https://netzpolitik.org/2017/secret-documents-reveal-german-foreign-spy-agen... https://netzpolitik.org/2017/geheime-dokumente-der-bnd-hat-das-anonymisierun... https://www.reddit.com/r/TOR/comments/71cxy2/secret_documents_reveal_german_... https://www.freehaven.net/anonbib/cache/SS03.ps https://www.freehaven.net/anonbib/cache/timing-fc2004.pdf https://www.freehaven.net/anonbib/cache/murdoch-pet2007.pdf http://www.spiegel.de/media/media-35540.pdf http://www.spiegel.de/media/media-35541.pdf http://www.spiegel.de/media/media-35543.pdf http://www.spiegel.de/media/media-35538.pdf http://www.spiegel.de/media/media-35540.pdf https://assets.documentcloud.org/documents/801433/doc1-1.pdf https://assets.documentcloud.org/documents/1342115/timeline-correlation-jere... https://edwardsnowden.com/wp-content/uploads/2014/04/2009-sigdev-conference.... A global passive adversary Like all low-latency anonymity systems used in practice, Tor cannot protect against „a global passive adversary“. This is defined in the design document. The software documentation warns: „If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.“ The goal of NSA’s and GCHQ’s internet surveillance is to achieve exactly that. A number of researchers have demonstrated this attack in practice, either by simply counting transmitted packets, by analyzing time windows, or correlation attacks with only a fraction of traffic. All this research is public. The spy agencies followed this research, used it for their own purpose and turned theoretical vulnerabilities into real-world surveillance systems. Very high level of surveillance One and a half years later, the BND warned German federal agencies not to use Tor. The hacker unit „IT operations“ entitled its report: „The anonymity service Tor does not guarantee anonymity on the internet“. The six-page paper was sent to the chancellery, ministries, secret services, the military and police agencies on 2 September 2010. According to the executive summary, Tor is „unsuitable“ for three scenarios: „obfuscating activities on the internet“, „circumventing censorship measures“ and „computer network operations for intelligence services“ – spy agency hacking. The BND assumes „a very high level of surveillance within the network“