Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday November 17 2014, @04:16PM   Printer-friendly
from the toss-a-coin dept.

In July, Yasha Levine reported on a number of apparent conflicts of interest concerning the Tor project and those who promote it as a means of protecting one's anonymity online. In addition, evidence is presented that Tor users are actively being surveiled by the NSA, including a leaked NSA document noting the opportunity presented by this "critical mass" of targets. A follow up article reveals the hostile response from some Tor advocates.

Recently we saw law enforcement exercise their capability to identify and shutdown sites hidden via Tor.

Related Stories

Tor Project Mulls How Feds Took Down Hidden Websites 32 comments

Little is known about how U.S. and European law enforcement shut down more than 400 websites, including Silk Road 2.0, which used technology that hides their true IP addresses. The websites were set up using a special feature of the Tor network, which is designed to mask people’s Internet use using special software that routes encrypted browsing traffic through a network of worldwide servers.

The Tor Project, is a nonprofit that relies in part on donations. The project “currently doesn’t have funding for improving the security of hidden services,” wrote Andrew Lewman, the project’s executive director, in a blog post on Sunday. ( https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous )

It is possible that a remote-code execution vulnerability has been found in Tor’s software, or that the individual sites had flaws such as SQL injection vulnerabilities. But Lewman wrote The Tor Project had little information on the methods used by law enforcement in the latest action.

“Tor is most interested in understanding how these services were located and if this indicates a security weakness in Tor hidden services that could be exploited by criminals or secret police repressing dissents,” he wrote.

http://www.pcworld.com/article/2845352/tor-project-mulls-how-feds-took-down-hidden-websites.html

[Related]: https://blog.torproject.org/blog/hidden-services-need-some-love

Can anybody help Andrew Lewman understand what happened ?

Tor Says Feds Paid Carnegie Mellon $1M to Help Unmask Users 28 comments

Wired and others are reporting on a Tor blog post claiming that Carnegie Mellon University researchers were paid by the Federal Bureau of Investigation to help attack Tor hidden services:

"Apparently these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes," Dingledine writes. "Such action is a violation of our trust and basic guidelines for ethical research. We strongly support independent research on our software and network, but this attack crosses the crucial line between research and endangering innocent users."

Tor's statement all but confirms that Carnegie Mellon's attack was used in the late 2014 law enforcement operation known as Operation Onymous, carried out by the FBI and Europol. That dark web purge took down dozens of Tor hidden services, including several of the most popular Tor-based black markets for drugs including the Silk Road 2, and led to at least 17 arrests. Tor, for its part, has made efforts to subsequently block the attack, which it says it first detected in July of 2014.

When WIRED contacted Carnegie Mellon, it didn't deny the Tor Project's accusations, but pointed to a lack of evidence. "I'd like to see the substantiation for their claim," said Ed Desautels, a staffer in the public relations department of the university's Software Engineering Institute. "I'm not aware of any payment," he added, declining to comment further.

Tor's Dingledine responded to that call for evidence by telling WIRED that it identified Carnegie Mellon as the origin of the attack by pinpointing servers running on Tor's network that were used in the de-anonymization technique. When it asked Carnegie Mellon if the servers were being run by its researchers—a suspicion based on the canceled Black Hat conference presentation—the anomalous servers disappeared from the network and the university offered no response. The $1 million payment, Dingledine says, was revealed to Tor by "friends in the security community."

Previously:

July 26, 2014: Russia Offers $111,000 to Break TOR Anonymity Network
September 30, 2014: Tor Executive Hints at Firefox Integration
November 8, 2014: Huge Raid to Shut Down 400-plus DarkNet Sites
November 10, 2014: Tor Project Mulls How Feds Took Down Hidden Websites
November 17, 2014: Is Tor a Honeypot?
December 22, 2014: Servers Seized After Tor Developers Warn of Potential Government Attempt To Take Down Network


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Funny) by Anonymous Coward on Monday November 17 2014, @04:25PM

    by Anonymous Coward on Monday November 17 2014, @04:25PM (#116790)

    Is Tor a Honeypot?

    Yes. Always has been. Sorry the world is just now figuring this out.

    Thread over.

    • (Score: 2) by Bot on Monday November 17 2014, @04:31PM

      by Bot (3902) on Monday November 17 2014, @04:31PM (#116793) Journal

      Well, but I find the evidence for the entire internet being a honeypot far more convincing. Look where arpanet came from.

      --
      Account abandoned.
    • (Score: 1, Insightful) by Anonymous Coward on Monday November 17 2014, @04:38PM

      by Anonymous Coward on Monday November 17 2014, @04:38PM (#116800)

      I think it is more of a problem of priorities in the agencies who promote it.

      They have two conflicting goals. One is good unbreakable encryption to protect communication. The other is to break the unbreakable and take out the enemy using it.

      The second goal has created poor opsec on the first.

    • (Score: 0) by Anonymous Coward on Monday November 17 2014, @04:47PM

      by Anonymous Coward on Monday November 17 2014, @04:47PM (#116808)

      I don't live in the USA so it's better to use Tor than not to if I'm trying to protect myself from my own government.

      Too bad it won't work so well for you bunch in the USA.

      • (Score: 2) by Arik on Monday November 17 2014, @05:10PM

        by Arik (4543) on Monday November 17 2014, @05:10PM (#116819) Journal
        Unless your government gets the information from our government...

        --
        If laughter is the best medicine, who are the best doctors?
        • (Score: 0) by Anonymous Coward on Tuesday November 18 2014, @03:07AM

          by Anonymous Coward on Tuesday November 18 2014, @03:07AM (#117085)
          An extra step is still better.
    • (Score: 2, Interesting) by tftp on Monday November 17 2014, @09:50PM

      by tftp (806) on Monday November 17 2014, @09:50PM (#116958) Homepage

      There are about 6,800 TOR routers [blutmagie.de]. It is not beyond belief to presume that plenty of them are operated by the government. How many routers one has to control to trace a packet? Routers may not know the contents, but they know the time, the packet size, and perhaps the likely topology of the network. Most routers do not resolve to a domain name, and perhaps they are on a dynamic IP of Comcast or some other consumer level ISP.

      • (Score: 2) by wantkitteh on Tuesday November 18 2014, @12:12AM

        by wantkitteh (3362) on Tuesday November 18 2014, @12:12AM (#117022) Homepage Journal

        Given that the CIA are happy to aim drone strikes at people based on metadata, I'm sure the NSA et al are having a field day with ours.

  • (Score: 0) by Anonymous Coward on Monday November 17 2014, @04:34PM

    by Anonymous Coward on Monday November 17 2014, @04:34PM (#116795)
    • (Score: 0) by Anonymous Coward on Monday November 17 2014, @09:59PM

      by Anonymous Coward on Monday November 17 2014, @09:59PM (#116962)

      I'll get this posted again as "Is Tor not a Honeypot?" tomorrow and core dump the Internet.

  • (Score: 3, Interesting) by Anonymous Coward on Monday November 17 2014, @05:35PM

    by Anonymous Coward on Monday November 17 2014, @05:35PM (#116825)

    Well. The article brings up the idea that NS A uses T or and bitcoin for undercover operations and that civilian usage is there to mask gov. usage.

    • (Score: 0) by Anonymous Coward on Tuesday November 18 2014, @01:45AM

      by Anonymous Coward on Tuesday November 18 2014, @01:45AM (#117057)

      Hmm, coke in Iran-Contra, Bitlocker today! If your funding base is not secure, you can't really be a professional shadowy intelligence agency.

  • (Score: 2) by gallondr00nk on Monday November 17 2014, @05:42PM

    by gallondr00nk (392) on Monday November 17 2014, @05:42PM (#116830)

    We'll never actually know the truth. It's like the NSA revelations - there is no way to determine just how deep the surveillance goes. They sure as hell aren't going to tell us.

    It also wouldn't be unlike a government agency to deliberately inflate their capabilities. There is an optimistic part of me that thinks that they're completely incapAre the NSA capable? I don't know. able of half the things the Snowden revelations said they were.

    I still suspect that Tor is for the most part an uncompromised service. If they're so fucking smart, how come the original Silk Road operated for so long, despite a seemingly inept administrator?

    On the other hand, history teaches us just how far three letter agencies will actually go - CIA LSD experiments and cocaine smuggling, FBI wiretaps etc.

    • (Score: 2) by metamonkey on Monday November 17 2014, @06:14PM

      by metamonkey (3174) on Monday November 17 2014, @06:14PM (#116854)

      If they're so fucking smart, how come the original Silk Road operated for so long, despite a seemingly inept administrator?

      Because they don't give a shit about online drug deals. Same reason they didn't stop the Boston bombers. Unless you're a threat to the MIC, you're likely to avoid notice. However, once you are noticed, everything illicit you were doing on the internet (drugs, porn, warez, torrents) will be used to destroy you.

      --
      Okay 3, 2, 1, let's jam.
    • (Score: 2) by jcross on Monday November 17 2014, @07:32PM

      by jcross (4009) on Monday November 17 2014, @07:32PM (#116902)

      Also Silk Road may itself have been a honeypot of sorts. Whether or not the government created it, they may have seen it as more valuable running than not, at least for a time. During its rise to popularity, it would have been constantly feeding them new targets of interest, not necessarily related to drugs but maybe weapons, bomb supplies, hits, etc. At some point they could have started getting less useful information in proportion to the total illegal activity and so decided to feed info to the FBI to take it down. Or they got spooked that Snowden might reveal that they had known about it and failed to stop it, or participated in the market, or whatever. The perfect thing about Silk Road is that it's basically an entrapment machine for which the NSA can sort of claim their hands are clean, since it's not within their jurisdiction to intervene.

    • (Score: 2) by Gaaark on Monday November 17 2014, @11:58PM

      by Gaaark (41) on Monday November 17 2014, @11:58PM (#117008) Journal

      If they're so fucking smart, how come the original Silk Road operated for so long, despite a seemingly inept administrator?

      For the same reason the Allies picked and chose what targets to protect and which to let get bombed during WW2: to protect the fact that Tor WAS/IS compromised.

      --
      --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 0) by Anonymous Coward on Monday November 17 2014, @05:43PM

    by Anonymous Coward on Monday November 17 2014, @05:43PM (#116833)

    Let's see who is the most paranoid here. in 1. 2. 3....

  • (Score: 2) by novak on Monday November 17 2014, @06:20PM

    by novak (4683) on Monday November 17 2014, @06:20PM (#116857) Homepage

    No. You should have realized that from the Snowden revelations. Or from the many people not murdered by their government because they were able to hide their communications.
    Now, whether Tor is really very secure right now is a good question. It is possible that the NSA has just recently cracked it, and IS compiling a list of users. It has had bugs, and certainly isn't perfect, but it has a lot of people working to make it better. Maybe do that instead of spreading FUD.

    --
    novak
    • (Score: 2) by edIII on Monday November 17 2014, @07:19PM

      by edIII (791) on Monday November 17 2014, @07:19PM (#116895)

      It has had bugs, and certainly isn't perfect, but it has a lot of people working to make it better. Maybe do that instead of spreading FUD.

      Uhh, yeah... has anyone noticed that since Snowden what is being attacked are privacy protocols and software like TOR and TrueCrypt?

      Not just attacked, we've been left without confidence in everything. Whether or not TOR or TrueCrypt is truly intact is kind of beside the point now. It seems like somebody wanted to confuse us, make us argue, and mess with our tools. Where's the science? Oh right, we can't trust that either.

      Sounds like a psychological warfare program to me...

      --
      Technically, lunchtime is at any moment. It's just a wave function.
      • (Score: 2) by novak on Monday November 17 2014, @07:58PM

        by novak (4683) on Monday November 17 2014, @07:58PM (#116919) Homepage

        I agree. Tor is a basically good tool, whether it currently protects you or not. Fighting against those attacking Tor and other privacy tools should be the goal, not bickering about how fucked we are by the NSA.

        --
        novak
  • (Score: 2) by Ken_g6 on Monday November 17 2014, @08:30PM

    by Ken_g6 (3706) on Monday November 17 2014, @08:30PM (#116933)

    So, who wants to pay for an independent security audit of TOR?

    • (Score: 2) by novak on Monday November 17 2014, @10:06PM

      by novak (4683) on Monday November 17 2014, @10:06PM (#116964) Homepage

      I'd chip in some BTC at least. I hear they're considering a croudfunding campaign to upgrade hidden services as well.
      http://www.dailydot.com/technology/tor-crowdfunding-hidden-services/ [dailydot.com]

      --
      novak
      • (Score: 0) by Anonymous Coward on Tuesday November 18 2014, @04:04PM

        by Anonymous Coward on Tuesday November 18 2014, @04:04PM (#117275)

        gREAT question and answer.

        Maybe we can crowd fund an internet security review site.
        But then who is going to pay for the review of the review and so on.

  • (Score: 2) by jasassin on Monday November 17 2014, @10:50PM

    by jasassin (3566) <jasassin@gmail.com> on Monday November 17 2014, @10:50PM (#116976) Homepage Journal

    If it were used by more people for legit purposes, would it help anonymity overall? As it stands I trust truecrypt more because I don't hear about peoples truecrpt drives being cracked. The takedown of hundreds of hidden services leaves little room for doubt something is compromised.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
  • (Score: 1) by boltronics on Tuesday November 18 2014, @02:06AM

    by boltronics (580) on Tuesday November 18 2014, @02:06AM (#117068) Homepage Journal

    Could it be that governments are creating illegal websites behind hidden Tor addresses, and then after some time taking them down? That would be a good approach to discredit the software.

    --
    It's GNU/Linux dammit!
    • (Score: 2) by maxwell demon on Tuesday November 18 2014, @07:54PM

      by maxwell demon (1608) on Tuesday November 18 2014, @07:54PM (#117368) Journal

      That's indeed an interesting point. And a question for which we probably won't ever get an answer. Because no matter what the real answer would be, the official answer will certainly be "no".

      --
      The Tao of math: The numbers you can count are not the real numbers.