SoylentNews is people
SoylentNews
from the the-user-is-the-weakest-link dept.
From the Wired article, "Instead of going for the easy bust, the FBI spent a solid year surveilling McGrath, while working with Justice Department lawyers on the legal framework for what would become Operation Torpedo. Finally, on November 2012, the feds swooped in on McGrath, seized his servers and spirited them away to an FBI office in Omaha.
A federal magistrate signed three separate search warrants: one for each of the three hidden services. The warrants authorized the FBI to modify the code on the servers to deliver the NIT to any computers that accessed the sites. The judge also allowed the FBI to delay notification to the targets for 30 days."
The FBI modified the .onion sites to serve a malicious script which was used to de-anonymize users. It's worth noting that only those using Tor improperly would be vulnerable. The FBI tracking payload required scripting to be enabled in the browser--a common blunder among inexperienced Tor users.
(Score: 2) by metamonkey on Wednesday August 06 2014, @06:23PM
Since the FBI was hosting the honeypot and would also be defining the threshold of an arrest-worthy offense, I would assume they would take this into account. On the Google Analytics dashboard I have for my website it shows you the bounce rate. What percentage of people never make it past your first page, and how long they stuck around for. Since this attack worked by running a script in the target's browser, I would imagine they could record such information.
I'm doing a lot of imagining here, but I would also imagine they would want to record such information as it would help the prosecution's case. If there's a mens rea requirement to the applicable laws (and there always should be, but the last 20 years of legislation, not so much) then the prosecution would have to prove that the defendant knowingly and willfully accessed this information. "I clicked on it, it opened up, and the instant I saw what it was I closed the browser" is a legitimate defense. So having a log from the server and script showing that the defendant opened up the site, looked at the front page for 30 seconds and then went through clicking every link would be useful evidence.
Okay 3, 2, 1, let's jam.
(Score: 2) by bob_super on Wednesday August 06 2014, @06:57PM
> On the Google Analytics dashboard ...
I'm not paranoid enough to use TOR, but my NoScript has been told to always block Google Analytics and similar scripts. What are the odds that the feds would have and be willing to use that actual information, rather than pat themselves on the back for filling more jail cells?
(Score: 2, Interesting) by Anonymous Coward on Wednesday August 06 2014, @07:02PM
> If there's a mens rea requirement to the applicable law
There is no mens rea requirement for child abuse imagery, [yalelawtech.org] only the discretion of the prosecutor. Given just how eager people are to turn off their minds when it comes to images of child abuse, the prosecutor has everything to lose if he does not prosecute. Just look at all those cases where they've prosecuted teenagers for sexting under the theory that they were manufacturing images of child abuse.