Stories
Slash Boxes
Comments

SoylentNews is people

Tor Project Mulls How Feds Took Down Hidden Websites

posted by janrinok on Monday November 10 2014, @06:14PM   Printer-friendly
from the your-help-is-needed dept.

AnonTechie writes that the Tor Project is asking the same question that we did on Saturday:

Little is known about how U.S. and European law enforcement shut down more than 400 websites, including Silk Road 2.0, which used technology that hides their true IP addresses. The websites were set up using a special feature of the Tor network, which is designed to mask people’s Internet use using special software that routes encrypted browsing traffic through a network of worldwide servers.

The Tor Project, is a nonprofit that relies in part on donations. The project “currently doesn’t have funding for improving the security of hidden services,” wrote Andrew Lewman, the project’s executive director, in a blog post on Sunday. ( https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous )

It is possible that a remote-code execution vulnerability has been found in Tor’s software, or that the individual sites had flaws such as SQL injection vulnerabilities. But Lewman wrote The Tor Project had little information on the methods used by law enforcement in the latest action.

“Tor is most interested in understanding how these services were located and if this indicates a security weakness in Tor hidden services that could be exploited by criminals or secret police repressing dissents,” he wrote.

http://www.pcworld.com/article/2845352/tor-project-mulls-how-feds-took-down-hidden-websites.html

[Related]: https://blog.torproject.org/blog/hidden-services-need-some-love

Can anybody help Andrew Lewman understand what happened ?

 
This discussion has been archived. No new comments can be posted.
Tor Project Mulls How Feds Took Down Hidden Websites | Log In/Create an Account | Top | 32 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by jasassin on Monday November 10 2014, @09:02PM

    by jasassin (3566) <jasassin@gmail.com> on Monday November 10 2014, @09:02PM (#114624) Homepage Journal

    They probably signed up as users on SR2 and tricked folks into clicking malicious links...which used browser vulnerabilities to inject code which called home.

    This gives the IP address of Silk Road 2.0 how? Identifying a stupid user of Silk Road 2.0 yes. Finding the IP address of Silk Road 2.0 itself, no.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 0) by Anonymous Coward on Monday November 10 2014, @09:21PM

    by Anonymous Coward on Monday November 10 2014, @09:21PM (#114630)

    the user that ran the site could have been a victim?

    • (Score: 2) by cykros on Wednesday November 12 2014, @01:27AM

      by cykros (989) on Wednesday November 12 2014, @01:27AM (#115030)

      Sure...if he was browsing from the server that SR2 was hosted on.

      The guard discovery attack seems a pretty likely method, especially considering that this wasn't a single server that was popped, but several (though not 400+, as some sources have mistakenly reported...it was 400+ URL's on ~27 actual sites). Good news here is that this only really affects those hosting hidden services, rather than those using Tor as a client. Bad news is, there's not really anything that can be done to prevent it against a determined attacker.

      I'm curious if I2P has any similar problem, or it it'd be for now a much better approach to hosting darknet services, while suggesting the use of Tor more for browsing the open Internet anonymously. My basic understanding seems to suggest this makes sense, but by all means, I'd love to hear if anyone has any insight on the matter.

      • (Score: 2) by urza9814 on Wednesday November 12 2014, @04:25PM

        by urza9814 (3954) on Wednesday November 12 2014, @04:25PM (#115245) Journal

        I would expect Freenet would be even more secure than I2P...although it has its own drawbacks as well.

        The difference is, you don't run servers on Freenet. You insert data, which gets broken up and distributed to other nodes. How are you going to bust the server when *there is no server*?

        • (Score: 2) by cykros on Thursday November 13 2014, @09:56PM

          by cykros (989) on Thursday November 13 2014, @09:56PM (#115676)

          There are definitely some pros and cons to consider, but at least in terms of making sure the content you're hosting stays up, I'd say you're absolutely right. It won't help necessarily keep the armed men from kicking down your door if they can deobfuscate the source of the data, but it will at least make sure it stays up.

          On the other hand, I've yet to encounter any instances of the kind of interactive marketplace type sites like the Silk Road on Freenet. It's been quite awhile since I last looked at it, but perhaps someone a little more clear on the mechanisms of it can illuminate whether or not it's even feasible to have such a similar system. Based on my admittedly limited understanding of how it works, it seems to me there may very well be some technical obstacles for this specific use case, which I2P may be more suited for due to architecture. Though, it is of course worth pointing out that even on I2P, there is the problem of BTC not actually being compatible...but Anoncoin and potentially others would be an option (even if they aren't particularly recognized by any particularly large userbase, making them a bit problematic at this stage to be relying on, even far moreso than the well documented potential issues that arise from the use of Bitcoin or cryptocoins in general).

          At the end of the day, this stuff is all experimental software...user beware!

          • (Score: 2) by urza9814 on Friday November 14 2014, @01:19PM

            by urza9814 (3954) on Friday November 14 2014, @01:19PM (#115885) Journal

            Yeah, I used to do some development related to Freenet, but that was a long time ago. I haven't really used it since the 0.5/0.7 split, so at this point most of my knowledge about it is largely theoretical, and based on running the network on old hardware on a 6megabit connection -- so hopefully it's a bit better now ;)

            However, at the time that I used it, there were already a few attempts to have set up something like Craigslist. The biggest problem was payment though -- this was years before Bitcoin. There was a lot of talk about how to design a crypto-currency and how that would enable Freenet marketplaces, but obviously none really took off without that.

            With Bitcoin now...you could make it work, but it would probably be pretty slow to make and confirm transactions. You can't really have anything that's interactive, but payments don't necessarily need to be. Seller posts what they've got and what the price is, buyer messages them and provides bitcoin data, seller ships the goods. With the price fluctuations on Bitcoin it'd probably be marked up even more than Silk Road already is though, since your payment could be in transit for as long as several hours.

            • (Score: 2) by cykros on Monday November 17 2014, @03:39PM

              by cykros (989) on Monday November 17 2014, @03:39PM (#116761)

              Other than the time delay, that sounds better than what people have been doing on Tor in quite a few ways. The less interactivity, at least when it comes to the web, generally means the smaller the attack surface. Scripting in general is best left for the clear net. I'd be curious if Bitcoin would work with Freenet, or if it'd need its own cryptocoin like I2P does, due to network design, as that would definitely pose an issue with getting the ball rolling (if you think Bitcoin is unstable with a small userbase, just think about how fun doing business with Anoncoin must be...).