The plot has either thickened or thinned back out in the quest to discover who’s been hacking into the anonymous TOR network through a security vulnerability in Firefox. After claiming on Monday that it was the NSA, a team of security researchers now admit that they were, in fact, probably totally wrong.
In a post on Cryptocloud's discussion forum, the team of researchers admitted that the Domain Name System (DNS) and American Registry for Internet Numbers (ARIN) data proving the NSA connection wasn't as sound as they'd hoped. They'd actually used an old and inaccurate method for identifying ownership of the "torsploit IP addresses" and appear to have read the report wrong. This realisation came after their original interpretation of the data had been called into question by several people including Wired's Kevin Poulsen.
There's a chance that the link they drew from the data to defence contractor SAIC was actually on track. There's only one problem with that: SAIC does work for all kinds of government agencies, not just the NSA. One of those agencies is actually the FBI who were originally identified (by Poulsen actually) as a likely culprit in the TOR exploit. Either way, none of this will give anonymity back to the TOR users who were effectively doxed. And it's certainly not going to restore TOR's trust in Windows whom they more or less blamed for the whole affair. [Ars Technica]