The U.S. Department of Defense has denied that it received personal data on users of Internet privacy service Tor through a government-funded project to detect vulnerabilities.
Defence Department spokeswoman Lieutenant Colonel Valerie Henderson said that the project was focused on identifying vulnerabilities in Tor, not to collect data that would reveal personal identities of users. Two researchers at Carnegie-Mellon University's Software Engineering Institute with funding from the Defence Department managed to break into the Tor.
She did not rule out the FBI or other agencies obtaining the data, but they didn’t. The FBI however is whistling and looking in the other direction. Tor hides the Internet protocol addresses of users by routing their traffic through multiple layers of volunteered servers. Tor Project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to what are known as "hidden services," which include drug bazaars and whistle-blower sites.
Dingledine said the attacking computers, which were removed on July 4, had operated on behalf of the Software Engineering Institute team.