Possible FBI infiltration of TOR
August 4, 2013 3:38 PM   Subscribe

In a crackdown that FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network has been compromised, including the e-mail counterpart of TOR deep web, TORmail. FreedomWeb, an Irish company known for providing hosting for Tor "hidden services" -- services reached over the Tor anonymized/encrypted network -- has shut down after its owner, Eric Eoin Marques, was arrested over allegations that he had facilitated the spread of child pornography.

Users of Tor hidden services report that their copies of "Tor Browser" (a modified, locked-down version of Firefox that uses Tor by default) were infected with malicious Javascript that de-anonymized them, and speculate that this may have originated with with FBI. Tor Browser formerly came with Javascript disabled by default, but it was switched back on again recently to make the browser more generally useful. Some are predicting an imminent Bitcoin crash precipitated by the shutdown.

Some further analysis over at reddit.
posted by whyareyouatriangle (126 comments total) 27 users marked this as a favorite
 
Well shit, where will I get a $300 Percocet pill now?
posted by Brocktoon at 3:42 PM on August 4, 2013 [2 favorites]


Wow, who browses Tor with JavaScript switched on?

That is so obviously a terrible idea.
posted by jaduncan at 3:46 PM on August 4, 2013 [6 favorites]




useful/secure orthogonality
posted by telstar at 3:52 PM on August 4, 2013 [9 favorites]


Yes, but I'd think people paranoid enough for Tor should be checking changelogs.
posted by jaduncan at 3:53 PM on August 4, 2013 [3 favorites]


Man, we should really do something about these pornographers before they bring about a total, all-seeing global surveillance state.
posted by Nomyte at 3:54 PM on August 4, 2013 [67 favorites]


For those like me who don't have the slightest idea what this is about: TOR (anonymity network)
posted by Chocolate Pickle at 4:15 PM on August 4, 2013 [6 favorites]


Use whonix or Tails. Or some other way to block traffic outside TOR.
posted by Ad hominem at 4:18 PM on August 4, 2013


Ok, there's a difference between speculation that the FBI is behind the javascript exploit and proof the FBI is behind the javascript exploit. Taking that as a given, if the FBI were behind the exploit what would be the legal basis for infecting people with malware like that? Wouldn't you need a warrant or something?
posted by Justinian at 4:24 PM on August 4, 2013 [6 favorites]


So when is it okay to Godwin? Because this seems like some fascist bullshit.
posted by Blazecock Pileon at 4:24 PM on August 4, 2013 [10 favorites]


Justinian: "Ok, there's a difference between speculation that the FBI is behind the javascript exploit and proof the FBI is behind the javascript exploit. Taking that as a given, if the FBI were behind the exploit what would be the legal basis for infecting people with malware like that? Wouldn't you need a warrant or something?"

A tracking cookie (which is what this sounds like) is a lot different than using an exploit to install executable code.
posted by mullingitover at 4:30 PM on August 4, 2013


Taking that as a given, if the FBI were behind the exploit what would be the legal basis for infecting people with malware like that? Wouldn't you need a warrant or something?

"Warrant" is rapidly becoming an obscure word referring to an outmoded requirement from pre-GWOT days. I have no idea if the Feds were involved, but if they were, they'd find an easy workaround for a warrant.
posted by emjaybee at 4:30 PM on August 4, 2013 [9 favorites]


mullingitover - so far, this apparently looks like an exploit against the JS engine that makes an http request *bypassing* tor (hence deanonymising the client).
posted by russm at 4:32 PM on August 4, 2013


Tor is also used by news organizations to hide the identities of journalists' sources.

This is not to suggest that a democratic government would ever, in some hypothetical future, use this kind of attack to discover the identity of a journalist's source.
posted by RobotVoodooPower at 4:33 PM on August 4, 2013 [42 favorites]


BP: Which part? So far what we know is that a guy who seems to have deserved to get arrested got arrested and people are speculating the FBI did something which may be shady with javascript. So the only part we know for sure is that a(n alleged) child pornographer got busted. Until we know more about the story going full Godwin seems like a gross overreaction.
posted by Justinian at 4:35 PM on August 4, 2013 [5 favorites]


Your reminder that sometimes speculation can lead to massive bullshit.
posted by Artw at 4:39 PM on August 4, 2013 [6 favorites]


I don't understand why people believe the FBI is responsible. Can someone explain? Is it just because of the effort to extradite the guy from Ireland? On a different note, is there some reason to believe he wasn't involved in hosting pedophile sites?
posted by Area Man at 4:49 PM on August 4, 2013


i'm not sure what the pressure cooker home visit has to do with this - it was originally written up as some sort of overarching police state surveillance thing, but ended up being a more run of the mill dude's former boss called the cops on him thing. and, maybe i missed something, but i don't remember any "massive bullshit" in that scenario - cops got a tip, they followed up on the tip, there didn't seem to be any there there, and so everyone went on with their day. that seems pretty different from what's being discussed here.
posted by nadawi at 4:51 PM on August 4, 2013


Area Man - not by the sounds of it. but I'm curious as to whether the allegation against him is that he personally participated in distribution of child porn, or that he knew child porn was being distributed on hosting his company provided, or just that he should have known (or a "reasonable person" would have realized or whatever).
posted by russm at 4:53 PM on August 4, 2013 [1 favorite]


Some are predicting an imminent Bitcoin crash precipitated by the shutdown.

As though Bitcoin were a serious thing given serious thought by serious people.
posted by one more dead town's last parade at 4:54 PM on August 4, 2013 [10 favorites]


Really? You missed FBI NSA PRISM over and over again until the unfounded assumptions turned out to be unfounded bullshit.

Similar conspiracy minded assumptions appear to be at play here, backed up by nothing.
posted by Artw at 4:54 PM on August 4, 2013 [2 favorites]


what's that line about "real men, in real basements, losing real fake money"?
posted by russm at 4:55 PM on August 4, 2013 [6 favorites]


As though Bitcoin were a serious thing given serious thought by serious people.

I bought some serious drugs with it. Seriously.
posted by orme at 4:56 PM on August 4, 2013


From the user buz___ on Reddit:
"Predominately targeting Freedom Hosting." Freedom Hosting has the biggest underground child pornography ring, known as "Lolita City". Freedom Hosting are a bunch of skum bags who support child pornography. I'm actually behind the FBI on this one.
posted by edheil at 4:56 PM on August 4, 2013 [7 favorites]


I've long speculated that most Tor nodes are actually run by the NSA, or at least are specifically monitored by them. Even if they can't break the encryption now they may be able to do it one day (even if it takes a rubber hose applied to each user) and in the mean time, they can tell who's using it and who they're speaking to.
posted by Joe in Australia at 4:59 PM on August 4, 2013 [3 favorites]


Artw - maybe i misread your comment - i thought you were saying the people getting visited was massive bullshit. if you meant all the (eventually proven to be unfounded) speculation, then we agree...
posted by nadawi at 5:00 PM on August 4, 2013 [2 favorites]


I recently learned that tor came from the US Navy
posted by telstar at 5:02 PM on August 4, 2013 [1 favorite]




Yes, but I'd think people paranoid enough for Tor should be checking changelogs.

Lots of activists in various countries that really like monitoring and controlling their residents' use of the internet use Tor, without necessarily being computer experts.
posted by eviemath at 5:07 PM on August 4, 2013 [2 favorites]


I again raise the concern that it's seriously chilling to conclude that, because crime exists or because a person "deserved to get arrested" (seriously, WTF?) means the public at large doesn't deserve basic online privacy.
posted by Nomyte at 5:11 PM on August 4, 2013 [18 favorites]


Why is the very notion that someone could deserve to be arrested so outrageous?
posted by Area Man at 5:17 PM on August 4, 2013 [7 favorites]


Here is a WSJ article about the FBI using offensive techniques against suspects, especially those involved in child pornography. The exploit routed some packets to an IP address near Washington, DC. It's not rampant speculation.
posted by RobotVoodooPower at 5:17 PM on August 4, 2013 [7 favorites]


Or maybe the guy got himself arrested due to factors entirely outside of privacy and Tor.
posted by Artw at 5:18 PM on August 4, 2013 [4 favorites]


A tracking cookie (which is what this sounds like) is a lot different than using an exploit to install executable code.

Yeah, if that's the way it works, it's less like the cops sneaking into your house while you're away and more like the cops knocking on your door and asking "Can we come in and have a look around?" and your robot butler saying "Sure, come on in!"

You don't need a warrant when you've got permission from the robot butler.
posted by baf at 5:19 PM on August 4, 2013 [11 favorites]


Why is the very notion that someone could deserve to be arrested so outrageous?

Because "deserved to get arrested" is not far from "looked like a criminal" and "sounds guilty."
posted by Nomyte at 5:25 PM on August 4, 2013 [18 favorites]


At 29c3, Roger Dingledine mentioned that Chromium has better san boxing that FireFox, but overall worse support for restrictive add-ons like NoScript, Ghostery. etc. We likely need a security conscious developer to build a good security infrastructure for Chromium, so that the Tor Browser bundle can migrate and exploit the san boxing.
posted by jeffburdges at 5:29 PM on August 4, 2013 [1 favorite]


So when is it okay to Godwin? Because this seems like some fascist bullshit.

When the FBI starts sending millions of TOR users to concentration camps and systematically murders them wholesale?
posted by ActingTheGoat at 5:31 PM on August 4, 2013 [41 favorites]


a close reading of the reddit thread provided this independent (from ireland) story

the owner of freedomweb had been arrested in maryland a year ago for child porn and skipped bail, fleeing the country - the FBI asked for extradition and the irish court is evaluating it

so it's apparent that this arrest was already in the works and may have had nothing to do with the hacking of tor - and certainly, it wasn't necessary to do, as the FBI already had a legitimate reason to bust him

of course, with all the games our government is up to, it's hard to tell what else is going on - nothing good, i suspect
posted by pyramid termite at 5:35 PM on August 4, 2013 [8 favorites]



So when is it okay to Godwin? Because this seems like some fascist bullshit.


Stick with the obvious and go with Mussolini.
posted by Tell Me No Lies at 5:37 PM on August 4, 2013 [6 favorites]


When the FBI starts sending millions of TOR users to concentration camps and systematically murders them wholesale?

So private prison systems and the Drug War? Gotcha.
posted by dubusadus at 5:37 PM on August 4, 2013 [13 favorites]


if the FBI were behind the exploit what would be the legal basis for infecting people with malware like that? Wouldn't you need a warrant or something?

You're adorable.

When the FBI starts sending millions of TOR users to concentration camps and systematically murders them wholesale?

I won't say that exploiting TOR is fascism, but I will say that death camps are the height of fascism, not the beginning. So, you're both being absurd.
posted by poweredbybeard at 5:37 PM on August 4, 2013 [12 favorites]


Well shit, where will I get a $300 Percocet pill now?

At the pharmacy, from the drug company, duh!
posted by wrok at 5:43 PM on August 4, 2013


History is artificial scarcity.
posted by telstar at 5:49 PM on August 4, 2013 [2 favorites]


Why is the very notion that someone could deserve to be arrested so outrageous?

Because "deserved to get arrested" is not far from "looked like a criminal" and "sounds guilty."
posted by Nomyte at 7:25 PM on August 4
[+] [!]


No, deserves to be arrested means the police had very good reasons to believe that he had committed a felony for which he could be extradited.
posted by Area Man at 5:53 PM on August 4, 2013 [10 favorites]


pyramid termite - I don't think you're parsing that article correctly. There's no mention of a previous arrest or skipping bail, and they explicitly say "He had no previous convictions nor had he ever come to the attention of the authorities before". My read of it is the FBI had spent the last year trying to identify the (anonymous) owner of Freedom Hosting, and once they determined it was Marques they issued an extradition warrant in Maryland last Monday (the 29th).
posted by russm at 6:06 PM on August 4, 2013 [3 favorites]


Tell Me No Lies: "
So when is it okay to Godwin? Because this seems like some fascist bullshit.


Stick with the obvious and go with Mussolini.
"

I'd say: "This is more like Stasi level bullshit."

but...

This is more THAN Stasi level bullshit.
posted by symbioid at 6:08 PM on August 4, 2013 [9 favorites]


I don't use Tor or anything similar. Last month I had "the talk" with my daughter. Not about sex -- about the Internet.

"Everything you ever do online can be seen, recorded, tracked, and traced. Maybe by me. Maybe by your friends. Maybe by a scammer. And maybe by other people. If you type in something or take a picture or use a program or an app, and that thing is connected to the Internet -- even if you aren't using anything that connects -- then you should assume that it isn't secure, it isn't hidden, and it isn't a secret."
posted by andreaazure at 6:15 PM on August 4, 2013 [52 favorites]


So this guy was hosting half the sites on TOR?
posted by the_artificer at 6:17 PM on August 4, 2013


So far we have Nazi-like and worse than the Stasi but nobody has actually identified which parts are the problem...
posted by Justinian at 6:34 PM on August 4, 2013


So private prison systems and the Drug War? Gotcha.

When the average lifespan of a prisoner arriving is less than three hours, then you can compare a prison in the US to places like Treblinka, Sobibor, Belzec, Chelmo, or Auschuwitz-Birkenau.

Otherwise, no. You can pardon someone out of ADC Florence or Guantanamo. You cannot pardon the ashes of Treblinka.

You can only remember - and not make bullshit comparisons.
posted by eriko at 6:39 PM on August 4, 2013 [31 favorites]


Goya say it again, first they came for...
posted by blue shadows at 6:44 PM on August 4, 2013 [1 favorite]


As though Bitcoin were a serious thing given serious thought by serious people.

It's good to see you've got beyond ignoring Bitcoin, but if you're still at the 'laughing at it' stage, you've obviously missed a memo or three.

It's the 'fighting it' stage now.

After all, by volume of transactions (current estimate is around $35 million a day), if Bitcoin were the currency of a country, it would be about 120th in the GDP list. That is to say, it would still be a small and perhaps 'insignificant' country, but there would be about 60 or 70 countries with smaller GDP.
posted by motty at 6:47 PM on August 4, 2013 [4 favorites]


I've been looking for historical parallels to this, situations where a massive service was provided that had so much potential for both good and evil. Situations where regulation just wasn't a viable option, it was a total shutdown or nothing. I'm not finding much.

Sure, governments have gone the total shutdown route (or tried to) with other things in the past, but usually it's been a matter of convenience. There's a difference between not wanting to put the resources into something and just not being able to.

So I guess that's the question: how do we maintain services like this while making them useless -- or at least a lot less useful -- to those who abuse them?
posted by Tell Me No Lies at 6:56 PM on August 4, 2013 [1 favorite]


I've long speculated that most Tor nodes are actually run by the NSA, or at least are specifically monitored by them. Even if they can't break the encryption now they may be able to do it one day (even if it takes a rubber hose applied to each user) and in the mean time, they can tell who's using it and who they're speaking to.

Pretty much none of that is true, barring much bigger protocol vulnerabilities.
posted by wrok at 6:57 PM on August 4, 2013


Justinian: "So far we have Nazi-like and worse than the Stasi but nobody has actually identified which parts are the problem..."

I'm not saying that this specific case here is worse than Stasi, mind. I'm saying the revelations of the technical prowess of our national security state is, according to at least one former Stasi member, more than they ever had (well, of COURSE, we live in a much more technologically integrated society, thus the potential for much greater ability is also greater).

In this case, if it is true that this page-jacking with malware was a mode of attack, and it was set in motion by the FBI then there is a question there of legality, I would at least hope. I never honestly trusted TOR, and the one time I tried it, it seemed way slower than what I would want for general purpose use.

Doesn't TOR itself say it's not to be used for secure communication since the exit nodes can see whatever flows through them if it's not encrypted?
posted by symbioid at 7:00 PM on August 4, 2013 [2 favorites]


I'm surprised the Tor people would opt to do something insecure like enabling JavaScript by default in the name of usability. If the FBI could exploit that, why not Iran or China? How many dissidents' lives were put at risk to make things noob-friendly?
posted by Rhaomi at 7:15 PM on August 4, 2013 [4 favorites]


So where am I supposed to get my mass-market pulp sci-fi paperbacks now?
posted by turbid dahlia at 7:22 PM on August 4, 2013 [12 favorites]


Say what you will about Mussolini, at least he kept the internet clean
posted by This, of course, alludes to you at 7:31 PM on August 4, 2013 [8 favorites]


the owner of freedomweb had been arrested in maryland a year ago for child porn and skipped bail, fleeing the country - the FBI asked for extradition and the irish court is evaluating it

If he was the owner of FH he ran an "absolutely anything goes" hosting service which turned a blind eye to child porn. Regardless of how you feel about this (undoubtedly he did knowingly take money from CP distributors) there's nothing public to suggest his involvement went further at this point.
posted by atoxyl at 7:45 PM on August 4, 2013


undoubtedly he did knowingly take money from CP distributors

Um, yeah, fuck that guy.
posted by Artw at 7:47 PM on August 4, 2013 [7 favorites]


Regardless of how you feel about this (undoubtedly he did knowingly take money from CP distributors) there's nothing public to suggest his involvement went further at this point.

One need not involve themselves any further than that to be complicit.
posted by chimaera at 7:48 PM on August 4, 2013 [3 favorites]


One need not involve themselves any further than that to be complicit.

I am aware. I don't think the "world's largest child porn distributor" framing is honest, however. YMMV.
posted by atoxyl at 7:49 PM on August 4, 2013


If what he was knowingly hosting was in fact the world's largest child porn distributor/site, then the framing is dead on accurate, to me.
posted by chimaera at 7:50 PM on August 4, 2013


I mean it's like Megaupload in that the service clearly had legitimate uses (or illegal uses such as drugs that I would consider legitimate regardless) to the point of apparently hosting a very large percentage of .onion sites but it's impossible to believe he didn't know about the worst side as well. I guess I only hope this leads to the rise of a CP-free equivalent not a breakdown of TOR.
posted by atoxyl at 8:07 PM on August 4, 2013


How did CP violations dominate this thread?
posted by jeffburdges at 8:10 PM on August 4, 2013 [1 favorite]


The problem with a "security conscious developer" is that there are government agencies actively corrupting them. How are we supposed to know when a developer has been compromised? Ugh.
posted by Brocktoon at 9:14 PM on August 4, 2013


When the FBI starts sending millions of TOR users to concentration camps and systematically murders them wholesale?

I won't say that exploiting TOR is fascism, but I will say that death camps are the height of fascism, not the beginning. So, you're both being absurd.


What's absurd is to call this fascism. It has nothing to do with it. Its a question of an age-old debate of how much power police and intelligence agencies will have when observing the activities of citizens. It was not facism when Disraeli had his Home Office mail cover program back in the 19th Century in England.

Facism is an actual poltical system, with political ideals and goals that are not at play here at all. That's why people don't like Godwining things. If its the Klan, or Illinois Nazis, yes, apt comparisons are made. Otherwise, it tells us nothing.
posted by Ironmouth at 9:15 PM on August 4, 2013 [5 favorites]


A TOR network by its very nature is designed to allow the participant nodes to transmit internet traffic packets whose contents they are unaware of. Anonymity is the point. The packet could contain a recipe for beef stew or it could contain child porn. Charging someone who runs a TOR network or node with knowingly distributing child pornography is in many cases impossible (the data is encrypted, they can't know the content unless they're the last node in the chain; also, it's not very fair to ask them to inspect all traffic for which they are the last node, unless you also would like make e.g. Comcast do the same). Trusting the news article labeling him as such is a bad idea, because I guarantee you the journo who wrote that has no idea what he's talking about.

I mean, sure, you would have to be an idiot to think child pornographers wouldn't see the use of an anonymization service, but it's not as if onion routing is the one thing preventing the end of child pornography either. If you're a dissident in a dictatorship I guarantee you can think of some other uses for an anonymization service, too.
posted by axiom at 9:18 PM on August 4, 2013 [6 favorites]


From the Tor Project blog: Hidden Services, Current Events, and Freedom Hosting:

A Hidden service is a server – often delivering web pages – that is reachable only through the Tor network. While most people know that the Tor network with its thousands of volunteer-run nodes provides anonymity for users who don´t want to be tracked and identified on the internet, the lesser-known hidden service feature of Tor provides anonymity also for the server operator.

Anyone can run hidden services, and many do...The person, or persons, who run Freedom Hosting are in no way affiliated or connected to The Tor Project, Inc., the organization coordinating the development of the Tor software and research. In the past, adversarial organizations have skipped trying to break Tor hidden services and instead attacked the software running at the server behind the dot onion address. Exploits for PHP, Apache, MySQL, and other software are far more common than exploits for Tor. The current news indicates that someone has exploited the software behind Freedom Hosting. From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the web pages delivered to users. This exploit is used to load a malware payload to infect user's computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We're investigating these bugs and will fix
them if we can.

As for now, one of multiple hidden service hosting companies appears to be down. There are lots of rumors and speculation as to what's happened. We're reading the same news and threads you are and don't have any insider information. We'll keep you updated as details become available.

posted by mediareport at 9:40 PM on August 4, 2013 [3 favorites]


(That's via Jacob Applebaum on Twitter.)
posted by mediareport at 9:42 PM on August 4, 2013


Why is the very notion that someone could deserve to be arrested so outrageous?

Because "deserved to get arrested" is not far from "looked like a criminal" and "sounds guilty."


Have people really forgotten the whole 50s? McCarthyism? Blacklisting? Philip K. Dick got many visits because he was a "liberal". All it takes to be considered a criminal is for those in power to want it to be.
posted by usagizero at 9:52 PM on August 4, 2013 [4 favorites]


I also don't understand the backlash against the expression "deserve to get arrested". Are y'all saying that nobody deserves to get arrested? So, for example, if a guy walked into a mall and started shooting people, he wouldn't "deserve to get arrested"?

Or is it that you don't think this guy committed a crime, and therefore doesn't deserve to be arrested, but for some reason you're expressing that thought by denying that anyone ever deserves to get arrested?
posted by Bugbread at 10:02 PM on August 4, 2013 [3 favorites]


Charging someone who runs a Tor network or node with knowingly distributing child pornography is in many cases impossible (the data is encrypted, they can't know the content unless they're the last node in the chain; also, it's not very fair to ask them to inspect all traffic for which they are the last node, unless you also would like make e.g. Comcast do the same). Trusting the news article labeling him as such is a bad idea, because I guarantee you the journo who wrote that has no idea what he's talking about.

The BIG difference between a hypothetical Tor exit node operator being charged, and the operator of Freedom Hosting being charged, is that the exit node operator would need to actively snoop to see what traffic was passing by, but FH sysadmins would need to be unbelievably careful to avoid seeing any indication of what was being stored on and served from their systems.

I'm not saying it isn't possible, just that I (as a sysadmin with some experience in managed hosting) would be stunned if it turns out that FH staff had never seen evidence that child porn was being served from the systems they managed.
posted by russm at 10:06 PM on August 4, 2013 [3 favorites]


Have people really forgotten the whole 50s? McCarthyism? Blacklisting? Philip K. Dick got many visits because he was a "liberal". All it takes to be considered a criminal is for those in power to want it to be.
usagizero

I think the problem here is that "deserves to be arrested" can be parsed in two ways, and it seems people in this thread are each taking a different one, resulting in this conflict.

It could be interpreted in this sense, in a "this person seems like/has been deemed a bad guy" and the specter of black lists.

But it could also be interpreted in the sense of "this person's actions clearly warrant their arrest", e.g. you have witnessed someone beating someone else to death with a bat or someone was caught red-handed with a mountain of chid porn. You would say such a person deserves to be arrested.

Justinian seems to have meant it the latter way, that this guy was caught with child porn and deserves to be arrested for it, while you and others are reading it the former way.
posted by Sangermaine at 10:07 PM on August 4, 2013 [6 favorites]


When the average lifespan of a prisoner arriving is less than three hours, then you can compare a prison in the US to places like Treblinka, Sobibor, Belzec, Chelmo, or Auschuwitz-Birkenau.

Otherwise, no. You can pardon someone out of ADC Florence or Guantanamo. You cannot pardon the ashes of Treblinka.

You can only remember - and not make bullshit comparisons.


I'm sure keeping a cool head and not getting too worked up about modern issues that operate under the same principles (if not scale) will surely send us hurtling into a utopian future. The seven million adults under correctional supervision and the two million adult prisoners who are serving time right now in the US will just have to learn to thank you for the gracious oversight after they've finished serving their sentences.

Modern comparisons to issues in the past serve a rhetorical point. Isolating them in a special mythological bubble of pathos does neither the living nor the dead any service.
posted by dubusadus at 10:10 PM on August 4, 2013 [16 favorites]


The problem with a "security conscious developer" is that there are government agencies actively corrupting them.

How do we get in on that action anyway? Nobody ever tries to corrupt *me*...
posted by Tell Me No Lies at 10:12 PM on August 4, 2013


I won't say that exploiting TOR is fascism, but I will say that death camps are the height of fascism, not the beginning. So, you're both being absurd.

poweredbybeard, I think that you make a good point that death camps are the height of fascism, not the beginning. But that's not how I see the Godwin argument. I am very disturbed by just about every story that has come out in the past few years that has anything to do with the American government and war/torture/extraordinary rendition/civil liberties/drones/surveillance/war on drugs/SWAT teams/police abuse/use of pepper spray/DUI checkpoints/anything we do with regards to keeping tabs on the citizenry at large. I like to think that I am a patriotic American who believes that the 4th amendment will keep us freer than the 2nd.

But I would argue that when the discussion comes to Godwin's Law specifically, we are talking about the worst abuses of the Nazis, not the beginning. And I think that, while the US has been incredibly wrong on the War on Drugs (and the poor and black people and minorities in general) comparing it to the Nazis isn't entirely helpful. Because murder of a class of people based on nothing more than who they are (which is absolutely and unequivocally wrong and evil) is different than keeping secret files on everything people say over email/text/internet (which I also feel is incredibly wrong and invasive but less evil than wholesale murder.)

Any analogy breaks down when you look at it closely, but I think the comparison to the Stasi (which has a connotation of pervasive, oppressive, security apparatus) rather than the Nazis (which has a connotation of pure evil) is more apt.
posted by ActingTheGoat at 10:20 PM on August 4, 2013 [6 favorites]


Tell Me No Lies: the difficulty is deciding whether to believe you or not.
posted by Brocktoon at 10:24 PM on August 4, 2013


When did the federal government make the change from Keystone Kops who didn't know how to use a mouse to master crackers who know everything from what scared us as children to who we slept with last night to what we're going to have for breakfast next Tuesday?
posted by double block and bleed at 10:32 PM on August 4, 2013 [6 favorites]


Justinian seems to have meant it the latter way, that this guy was caught with child porn and deserves to be arrested for it, while you and others are reading it the former way.

No, anyone who has read Metafilter for any length of time knows I am clearly a shill for the power of government to arrest and convict people without a fair trial. That's why I am always so pro-prosecution.
posted by Justinian at 10:36 PM on August 4, 2013


But I would argue that when the discussion comes to Godwin's Law specifically, we are talking about the worst abuses of the Nazis, not the beginning.

If all the fascists did wrong was put people in death camps, that would be a fair comment, but they did so much more! But what I love most about objections to any inquiry as to whether it is okay to call this fascism comes mostly by some arbitrary grade.

Like an argument about tone, it isn't whether breaking anonymous internet access is a fascist action, but that it has to meet some arbitrary and imaginary threshold for authoritarian excess, when we've already been fortunate enough to have whistleblowers show all of us that the authorities crossed that line quite some time ago.
posted by Blazecock Pileon at 10:45 PM on August 4, 2013 [1 favorite]


Isn't it still pure speculation that the FBI did the javascript exploit?
posted by Justinian at 10:55 PM on August 4, 2013 [1 favorite]


This is an incorrect interpretation. Here is what happened to a guy who assumed that was how the law would see it.

The decision says this process (basically, 'the web')

1) make web request (knock on the door)
2) endpoint looks at identity of request and either accepts or denies the request

isn't kosher and that a requestor needs to know a priori whether the request is allowed or not. The 'knock-on-the-door' analogy you use is poor in my view. Previously discussed here.
posted by j_curiouser at 11:01 PM on August 4, 2013


If you are having trouble understanding this and like young adult novels, read Cory Doctorow's book Little Brother and the sequel, Homeland. They explain a lot of this stuff and it has greatly enhanced my understanding of Tor. Both are available for free in their entirety, in multiple formats, on his website, http://craphound.com.
posted by IndigoRain at 11:26 PM on August 4, 2013


j_curiouser: I think you're getting the robot-butler analogy backwards. The robot butler represents the browser, the "Can I come inside and look around?" request is the server's attempt to deliver a tracking cookie, and the butler's response of "Sure, come on in!" is the browser accepting the cookie without consulting or informing the user. So if the knock on the door represents a web request, then the butler is the one knocking on the door from the inside. This makes no sense.
posted by baf at 11:46 PM on August 4, 2013


baf - sorry if I was unclear. The point is, the rules should cut the same both directions. If it was illegal for the simple http request with an id on the querystring (a knock at the door), it oughta be illegal the other way 'round.

'Don't send a web request asking for our data unless you already know I (not the server - the board of AT&T), want to respond to it.'

'Don't give me javascriptTrouble unless you already know I (not the browser - me) want to accept it.'

</pedantry>
posted by j_curiouser at 12:50 AM on August 5, 2013


Yeah, this is (unsurprisingly) a bit like TOR itself -- layer upon layer.

To get a couple out of the way first:
* Marques is apparently an unrepentant child pornography distributor.
* Freedom Hosting was responsible, directly or through third parties, for apparently at least half of the child porn on TOR.

Nobody is really defending Marques or Freedom Hosting here. Both entities deserved the full force of the law directed at them. It's the collateral damage that is the concern.

The next problem is here (bear with me, I'm out of practice on this topic):
* Freedom Hosting also hosted TORMail, the Hidden Wiki, and other resources that were not child pornography. The first was a well-respected and considered-trustworthy mail provider, from what I can tell. The Wiki hosted links to entities within the "dark web" of the hidden .onion website community, which are both legitimate (e.g. the New Yorker's Strongbox for whistleblowers) and illegitimate (the child porn and other contraband sites such as the drug-marketplace Silk Road). And so on. These were all essentially compromised by whatever went down regarding Marques and FH.

The third problem is here:
* Law enforcement, or other possibly arm's length entities, found a zero-day exploit [a bug neither detected nor reported to date, and obviously not patched] in Firefox 17. Firefox 17 Extended Service Release is the current standard corporate browser release from Mozilla. Many corporations and governments are using it because it's tested and stable (note that the current consumer version is up to 22, and is not known to be vulnerable). But this zero-day exploit will now make those browsers vulnerable as a general rule anywhere on the net, not just in TOR. Firefox 17 is also the basis for the Tor Browser Bundle, that is, a recommended browser for using the TOR network itself. (You are obviously not required to use it, but it is widely distributed for that purpose.) Thus it is likely that many TOR users were vulnerable to this exploit, both on FH websites and anywhere else they may have gone, even if they were not child pornography users themselves. Some have speculated that the exploit was known for some time and may have been used (by LEO or others) in a less detectable manner, but the upcoming change for the ESR meant they wanted to roll up these suspects and engaged in a more brute force attack to accomplish that.
* The exploit essentially Trojans Firefox 17 into exposing the user's real IP address. Now...
** In the case of FH child porn accessers, obviously they are now open to some sort of prosecution. Few would argue that.
** In the case of all other users whose IPs may have been exposed this way, or who are now vulnerable for some future period, this isn't good at all. Victims of oppressive governments (which may include Americans if you see things that way) are now open to discovery by security agencies. Activists may be vulnerable to blackmail by counterintelligence, for example.
** Finally, this compromises trust in TOR itself, even though TOR had nothing to do with what happened or the criminal websites or the criminals or the spies/LEOs.
*** This could also have provided the NSA or other interested entities sufficient two-way traffic data that the TOR protocols could be compromised, now or in the future. That's not at all clear at this point, though.

I think that covers most of it, including why there's a big sinking feeling out there even for people who would otherwise have no truck with child pornographers.
posted by dhartung at 1:28 AM on August 5, 2013 [28 favorites]


If all the fascists did wrong was put people in death camps, that would be a fair comment, but they did so much more! But what I love most about objections to any inquiry as to whether it is okay to call this fascism comes mostly by some arbitrary grade.


Fair enough BP, I guess that any line would be arbitrary. The one I drew was brightest to me, but that doesn't make it unarguably correct.

Like an argument about tone,it isn't whether breaking anonymous internet access is a fascist action, but that it has to meet some arbitrary and imaginary threshold for authoritarian exces
s

And I absolutely agree with you about this. This sounds like authoritarian excess. I really wasn't trying to object to any inquiry regarding fascism. It's just that calling this Nazism feel like an over reach that draws criticism to your rhetoric, rather than to your argument. It derailed me. Sorry about that. But I pretty much agree with you.
posted by ActingTheGoat at 1:33 AM on August 5, 2013


The immediate issue here is not that CP is bad or that we should eliminate it at any cost to our liberties. The issue is that associating CP with online anonymity is now a time-tested journalistic strategy. CP is brought up every time TOR is mentioned. CP is a byword for internet privacy. In every conversation it comes up, people tediously disavow any laxness with regard to CP and it's a huge derail. So here the issue is that TOR has potentially been shown to be fatally compromised. That it was fatally compromised in pursuit of a pornographer is not a non-issue, but focusing on that is a traditional way to derail objections. I don't know if that is an emergent property of our willingness to be scandalized, or something more directed.
posted by Nomyte at 2:12 AM on August 5, 2013 [7 favorites]


How much do you want to bet that this isn't about actual OMG paedoterrorists, but has some connection to the NSA leaks/WikiLeaks/those troublesome journalists who also use Tor?
posted by acb at 2:18 AM on August 5, 2013 [4 favorites]


What's absurd is to call this fascism. It has nothing to do with it. Its a question of an age-old debate of how much power police and intelligence agencies will have when observing the activities of citizens. It was not facism when Disraeli had his Home Office mail cover program back in the 19th Century in England.

Facism is an actual poltical system, with political ideals and goals that are not at play here at all. That's why people don't like Godwining things. If its the Klan, or Illinois Nazis, yes, apt comparisons are made. Otherwise, it tells us nothing.

Sure. It is authoritarianism, however.
posted by jaduncan at 2:32 AM on August 5, 2013


I read a suggestion, I think on Wired, that the exploit has been carefully crafted to only serve an IP address and the fact that the host has been using particular onion sites. The exploit might have been used to install a trojan, but no trojan was installed. The implication drawn from this is that it's the prelude to warrants being served on the owners of those addresses, and (I presume) the people doing this didn't want any defenses based on illegal searches or planted evidence.
posted by Joe in Australia at 3:27 AM on August 5, 2013 [1 favorite]


TOR was and is being used for the purposes of abusing children and sharing the evidence of that abuse. That's not its only use, but it's one of them. As long as that's one of them, I do not want law enforcement to just throw up their hands and say, "Well, they got us. I guess we can't do anything as long as they do this using TOR!"

If law enforcement abuse their access to these things once they gain it, I do hope that the public will be alerted to the abuses, but I don't see why it's a foregone conclusion. Child sexual abuse is not just a rhetorical strategy. 'Terrorism' is a vague thing and we've all seen how the definitions shift to fit the convenience of whoever is on the shit list today. Children being sexually abused by adults, and the adults then trading in the photographic evidence of that abuse? Not vague. A real, actual thing that happens that should not happen, that we can't just pretend doesn't happen because it goes on on a part of the internet that happens to be anonymous.

If we get real evidence that this is just a pretense, I am all prepared to be as outraged as anybody. There's something to be wary about here. But automatically treating it like there's no way anybody could really care about abused kids for that to be the real focus? Come on.
posted by Sequence at 3:31 AM on August 5, 2013 [6 favorites]




I'm pretty sure that they did similar things in the days when it was magazines, films, or video. That's right up against the limit of what I would consider to be ethically justified, but as long as they weren't commissioning new material ...
posted by Joe in Australia at 4:41 AM on August 5, 2013


I do not want law enforcement to just throw up their hands and say, "Well, they got us. I guess we can't do anything as long as they do this using TOR!"

Crippling TOR (perhaps permanently, as TOR usage is largely based on trust) was not the only option law enforcement had.

They chose a very effective tactic here but the collateral damage is perhaps unacceptable.

If law enforcement abuse their access to these things once they gain it, I do hope that the public will be alerted to the abuses, but I don't see why it's a foregone conclusion.

The fact that the collateral damage in this case falls in line with law enforcement's (often legitimate) goal of being able to track an individual's Internet usage stands out for me. The legislature has not come through with laws that will directly bar fully anonymous services but here is law enforcement just happening to cripple a major one while in pursuit of something else.

So regardless of any future abuse it starts to look like an abuse already *has* happened here. Law enforcement appears to have piggybacked one of their own private goals on top of a perfectly legitimate public action. It's not an auspicious start.
posted by Tell Me No Lies at 5:33 AM on August 5, 2013 [1 favorite]


First they came for TOR ...

Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages
Exploit called BREACH bypasses the SSL crypto scheme protecting millions of sites.

It's not quite as bad as it sounds, but it's pretty bad.
posted by Joe in Australia at 6:00 AM on August 5, 2013 [1 favorite]


Is there any evidence that anyone actually compromised the Tor network though? Could the NSA compromise Tor with a 50% attack? Yes obviously, but they'd guard that secret jealously, not squander it on law enforcement bullshit.
posted by jeffburdges at 6:12 AM on August 5, 2013


TOR was and is being used for the purposes of abusing children and sharing the evidence of that abuse. That's not its only use, but it's one of them. As long as that's one of them,
The same could be said of anything really... digital photographic hardware, light bulbs, email... heck I could imagine that some of these people even eat breakfast. Are you saying that we need to outlaw breakfast because it's being used by child pornographers to get a start to their day?

See also: absurd reductionism
posted by Blue_Villain at 7:05 AM on August 5, 2013 [1 favorite]


Is there any evidence that anyone actually compromised the Tor network though?

My Tor server doesn't react to Javascript, so I think there is a lot of misinformation floating about. The original Reddit post said something like "half of all Tor nodes are compromised", which was wrong. The author may have been referring to onion sites and not Tor nodes.
posted by pashdown at 7:07 AM on August 5, 2013 [1 favorite]


It's good to see you've got beyond ignoring Bitcoin, but if you're still at the 'laughing at it' stage, you've obviously missed a memo or three.

Not really. Bitcoin, at least as an "investment," is for goldbugs who can't afford gold.

It's not really anonymous, either; governments are going to be able to figure out more or less who's who just by looking at connections between people, just like they can with phone call data (or Tor, if they can compromise enough nodes). And unlike phone call data, Bitcoin transaction records are published for all the world to see.
posted by one more dead town's last parade at 7:11 AM on August 5, 2013 [3 favorites]


The same could be said of anything really... digital photographic hardware, light bulbs, email... heck I could imagine that some of these people even eat breakfast. Are you saying that we need to outlaw breakfast because it's being used by child pornographers to get a start to their day?

Has someone outlawed TOR? I don't see any evidence of that in the linked material. I'm sure various law enforcement agencies do in fact have techniques for getting information off of digital photography devices and listening devices may have been legitimately placed within lightbulbs on occassion.
posted by Area Man at 7:25 AM on August 5, 2013


Whatever the facts may turn out to be in this case, it never hurts to be reminded that 1. Tor is not a one-button solution for online privacy, because there is no one-button solution. As symbioid already pointed out, the Tor documentation itself says so explicitly; and 2. if a system can be compromised it will be compromised, it's just a matter of how long until somebody spots a vulnerability and thinks up an exploit.
posted by jfuller at 7:34 AM on August 5, 2013


Has someone outlawed TOR? I don't see any evidence of that in the linked material.
It was intended as a response to the post from Sequence above.

(seriously? I even used the blockquote to indicate that it was a quote... ctrl+c, ctrl+f, ctrl+v to find the original source)
posted by Blue_Villain at 7:54 AM on August 5, 2013


Sequence didn't call for TOR to be outlawed. The government knows how to pick locks and break down doors, but locks and doors aren't illegal.
posted by Area Man at 8:07 AM on August 5, 2013


I know that anonymous tools like TOR are important because they promote transparency that democracy requires to survive. Such tools help dissidents circumvent their oppressive regimes, allow whistle blowers to expose corruption, aid those who speak truth to power and grant access to prohibited but vital information, all without fear of reprisal. Privacy is a cherished right. That being said, we are talking about child pornography. Please don't trivialize this heinous crime. This isn't just about stopping pedophiles from seeing child porn. It's about stopping those who supply the product. For every demand there must be a supply. That supply is real children in the real world who have unspeakably horrible things done to them. This is happening somewhere to an innocent child as you read this right now. I am a a parent and I was molested as a child. Maybe that makes me overly biased. In my mind, stopping such crimes, punishing those responsible and removing children from terrible situations is something that the FBI is supposed to do as aggressively as possible.

Please be clear in your mind that child molestation is a truly exquisite torture with few, if any parallels. So many people get so very wound up about their right to privacy. Even to the point where they see that right in stark black and white terms where it must always stand, inviolate in every possible situation. However, we must sometimes yield our rights to others who have a conflicting but greater right, if only out of human decency. This is especially true when they cannot defend themselves and their rights. We all have a right to privacy but children have a greater right to not have sick fucks take pictures of them while they are violated. In a perfect world, we would never violate either right. But we live in a horribly fucked up world where the right to privacy must sometimes be set aside for this higher purpose. This will be true until someone invents a magical foolproof technology that allows good people to enjoy the benefits of anonymity while keeping away bad people who want to use it for terrible things. I don't think this will ever happen.

I know that governments won't stop there with their snooping; that even people "with nothing to hide" will get swept up into very bad situations. Each day a new revelation reveals this to be more true. I don't have a good answer for that. I don't have any answer for that. My mind is too focused on all of the suffering that could be averted. I know the old saying about trading liberty for safety but I don't think that any founding father could have foreseen the depravity of future generations.

acb: "How much do you want to bet that this isn't about actual OMG paedoterrorists, but has some connection to the NSA leaks/WikiLeaks/those troublesome journalists who also use Tor?"

Molestation was the worst experience in my life. I cannot adequately describe the physical and emotional pain of it to anyone who hasn't been through it. The government's motivations may very well not be completely pure but cheap cracks that trivialize the anguish and trauma of others, especially just to score some political points, are disgusting and have no place in any civilized discussion.
posted by double block and bleed at 8:31 AM on August 5, 2013 [4 favorites]


Sequence didn't call for TOR to be outlawed. The government knows how to pick locks and break down doors, but locks and doors aren't illegal.

A door that the government couldn't break down probably would be. As would, say, a car made of stealth materials that evades speed cameras.

Eventually we may see TOR as a weaponised technology (much in the way that crypto was treated as munitions): something heavily regulated at home (for all our good, of course) but airdropped on enemy states to fuck shit up for the bad guys. (Hey, if Pyongyang's overrun by paedoterrorists, that's not our problem, man.)
posted by acb at 8:32 AM on August 5, 2013


I don't quite know how to say this. First of all, let me say that I agree that child abuse is traumatic; I got raped as a minor too. I don't think that means that I should say that all private communication methods should be nullified just because people might be planning to rape other people.

Your logic demands that no private communication method should be allowed because CP might be transferred down it, and that way leads authoritarianism.
posted by jaduncan at 8:35 AM on August 5, 2013




If you are having trouble understanding this and like young adult novels, read Cory Doctorow's book Little Brother and the sequel, Homeland.

These were important stories that needed to be told. It's too bad they were crafted in such a pedantic, insufferable, and aggressively mediocre manner.
posted by Ratio at 9:39 AM on August 5, 2013 [2 favorites]


I don't think that means that I should say that all private communication methods should be nullified just because people might be planning to rape other people.

Your logic demands that no private communication method should be allowed because CP might be transferred down it, and that way leads authoritarianism.


What do you mean by "nullified" and "be allowed"? Is the idea that the government should not, at all, be allowed to possess or develop methods of tracking individuals using TOR? Or are you arguing that attempts to invade the secrecy and privacy of TOR users should be used sparingly and only in response to specific and well-founded suspcisions of serious crimes? I could get behind the latter idea, but I don't see why the government is obliged to leave TOR completely private even in instances when it has a warrant and limits the scope of its intrusion.
posted by Area Man at 10:21 AM on August 5, 2013 [1 favorite]


What about instances where it goes in without a warrant and pulls data indiscriminately?
posted by Blazecock Pileon at 10:23 AM on August 5, 2013


I think the underlying issue here is that the encroachment of law enforcement on our right to privacy isn't as visible online. It's difficult to imagine that cops would be physically eavesdropping on everyone's public conversations, or sneaking into millions of people's houses and rifling through their belongings without leaving a trace, or that they would readily bypass all but the most strident efforts to protect one's privacy, and would not be held to any meaningful burden of proof or probable cause.

But online, all of those things are possible, and they're all either happening or very nearly here. And since almost no one understands the technologies, there is very little public willpower to put any safeguards in place.

Child abuse is certainly a real thing with terrible consequences, no one can minimize that fact and no one is arguing that we should idly permit it to happen. However, it is on a spectrum of public issues, and does not supercede all other risks simply because of its heinousness.

History has shown how fascism can creep into a society, the power it can wield once it becomes ubiquitous, and the price we must often pay to escape it.

As I described above, online surveillance can creep into ubiquity very easily, and is nearly impossible to evade even by smart people and organizations who know what they're doing. Don't underestimate the risks that poses... it's not like we've evolved beyond political intimidation or social oppression; just ask the segments of the population selectively targeted for voter fraud or immigration "enforcement".

From the sounds of it, the individuals targeted by this investigation were probably committing horrible acts, or knowingly shielding those who were. I'll be happy to see them get their day in court and the punishment that befits them. Having a legitimate concern about the means of enforcing the law doesn't imply that I, or anyone here, would defend these particular offenders or this particular crime.
posted by Riki tiki at 11:43 AM on August 5, 2013


If all the fascists did wrong was put people in death camps, that would be a fair comment, but they did so much more! But what I love most about objections to any inquiry as to whether it is okay to call this fascism comes mostly by some arbitrary grade.

The arbitrary grade being having anything remotely to do with fascism at all. Most of the people prattling on about fascism know nothing about it. An overly extensive police state is not exclusive to the two states historically deemed facist. The only reasons people say fascist is because fascists committed much worse crimes than the rest of them so you can tag people with that. The U.S.S.R. pioneered the police state. But fascism is worse so people throw that out there, not knowing squat about actual fascism.
posted by Ironmouth at 12:06 PM on August 5, 2013


An example from recent history: the Civil Rights movement in the US. Local law enforcement and local government were complicit in attempting to quash the movement by very literally the bloodiest, most brutal means available. I imagine the opponents of Civil Rights would have liked to have the ability to place undetected observers to facilitate their murderous terror campaign.

An example from right now: Russian legal organs are in the middle of an ongoing campaign to criminalize all expression of LGBT identities, to the point that mentioning homosexuality to minors is a punishable offense. The laws enjoy broad public support. LGBT people in Russia suffer widespread intimidation that turns violent and deadly, including abductions, physical humiliation, and torture. It is in many ways similar to the scope of the violence and indignities suffered by blacks, except Russian queers are far less visible.

Don't you think Russian queers deserve a private, anonymous means of communication that can be used to organize aid, raise awareness, and possibly win back their status as human beings? This "deserve" word cuts both ways.

While I can't and won't say that the problem of child abuse pales by comparison with the need for secure communication, I don't think you can say that the need for secure communication pales by comparison with the problem of child abuse.
posted by Nomyte at 12:37 PM on August 5, 2013 [1 favorite]


> While I can't and won't say that the problem of child abuse pales by comparison with the
> need for secure communication, I don't think you can say that the need for secure
> communication pales by comparison with the problem of child abuse.

The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all.
-- H. L. Mencken
posted by jfuller at 12:51 PM on August 5, 2013 [6 favorites]


Nothing to see in the timing on this or the shutdown of multiple US consulates. Nope nope. Move along.
posted by Twang at 3:42 PM on August 5, 2013


The U.S.S.R. pioneered the police state

Not Czarist Russia or the Austro-Hungarian Empire?
posted by acb at 3:54 PM on August 5, 2013


The U.S.S.R. pioneered the police state

I'm not sure Queen Elizabeth 1's Secretary of State, Sir Francis Walsingham (1532–90), would agree with you.
posted by Mister Bijou at 6:56 PM on August 5, 2013


There is now evidence that the NSA was behind this, which raises a troubling point. Investigating domestic crimes isn't part of the NSA's brief. [see also] I have no intrinsic problem with the NSA penetrating TOR; that's their job. If the NSA's investigation into child pornography was illegal then I'm conflicted about it: this is arguably a "greater good" situation". But the timing of this is weird: could it be that the NSA deliberately burned a significant intelligence asset (the fact it can penetrate TOR) at this time just to reduce the criticism it is receiving? Because that's definitely an improper use of its assets and it would mean the NSA is getting involved in politics.
posted by Joe in Australia at 7:45 PM on August 5, 2013 [1 favorite]


From Arstechnica: IP address used in the attack traces back to NSA.
posted by Paris Elk at 2:06 AM on August 6, 2013 [2 favorites]


could it be that the NSA deliberately burned a significant intelligence asset (the fact it can penetrate TOR) at this time

I think it's important to point out, as I did, that this wasn't really a penetration of TOR. It probably exposed the IP addresses of people who used TOR to visit certain .onion websites that had been hijacked to inject tracking cookies or, potentially, something else, but it wasn't actually evidence that the NSA can "penetrate" TOR. The protocol has always been vulnerable to certain types of attacks such as a compromised exit node, and doesn't offer any inherent protection against malware attacks.

Also, it's likely that the asset was "burned" as it was about to expire anyway.

Nothing to see in the timing on this or the shutdown of multiple US consulates.

It's kind of interesting, but one can see an argument for leaving a potential terrorist communication tool (say, TORmail) up while monitoring it to the extent possible as being safer than shutting it down. Nothing thus far has indicated a direct relationship, and al Qaeda is certainly known for conducting certain communications in the open.
posted by dhartung at 4:24 AM on August 6, 2013


"It's psyops—a fear campaign... They want to scare folks off Tor, scare folks off all privacy services."

I'm not too bothered by whether this federal IP address represents a "calling card" left as psyops or whether they simply fucked up. We've grown effective enough at analyzing "big data" that they'll believe their own bullshit. Yet, we humans remain so poor at understanding probability that innocent people should necessarily get hovered up amongst any tips produced by "big data".

We must start using end-to-end encryption like OtR messaging, ZRTP, etc., supported in Jitsi and Adium. We must replace unencrypted cloud storage services like Apple's iCloud, Microsoft's SkyDrive, DropBox, etc. with end-to-end encrypted options like SpiderOak, Tahoe-LAFS, etc. And we must make these secure alternatives more user friendly.

It's okay that the NSA can perhaps break your encryption. It's okay that encrypting your communications singles them out. Any well-designed encryption makes analyzing your communications significantly require more highly classified tools, also more expensive computer time.

Imagine you email a friend about illegal drug availability at a festival. If used correctly, GnuPG should prevent them from reading your message, but even if they break your public key, doing so exposes information about their key breaking capacity, making it highly classified. So they're vastly less likely to tell the DEA about your email.
posted by jeffburdges at 5:06 AM on August 6, 2013 [2 favorites]


Relevant to the NSA angle -- apparently the malware didn't "phone home" to the NSA after all, although the researchers have done a marvelous job of hedging their misstatements.
posted by aramaic at 12:47 PM on August 7, 2013 [2 favorites]


I keep intending to mess around with the pond source, just not a go fan though.
posted by jeffburdges at 1:12 AM on August 12, 2013




« Older PORCELAINia   |   The Red Balloon Newer »


This thread has been archived and is closed to new comments