SoylentNews is people
SoylentNews
from the the-user-is-the-weakest-link dept.
From the Wired article, "Instead of going for the easy bust, the FBI spent a solid year surveilling McGrath, while working with Justice Department lawyers on the legal framework for what would become Operation Torpedo. Finally, on November 2012, the feds swooped in on McGrath, seized his servers and spirited them away to an FBI office in Omaha.
A federal magistrate signed three separate search warrants: one for each of the three hidden services. The warrants authorized the FBI to modify the code on the servers to deliver the NIT to any computers that accessed the sites. The judge also allowed the FBI to delay notification to the targets for 30 days."
The FBI modified the .onion sites to serve a malicious script which was used to de-anonymize users. It's worth noting that only those using Tor improperly would be vulnerable. The FBI tracking payload required scripting to be enabled in the browser--a common blunder among inexperienced Tor users.
(Score: 1) by wantkitteh on Wednesday August 06 2014, @04:59PM
I'd be interesting in finding out exactly how they located the servers - as would Ross Ulbrecht [theregister.co.uk].
(Score: 4, Informative) by keplr on Wednesday August 06 2014, @05:13PM
It's in the article, "Tor hidden services mask their locations behind layers of routing. But when the agents got to a site called Pedoboard, they discovered that the owner had foolishly left the administrative account open with no password. They logged in and began poking around, eventually finding the server's real Internet IP address in Bellevue, Nebraska."
So it wasn't a genius SIGINT op attacking the Tor network, just a hilariously incompetent sysadmin.
I don't respond to ACs.
(Score: 4, Insightful) by tathra on Wednesday August 06 2014, @05:41PM
or at least thats what they're claiming. anybody who knows that parallel construction [wikipedia.org] exists, and is in fact SOP, [muckrock.com] yet still believes the claims of LEOs is incredibly naive.
(Score: 4, Insightful) by keplr on Wednesday August 06 2014, @05:44PM
Correct. I should have mentioned that's the official story, so it's necessary to remain skeptical. However, incompetent criminals do exist, and naturally these are the ones who tend to get caught and reported on.
I don't respond to ACs.
(Score: 3, Interesting) by Runaway1956 on Wednesday August 06 2014, @06:20PM
http://www.cse.hut.fi/en/publications/B/11/papers/salo.pdf [cse.hut.fi]
Given governmental authority to barge into any ISP anywhere, NSA/FBI/whoever can set up their own routers anywhere. And, maybe they already have them everywhere, who knows?
Analyzing the traffic of several routers, someone can make an educated guess where the traffic is coming from. Set up a few more routers close to the guess, and analyze some more. If it looks like you're close, set up even more routers in proximity, then start poisoning the routing information. Soon, the target is sending all his data across servers that you control.
The feds don't have infinite resources, but they have a lot. They can and will zero in on a high value target, sooner or later.
Abortion is the number one killed of children in the United States.