Slashdot Mirror

← Back to Stories (view on slashdot.org)

Half of Tor Sites Compromised, Including TORMail

Posted by samzenpus on from the out-of-action dept.

First time accepted submitter elysiuan writes "The founder of Freedom Hosting has been arrested in Ireland and is awaiting extradition to USA. In a crackdown the FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network have been compromised, including the e-mail counterpart of TOR deep web, TORmail. The FBI has also embedded a 0-day Javascript attack against Firefox 17 on Freedom Hosting's server. It appears to install a tracking cookie and a payload that phones home to the FBI when the victim resumes non-TOR browsing. Interesting implications for The Silk Road and the value of Bitcoin stemming from this. The attack relies on two extremely unsafe practices when using TOR: Enabled Javascript, and using the same browser for TOR and non-TOR browsing. Any users accessing a Freedom Hosting hosted site since 8/2 with javascript enabled are potentially compromised."

6 of 583 comments (clear)

  1. We are living in interesting times by Cynops · · Score: 5, Interesting

    Looks very much like the three letter agencies decided it's time now to start playing hardball.

    1. Re:We are living in interesting times by plover · · Score: 5, Interesting

      If anyone else used exploits to screw with people, it would be called hacking and they'd probably go to prison, but when the FBI does it, it's 'okay.'

      Actually, a judge has yet to find whether it's OK or not. The admissibility of the evidence in these cases is going to hinge on whether or not it was collected through legal means. And no matter which way the judge finds, the loser is going to appeal. As far as I know, this is all untested legal ground.

      --
      John
    2. Re:We are living in interesting times by Will.Woodhull · · Score: 5, Interesting

      It is a legal arena defined by the new secret laws whose application is subject only to the new secret courts.

      Congress is not going to do anything about this. Hell, they cannot even decide which hand they should use to wipe their collective ass. The Obama Administration might be complicit in this, or it might have its hands tied. Because the secret courts have the authority to issue secret injunctions against any organization, including other parts of the Federal government, it is possible that Obama has no effective oversight on what they are doing. They seem to report to the Judicial Branch, not the Executive Branch. And the Judicial Branch was not constituted to manage this kind of execution of law.

      We are now beginning to see how a rogue element has managed to gain control of significant Federal powers while remaining outside of any of the constitutional checks and balances.

      This is not going to end well.

      --
      Will
    3. Re:We are living in interesting times by cervesaebraciator · · Score: 5, Interesting

      I rather agree with Hayek's views on central planning. But central planning is not the only road to servitude and even the path of classical liberalism can lead to such an end, as Hilaire Belloc warns in The Servile State (it may be found here free, here in paper, and here for free on audio). I sometimes find it interesting, in spite of my libertarian leanings, to consider third ways, apart from the old collectivist/individualist dichotomy.

  2. Be smarter by Anonymous Coward · · Score: 5, Interesting

    First of all, use Whonix to access Tor, never the same browser you use for any other purpose.
     
    Second, use Firefox with a JonDoFox profile which is not included in Whonix Workstation by default.
     
    Third, go to ip-check.info and run the test on your browser. Everything should be green or yellow at the worst. If you see anything in red, fix it before you go to any questionable site. Finally, make sure you don't have any DNS Leaks in your host OS by running this test also from your regular host browser. Don't use or trust DNS from your ISP.
     
    If you want to be extra-cautious, run the Whonix Gateway after you establish a VPN connection. Choose an offshore provider that has multi-hop technology to avoid traffic analysis. I'm using iVPN who is located in Malta.

  3. Re:Computer Intrusion by Anonymous Coward · · Score: 5, Interesting

    Everybody has a tipping point. I think for US it's going to be the Big Brother issues.

    I'm from Turkey and for us the tipping point was a park.

    For years, we had been suffering the same politics of fear that I see in US. The government was practically putting anyone (particularly people speaking against them) under surveillance, making journalists wait in custody for years before even having their trials, suing people in a corrupt justice system just for speaking their minds using something equivalent of the Patriot Act. The freedom of speech was no where to be seen.

    During all this time, what stopped people from acting was the feeling of being alone and powerless. And that's what happens when all the media is corrupt and distorting and hiding what's really going on. But people were no fools. Thanks to the internet, there were ways of knowing what's really been going on and people have been getting the news.

    So one day, police attacked hundreds of people who were having a sit-in for saving a park and the trees in it with. Anger overwhelmed fear and in a few hours millions were on the street, protesting. I had seen nothing like this. People coming out of Yoga classes were throwing tear gas grenades back to the police. Mothers were preparing solutions to use against the effect of pepper spray. Nobody was afraid of being against the police anymore. The whole story is really interesting, from using google maps to track and distribute police movements to a whole series of sub-culture graffiti on the walls of Istanbul. If you want to learn more, visit this, this and this link.

    This lasted for two weeks. For the first five days there was *nothing* on TV or newspapers about this. This was an eye opener for the people who have seen what wasn't being reported. It was what they needed for reverse-engineering the mass-media and bypassing it with social media.

    Now everything is calmer, at least in appearance. But the change that people have gone through is an irreversible process. And I think it is, or will be, of a much important consequence than over-throwing an oppressive government. Because the problem doesn't reside within a single government. It's this whole inhumane, ecologically unmaintainable, unjust system and it is all around the world. We all need to open our eyes and do something about it.