Slashdot Mirror
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
MikeatWired writes "It wasn't ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting's operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It's not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July. On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn't respond to inquiries from WIRED today. But FBI Supervisory Special Agent Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marque behind bars."
According to the summary: On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page.
The FBI didn't serve any child porn. While they had control of the servers, the sites served nothing but an error page with their trojan.
Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.
Only for very specific definitions of "caught" - back in 2007 we were pretty sure they had fucked with Dual_EC_DRBG.
When information is power, privacy is freedom.
The bank account in Las Vegas means that he was paying for (and perhaps profiting from) the servers. That provides US jurisdiction no matter where the data was being stored. The same thing happens around the world: if part of an action happens within a given country and it's illegal in that country, jurisdiction applies. They may have to work through extradition, but in this case, France may also look to get a piece of him, especially if he's not convicted in the US. France may then go through extradition to get him into their courts for storing child porn on French soil.
You can never go home again... but I guess you can shop there.
They had control of the servers since late July (citation: the summary, try reading it). They started serving malware in August.
What calender are you using during which August comes before July? Or did I miss the announcement that we'd have a dozen or so extra leapdays this year?
You can't win by moving to another country. As much as Germany got up in arms about the NSA spying on it, German intelligence agencies have also been found to be skirting their own laws regarding monitoring people. If you want to move you have to find a country that is:
* Not part of UKUSA (knocking out United States, Canada, Australia, New Zealand, and the UK)
* Not part of NATO (knocking from the list Albania, Belgium, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Turkey)
* Not extremely friendly to or reliant on US intelligence assets (removing Japan, Thailand, the Philippines, Israel, and much of South America)
* Not part of the former Soviet Union (even Ukraine is working closely with Moscow these days)
* Not making a public point of monitoring its residents (China, India, and others)
* Still reasonably democratic and not horribly corrupt (seriously, US corruption has nothing on most of the world)
The list gets very small at this point. You have Finland and Sweden, but they're not trivial places to move to weather-wise unless you've lived in, say, Alaska or Maine, and Sweden may have been working with the NSA and/or monitoring its residents. Switzerland is also a possibility. But these require some very significant personal choices, involve massive lifestyle changes, and may not be possible as even the short list of nations that do fit the bill don't make immigration easy.
You can never go home again... but I guess you can shop there.
This might be the story, or at least a similar one: http://www.wlox.com/story/23305442/look-back-mike-byrds-career-as-sheriff
http://www.wlox.com/story/23301502/byrd-indictment-details-charges-involving-surveillance-sex
might be more relevant
http://ftpcontent4.worldnow.com/wlox/Byrd%20Indictment.pdf
However although there are charges essentially relating to misuse of police resources and abuse of his position. There are no charges relating to planting of evidence with regards to the 2 cases of child porn and cannabis where the defendants were cleared. However if there were such charges then you would have to assume that any cases brought by his department may be tainted and that is a massive can of worms to open.
Blarney Quality Restaurant, Plants
That's a bad one, since he hacked an American server.
A better one would have been Richard O'Dwyer, who had never been on the U.S. and that the Americans demanded to be extradited because he had a website set up for streaming TV shows.
Corrupt sheriffs and cops getting busted for planting evidence against political opponents is all-too-common where I'm from in the South. I can think of dozens of cases just off the top of my head. It's almosr a shock here to encounter cops who AREN'T corrupt.
SJW: Someone who has run out of real oppression, and has to fake it.
That's a common argument that is told to conservatives to convince them that the ACLU is an evil liberal organization who should be hated. It was, as you point out, originally created to defend Communists from unconstitutional harassment, but that had a lot to do with the fact that Communists and people with communist ideas were unconstitutionally targeted by the US government from about 1880 until about 1990.
Some examples of causes the ACLU has helped protect their civil rights:
- National Socialist Party of America.
- Westboro Baptist Church
- atheist Michael Newdow
- NAMBLA
- Anyone who drives
- Anyone who wants to be able to view adult images on the Internet
- Senator Mitch McConnell (R-KT)
- An ISP that didn't want to spy for the government
I am officially gone from
So. has TOR now been permanently compromised?