According to the Tor Project, the FBI paid Carnegie Mellon $1 million to hack Tor, the popular and free underground system of volunteer networks that obfuscate a user’s activity and location. It was previously thought to be unbreakable.
Digging into the Tor Project’s claims, SearchSecurity senior reporter Michael Heller connected with industry cyber security leaders to explore technique, motive and legitimacy of the claims.
Dr. Chase Cunningham, Armor’s head of threat research and development, told Heller that there were many layers to the case — ethical, philosophical and practical.
“Did [Carnegie Mellon] do it solely because they got paid and essentially had a bug contract out on Tor?” he told SearchSecurity. “Or did they do it because they saw a chance to break something that everyone said was basically unbreakable?”
Cunningham added that while the money certainly helped them execute, the notoriety from breaking the Tor network would be reward enough. The money? “Universal grease,” said Cunningham.
In the end, Cunningham theorized that Carnegie Mellon likely had the talent, tools and processes to do what other said couldn’t be done. And that was motive enough.