;tldr Tor is fine as long as you are keeping it, and related tools up-to-date. Dude de-anonymized as using an old tool with known vulnerabilities fixed in later versions
Important embedded link from Tor about the attack and actions going forward:
Wow what a crappy article, the blog post should be what is posted instead. Not even a mention of out of date software in the article. This is clearly not a Tor issue.
2 things:
- This seems to be a specific attack for their IM protocol if the entry node was compromised, and could be placed nearby the client. To make this much easier, you’d want to compromise both the entry and exit nodes (in this case exit node is TOR native, so it’s more like internal node).
This has never been unknown, this is one of the fundamental attack vectors against TOR, the IM protocol seemed to make correlation easier due to its real time nature.
They added a protection layer called Vanguard, to ensure the internal exit nodes were fixed to reduce the likelihood that you could track a circuit with a small number of compromised internal exit nodes. This seems like it would help due to reducing likelihood of sampling.
- TOR has always been vulnerable, the issue is the resources needed are large, and specifically, the more competition for compromising nodes the more secure it is. Basically now the NSA is probably able to compromise most connections, and they wouldn’t announce this and risk their intelligence advantage unless there was an extremely valuable reason. They definitely wouldn’t do so because a drug dealer was trying to make a sale. Telling normal law enforcement basically ends their advantage, so they won’t.
Other state actors might try, but they’re not in the same league in terms of resources, IIRC there are a LOT of exit nodes in Virginia.
tl;dr - The protocol is mostly safe, it doesn’t matter if people try to compromise it, the nature of TOR means multiple parties trying to compromise nodes make the network more secure as each faction hides a portion of data from the others, and only by sharing can the network be truly broken. Good luck with that.