Pierluigi Paganini
December 07, 2015
In response to the recent Paris terror attacks, the French government is proposing to forbid and block the use of the Tor anonymity network.
According to an internal document from the Ministry of Interior visioned by journalists at the French newspaper Le Monde. The document includes two proposals of legislation, one around the state of emergency, and the other related to counterterrorism measures.
The French Government is considering to “Forbid free and shared wi-fi connections,” the measures have to be adopted to avoid any abuse of public wi-fi networks. The law enforcement is difficult to track suspects and terrorists who use public wi-fi networks.
The most controversial part of the piece of legislation is related to the ban of the Tor network, the legislation could be presented as early as January 2016.
It Tor the evil’s instrument?
The Tor is the most popular anonymizing network, it is currently maintained by volunteers. The anonymity of its users is ensured by routing the user’s traffic through unpredictable routes within the network of servers it includes, obfuscating the sources of data and masquerading the IP address.
Tor network is accused to be the kingdom of the evil, it hosts darkmarket places where it is possible to acquire any king of illegal product and service, including drugs, child pornography, weapons, and malware.
But we cannot ignore the importance of Tor, it allows journalists, whistleblowers and people who just want to protect their privacy online to avoid the censorship.
The Tor Project, the team that actually maintains the Tor network, did not immediately commented the news.
The Chinese authorities actively blocks connections to the Tor network preventing users from accessing the anonymizing network. The block is possible preventing the access to the public Tor entry nodes, anyway in countries where there is a strict control of the network it is possible to use non-public entry nodes, so-called “bridges,” to avoid the censorship.
Is the French ready to implement the Chinese censorship model? Is it constitutional? It this a good solution to prevent terrorist actions?
Let give a look to the Tor usage in the France in 2015 analyzing the number of direct connected users.
Focusing the analysis in the period before the Paris attacks, it is possible to note an increment of the connection in October.
There could be a number of causes responsible for the increment, including a botnet that used the Tor network to hide its C&C infrastructure. Anyway, in the days just before and after the attacks, there was nothing of strange.
It’s my personal opinion that ban the Tor network is a bad choice, there several options to stay online anonymously, recently we have discussed also the use of applications that could allow terrorists to exchange message hiding their identities.
Regarding the public WiFi, it could be a reasonable measure, but it is quite easy to find a poorly protected WiFi network to abuse. I made an experiment walking in my city, Napoli. I noticed an impressive amount of WiFi network apparently protected, but that use the default setting for their routers. Knowing the model of the router it quite easy to find online the login credentials. This circumstance would not be prevented by the measure proposed by the French Government.
(Security Affairs – Tor, terrorism)
