Monday, August 5, 2013

Goodbye Anonymous Surfing, The Feds Crack TOR,

This ain't good.
As a matter of fact, this is very, very, bad.

BREAKING: HALF OF TOR SITES COMPROMISED, INCLUDING TORMAIL

The founder of Freedom Hosting has been arrested in Ireland and is awaiting extradition to USA.

In a crackdown that FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network has been compromised, including the e-mail counterpart of TOR deep web, TORmail.

http://www.independent.ie/irish-news/courts/fbi-bids-to-extradite-largest-childporn-dealer-on-planet-29469402.html

This is undoubtedly a big blow to the TOR community, Crypto Anarchists, and more generally, to Internet anonymity. All of this happening during DEFCON.

If you happen to use and account name and or password combinations that you have re used in the TOR deep web, change them NOW.

snip

A few days ago there were mass outages of Tor hidden services that predominantly effected Freedom Hosting websites.

"Down for Maintenance
Sorry, This server is currently offline for maintenance. Please try again in a few hours."

If you saw this while browsing Tor you went to an onion hosted by Freedom Hosting. The javascript exploit was injected into your browser if you had javascript enabled.

What the exploit does:

The JavaScript zero-day exploit that creates a unique cookie and sends a request to a random server that basically fingerprints your browser in some way, which is probably then correlated somewhere else since the cookie doesn't get deleted. Presumably it reports the victim's IP back to the FBI.
snip

Now get a load of this, the fucking FBI actually RAN a child porn site for two fucking weeks trying to nail as many sick fucks as they could.

There is a lot of technical jibber jabber in the first article about just how they injected the Java code and to be honest they might as well be talking Portugese for the sense I can make of it.

I will give you their take on it.

Short version. Preliminary analysis: This little thing probably CAN reach out without going through Tor. It appears to be exploiting the JavaScript runtime in Firefox to download something.

UPDATE: The exploit only affects Firefox 17 and involves several JS heap-sprays. Note that the current Extended Support Release is Firefox 17, so this may also affect some large organizations using Firefox ESR.
snip

Logical outcomes from this?

1. FBI/NSA just shut down the #1 biggest hosting site and #1 most wanted person on Tor

2. Silkroad is next on their list, being the #2 most wanted (#1 was Child Porn, #2 is drugs)

3. Bitcoin and all crypto currenecies set to absolutely CRASH as a result since the feds can not completely control this currency as they please.

I can applaud their intent to stop the kiddie porn but they went fishing and now the whole TOR network is completely fucked in my opinion.

I wouldn't trust that motherfucker to tell me the time of day straight at this point and I sure as shit won't be asking.

I have been using TOR off and on for about a month and a half.

I kept having issues with things like YouTube and Google thinking that I was some kind of Spammer so I wound up turning it off.

Now I am just going to delete the fucking thing.

It is dead to me.

Any Tech geeks out there that can suggest an alternative for someone like me who doesn't know Jack Shit about code or programming would be greatly appreciated.


H/T to a link found at SurvivalBlog.




3 comments:

Sixbears said...

Thanks for the heads up. Dropped using such services years ago as I figured they were big targets. Discovered one anonymous surfing provider most likely was tied direct to some three letter agency. Turned me off on the whole thing.

BadTux said...

I came up with a half dozen attacks against TOR back when I was interested in such things and concluded that while it had its uses in allowing dissidents in foreign countries to communicate, the fact that so many TOR servers were in NSA or NSA-friendly countries meant that it was useless for purposes of privacy against U.S-based TLA's. To be fair, the EFF never claimed it was NSA-proof. Regarding anonymous surfing providers, I assume that they are all run by TLA's. They have their uses but privacy against government surveillance isn't one of them.

Robert Fowler said...

http://oathkeepers.org/oath/2013/08/03/warning-someone-is-trying-to-set-up-liberty-activists-using-child-porn/

Whoever did this was using tor mail. I'm wondering if there is a connection.

Fair Use Notice

Fair Use Statement: This site may contain copyrighted material, the use of which may not have been authorized by the copyright owner. I am making such material available in an effort to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. I believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: “http://www.law.cornell.edu/uscode/17/107.shtml” If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.