All those posts are worth reading, but my favourite is the one by Bruce Schneier explaining how the NSA has attacked Tor users through browser exploits – including native vulnerabilities in the versions of Firefox included in the Tor browser bundle (note to self, maybe opera was a good choice after all).
In the article, Schneier describes the “FoxAcid” CNE system used to attack a target’s browser. He explains that, whilst the FoxAcid server is publicly accessible, it would appear completely innocuous to casual visitors unless a specifically crafted URL, called a FoxAxcid tag, were used, whereupon the server would attempt an attack on the visiting browser as a precursor to a complete compromise of the end user system. Schneier went on to explain that the NSA would use a variety of methods to get a target to use a FoxAcid tag and then helpfully included an actual example as an active link. Way to go Bruce. (That link has since been removed, but it was certainly active last night, I know – and so do most people who read the tor-relays list). That is a pretty good social engineering attack. Note to NSA. If you want to know whether I use Tor, it is easy, just read this blog.
[The comments at the end of Schneier’s article contain this gem:
“This article by Bruce Schneier is the main reason that I have never used the internet.”
How does that work then?]