Is Tor still safe after Germany’s ‘timing attack?’ Answer: It’s complicated…
New theories have emerged about how German authorities cracked the anonymity of a darknet criminal website admin in 2021, exposing a major vulnerability in Tor’s privacy network. While authorities haven’t released their secrets on how this was conducted, a September 2024 report speculates that they used timing analysis and compromised servers to successfully trace the IP of “Andres G,” the alleged operator of “Boystown,” a darknet site for child pornography.
Tor itself admits that it is unaware of the exact method but suspects the German authorities’ operation leveraged an outdated chat messenger called Ricochet that the arrested criminal was using.
In a response to German media reports, Tor said in a blog post that users can continue using their browser to access the web “securely and anonymously.”
…
Tor’s privacy features become stronger if its nodes are decentralized around the world. Currently, a big chunk of Tor’s relays are in Germany. Germany leads all nations in the number of relays.
…
Experts speaking to Cointelegraph agreed that it is still safe for general users, but advances in technology are keeping darknet criminals on their toes.
Privacy is such an interesting topic [and] we have advocates for it in mainstream industry and government, and then detractors who see privacy in Web3 as uniquely designed for bad actors,” Loud said.
