all but their target prospects or customers, this targeted marketing or advertising is difficult and often results in more widespread visibility. Sites will need to quickly establish transition plans as they presumably will not want to lose these customers they've worked so hard to attract.
More Users, More data
Overall, we're viewing these proposed changes as positive. They will continue to make Tor an attractive and viable place on the darknet for those seeking anonymity, for good or for bad.
In fact, we predict that Tor's announcement will actually draw in more users, as the platform will be viewed as more secure.
We look forward to seeing increase security and privacy around Tor and will continue to monitor the Tor Project's implementation of these upgrades.
Curious about something you've read on our blog? Want to learn more? Please reach out - we're more than happy to have a conversation.