Is the recent Cisco advisory a government plant?

Print Friendly, PDF & Email


image credit: planetpalmbeach.

I’m not prone to conspiracy theories, but some things are just a bit too much even for me. Cisco recently released an advisory about a new piece of DNS poisoning malware which can install a Tor client on a user’s machine. Their suggestion? “Enterprises should consider blocking Tor traffic on their networks.”

This, just days after a massive chunk of Tor sites were compromised under the guise of fighting child pornography. It seemed like a safe thing to do, after all; nobody wants to defend child porn. BUT, privacy advocates everywhere are literally and physically reeling from the crackdown on the Tor network, seen in recent weeks. “Tor” stands for “The Onion Router” and is a service that can anonymize traffic on the web, by allowing multiple shared entry and exit points. Your traffic goes in to “The Onion Router” network, through several layers and bouncing off of several other routers and peers in the network, then gets spit out on of a random exit point, along with all of the other traffic routed out the same exit. In the end, it is virtually impossible to trace back to any one user, without more identifiable markers on their machine (which is what the malware planted in Tor-based sites is doing). We have even seen sites like Silent Circle, and Lavabit shut down their services and Hushmail fold to the feds.

With a sudden attack on Tor and privacy and anonymity protection software is executed by the government, then a well known and major security and networking company advises that most enterprises should start blocking Tor based traffic on their networks… it just feels a bit too “coincidental.” In a time when the discussion has never been larger, the NSA and other federal agencies ordering these crackdowns have NEVER been so brazen. Where most private companies would be experiencing a panic and a PR nightmare, these organizations appear to be moving forward with the cavalier attitude of Don Quixote, oblivious (or unconcerned) to the rubber band-like reaction that lies ahead. I’m not a conspiracy theorist, I’m not even a privacy advocate, but someone out there has forgotten what it means to be subtle when trampling the little people.