“There’s not a magic way to trace people [through Tor], so we typically capitalize on human error, looking for whatever clues people leave in their wake,” said James Kilpatrick, one of the HSI agents who is part of Operation Round Table, a continuing investigation into a Tor-based child-pornography site that has so far resulted in 25 arrests and the identification of more than 250 victims, all children.
A typical browser sends data along a direct route, making it relatively easy to figure out who is visiting a website, sending messages or downloading material. Tor, which stands for “the onion router,” sends data through layers of intermediary computers that can’t be peeled back, making it nearly impossible for law enforcement and private companies to track Internet browsing.
“Two years ago…if they ran into Tor, they said, ‘It’s hopeless,’ ” said Andrew Lewman, executive director of the nonprofit group that oversees Tor, called Tor Project. But after meetings with agencies including the Federal Bureau of Investigation and the Department of Homeland Security, he noticed their perception started changing. “They finally realized Tor’s not this impenetrable thing. Users make mistakes.”