SoylentNews is people
SoylentNews
Silk Road 2.0 and 400 other sites believed to be selling illegal items including drugs and weapons have been shut down. The sites operated on the Tor network - a part of the internet unreachable via traditional search engines. The joint operation between 16 European countries and the US saw 17 arrests.
Although details of how the sites were identified are not given, it does suggest that software now exists that removes the veil that behind which the DarkNet once hid. Any Soylentils have any ideas of how this might be achieved? This story might be the clue.
More information can be found here : http://www.bbc.co.uk/news/technology-29950946
This discussion has been archived.
No new comments can be posted.
Huge Raid to Shut Down 400-plus DarkNet Sites
|
Log In/Create an Account
| Top
| 31 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Besides, REAL computers have a rename() system call. :-)
-- Larry Wall in <7937@jpl-devvax.JPL.NASA.GOV>
(Score: 4, Interesting) by edIII on Saturday November 08 2014, @10:55PM
I don't necessarily agree with you on the implementation, but the basics are if you control the whole network there is no anonymity.
TCP/IP isn't designed for anonymity and it certainly doesn't support it. What TOR does is provide a deniable property to communications, but only as a matter of scope. It's not a true property, or in other words, emergent. The real problem is that regardless of hidden services, it's possible for Eve to record all of the traffic activity with known addresses (TCP/IP can't support anything else).
Your neighbor might not be able to defeat that deniable property, your local law enforcement or ISP couldn't defeat that deniable property, but a national intelligence community collecting packets from all the Tier 1 providers just might.
If you collect enough instances of the traffic (especially if you initiate it) I'm sure that math and science support the notion that you could determine a likely node with a suitable degree of confidence. It's 100% confidence to nail you in court (theoretically), but it can be much less to identify a lead in an investigation which likely screws you with surveillance ultimately. I can't possibly see how over time an attacker is gaining more and more nodes involved in these illicit communications and not being able to identify nodes accessing it more often.
What TOR has to overcome is a design in which it's assumed all network traffic activity is recorded for the whole network all the time, in addition to ensuring an equal distribution of access to services across the entire TOR network. Anything less, and it starts becoming apparent that the child porn is hitting your TOR node far more often than statistically believable. At that point, it seems like a five minute conversation with the judge and FBI as to whether or not they can install malware. Which is of course hilarious. The FBI asking permission.
Delivering anonymity in the light of who we are really trying to be anonymous from, is a little disheartening.
Although, my intuition tells me this has much less to do with TOR onion routing protocols and topology, and is more likely to be tools to gain access remotely through an .onion addressed server and then initiate identification from the remote end directly akin to tracing wires in a building. With everything else coming to light about the seemingly massive critical bugs in our software it's not an entirely unfounded fear as an attack vector. So we shouldn't throw the TOR network away yet and claim it's tainted.
If I was operating a TOR hidden service I would do everything absolutely possible to look at information leakage through interactions with the service itself. This includes firewall rules to prevent a server from sending out packets at all unless it's routed through the TOR network.
Additionally, I wouldn't be so adverse to the idea of researchers creating fake criminal honeypots to see if they can catch the intelligence apparatuses at work and determine how they are doing it so we can put a stop to it. What's the difference between Mafia Wars and real life? Perspective.
Maybe we should all just create a massively fun game where we sell and send plastic bags of "weed" and "coke" you can buy from the grocery store, and create Darknets to do it. I'm betting that might be the most effective way to put a monkey wrench into their toy.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 1, Insightful) by Anonymous Coward on Sunday November 09 2014, @03:35AM
Bad idea. Selling obviously fake drugs under the impression that they're real will get you convicted for trafficking. Thats not a new thing either, its been happening for decades. Although on the plus side, this "game" would force more people to realize how destructive prohibition is by ruining even more innocent lives.
(Score: 0) by Anonymous Coward on Sunday November 09 2014, @06:13AM
> It's 100% confidence to nail you in court (theoretically),
My understanding that "beyond reasonable doubt" is reckoned to be about 75% confidence
(Score: 2) by cafebabe on Saturday November 15 2014, @01:24PM
Default route considered harmful [wikipedia.org].
1702845791×2