Blackhat talk on cracking TOR cancelled

An intriguing presentation on how the privacy of users on TOR, the popular internet anonymity service, can be compromised has been cancelled.

The event, which was due to be held at the Black Hat security conference, was cancelled at the request of attorneys for the Carnegie Mellon University where the speakers worked as researchers.

Entitled "You don't have to be the NSA to Break Tor: De-Anonymizing Users on a Budget", the abstract alluded to the use of techniques other than brute force to crack TOR.

The paper's abstract, which has since been removed from the Black Hat website, suggests that, give a budget of a few thousand dollars, "a determined adversary could de-anonymize hundreds of thousands Tor clients and thousands of hidden services within a couple of months".

TOR rose to stardom because it allowed anyone (including criminals) to circumvent surveillance and tracking systems put in place by third parties for free.

The Sorftware Engineering Institute, where the research was carried out, is funded by the US Defense Department and is responsible for the Computer Emergency Response Team, otherwise known as CERT.

There are still dozens of other events and presentations on how to exploit vulnerabilities in existing applications such as Windows, Android, Cisco Energywise and even Google's Nest smart thermostat.