The latest threat to Tor, the online anonymity tool, is simple but serious: Mouse movements may be used to identify users online.
Tor is designed to hide your identity on the Internet by making it impossible for websites, or people eavesdropping on network traffic, to determine your true IP address. It does a pretty good job of that by routing traffic through multiple relays (Tor is short for “The Onion Router” because connections are routed through may different layers, like an onion). That way, no one party can figure out where traffic originated.
But a new Tor privacy loophole has been identified. Jose Carlos Norte, an Internet security researcher, disclosed on his blog earlier this month a technique that monitors mouse movements to keep track of a user’s online activity.
On their own, mouse movements inside the Tor browser wouldn’t reveal a user’s true IP address. They would only make it possible to trace a Tor user’s activity across different sites.
But the real danger comes from the possibility that mouse patterns inside the Tor browser could be matched with those that a user makes when visiting a website from a normal browser, which does expose his true IP address. With enough data from both sources, it would become possible to determine the real identify of an Internet user even if he is connecting to certain sites using Tor.
Still, Norte’s experiment is a reminder of another way that Tor privacy can be undermined. In this case, it’s especially striking because the technique doesn’t require particularly intrusive methods or expensive technology. All an attacker has to do is get a Tor user to visit websites using his default browser settings.