Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Admits It Controlled Tor Servers Behind Mass Malware Attack

Posted by timothy on from the something-you'd-wish-was-hard-to-believe dept.

MikeatWired writes "It wasn't ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting's operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It's not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July. On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn't respond to inquiries from WIRED today. But FBI Supervisory Special Agent Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marque behind bars."

13 of 292 comments (clear)

  1. The NSA controlled the servers by Anonymous Coward · · Score: 5, Interesting

    Nope, the NSA controlled the servers, it led to an NSA controlled IP address and they have the hackers needed. The BIG FAT LIE was that this block could be used by other agencies. Since potentially NSA broke the law for USA domestic Tor users, we have the FBI stepping forward to take the blame.

    But we know its the NSA that tracks and monitors TOR because it was in their leaked document as one of their many excuses for surveillance:
    http://www.theguardian.com/world/interactive/2013/jun/20/exhibit-b-nsa-procedures-document

    Also go read the first leaked warrant that let the NSA collect all the data (link below), it had the FBI's name on it. It was an FBI request to hand the data from Verizon's phone records to the NSA, a simple reacharound the domestic spying laws. The FBI acts as wing man for the NSA:

    http://www.theguardian.com/world/interactive/2013/jun/06/verizon-telephone-data-court-order?guni=Article:in%20body%20link

    FBI doesn't have the experts, or the IP address or the interest in Tor, it was NSA and it was timed just as the NSA was trying to prevent further leaks from its own analysts. At best the FBI simply provides the excuse, as it did with the Verizon incident.

    1. Re:The NSA controlled the servers by innocent_white_lamb · · Score: 5, Interesting

      TFA sez "The official IP allocation records maintained by the American Registry for Internet Numbers show the two Magneto-related IP addresses were part of a ghost block of eight addresses that have no organization listed. Those addresses trace no further than the Verizon Business data center in Ashburn, Virginia, 20 miles northwest of the Capital Beltway."
       
      So it's not clear if those addresses belong to the FBI, the CIA, NSA, or anyone else.
       
      Is this even "legal" on the Internet? Perhaps those IP addresses should be reclaimed and reassigned by ARIN since "nobody" is using them and IPV4 addresses are now in short (nonexistent) supply.

      --
      If you're a zombie and you know it, bite your friend!
  2. Re:So the FBI hacked servers to find pedos? by DoubleJ1024 · · Score: 5, Interesting

    You joke about that but the county next to mine just had the sheriff arrested for that very thing. He would find his opponents or others who made him angry, arrest them for child porn, plant the child porn, and then splash their name all over the news to ruin their reputation. He finally got caught when he arrested the wrong person. This guy called the FBI and the County District Attorney, who both pressed charges against him. I think the total charge count is around 30 felony counts of evidence tampering, witness tampering, intimidation, and other corruption issues. This stuff is too good to be made up sometimes.

  3. What the fuck is going on? by Kevin+Fishburne · · Score: 5, Interesting

    How is any of this remotely legal? Every day we have a new article explaining how the feds have been pounding our apparently imagined liberties in the goat ass, they get 300-500 comments (a lot for ./ these days) and then nothing happens. I'm a healthy skeptic, but this is literally the paranoid conspiracy-theorist's worse nightmare incarnate. I'm flabbergasted. In all seriousness, do we need to just move to a different country at some point? Is this what the start of a pseudo-democracy looks like and we just can't believe the warning signs are real? Just crazy...

    --
    Buy your next Linux PC at eightvirtues.com
  4. Re:So the FBI hacked servers to find pedos? by Martin+Blank · · Score: 5, Interesting

    If there's a court order behind this, it's less problematic in my mind. Not all court orders are publicized even by normal courts; search warrants aren't provided to the targets to challenge before execution precisely so they can't hide or destroy evidence.

    The problem I have with this operation is that it was conducted on servers located in France, which means that either French law enforcement was also involved (very possible) or the FBI is hacking servers across international boundaries. That puts at risk any agents involved as they could be tried under French law for such trespass, though given that it was to deal with child pornography, the political result is that it probably wouldn't result in much more than a warning.

    --
    You can never go home again... but I guess you can shop there.
  5. Re:So the FBI hacked servers to find pedos? by Apothem · · Score: 3, Interesting

    So what source do you have to prove this?

  6. Re:Takeaway: The FBI Served Up Child Porn by Pseudonym+Authority · · Score: 4, Interesting

    *.onion sites do not work that way. They are hosted within the Tor network itself, and should never see an exit node. The only thing the server communicates with is localhost, on a port that Tor runs on. They are designed to protect the identity of the server operator, but are also useful in that they can get around almost any NAT bullshit going on. Anyway, the FBI would have to be actively running those servers that were serving child porn, so they don't get a pass with that excuse.

  7. Re:So the FBI hacked servers to find pedos? by JohnVanVliet · · Score: 3, Interesting

    not correct
    for some yet to be explained well reason
    ff 17.0 and up in the tor-bundle
    have "allow javascript " turned ON BY DEFAULT !!!!!
    you as the user must DISABLE IT !!!!!!

    the BS reason so far has been
    "we want more people to use tor on the "clear net" and most clear-net sites NEED javascript

    --
    "I don't pitch OpenSUSE Linux to my friends, i let Microsoft do it for me
  8. Re:So the FBI hacked servers to find pedos? by xenobyte · · Score: 2, Interesting

    "The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H. L. Mencken

    Brilliant, as most of the stuff Mencken said/wrote!

    --
    "For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
  9. Re:So the FBI hacked servers to find pedos? by Dogtanian · · Score: 4, Interesting

    France should take it as such too! Surrender in 5...4...3...2...

    Dude, it's 2013, not 2003. France are the US's new best chums now, because they were going to help with the planned strikes in Syria. In fact, John Kerry referred to France as their "oldest ally" in a manner widely interpreted as a snub to the UK, whose parliament had voted against taking part (although the Prime Minister had been in favour).

    Of course, we've been here before with the positions reversed- we all remember when the UK went along with the Iraq war and France were against, how pathetically childish Bush was towards France and how he publicly flattered the UK and Tony Blair as the US's closest ally and best chum. Of course, Blair being an egotistical ***** continued sucking up to the US in the belief that this would buy further influence over them long after it was obvious to anyone that the US only did what it would have done anyway (and admitted as much in private). I commented on this circa 2007 and also noted that- even though Bush was still in power then- France (and Germany's) defiance of the US earlier in the decade had not resulted in any long term damage to their relationship with them, just as the UK had not gained any substantial influence with its sucking up.

    In short, even if one is an amoral realpolitician (realpolitikian?!), it shows that public sucking-up to- and being publicly flattered as a junior partner by- the US buys little substantial long-term influence, and isn't worth worrying about as much as paranoid-about-losing-global-power British leaders like to think.

    --
    "Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
  10. Re:So the FBI hacked servers to find pedos? by dissy · · Score: 4, Interesting

    So let's follow your logic to its final conclusion.

    I accuse you of being a pedophile. By your own admission, you now have NO rights what so ever, as pedophiles don't have the right to rape children, which I claim you did.

    I have a secret court order that I can't show you, and you can't even tell anyone about under penalty of death.
    You'll just have to trust me on that one (Clearly not a problem for one such as yourself who admits people such as yourself have no rights)

    Now you have just given me the right to murder you, I mean "kill you" as you put it. (Murder is the crime, killing is when its legal like this)

    If you resist, I can rely on the fact you have no rights due to being called a pedophile that rapes children, which you have no right to do, and you make no distinction based on if you have actually done it or not so thankfully that detail doesn't matter.

    If you DON'T resist, I can also kill you, since the secret court order I can't show you says I can, despite the fact you can't even verify that as truth.

    Lastly, not only are you dead, but due to your opinions on the law, literally anyone can kill anyone else using the same rules you setup justifying your own murder.

    Way to destroy freedom, pedo!

  11. Re:So, is TOR worthless now? by Anonymous Coward · · Score: 2, Interesting

    It was never designed to provide a level of anonymity which would allow you to do incredibly illegal things like buy controlled drugs and download CP, and anybody using it for those activities is retarded. It's a censorship evasion mechanism, that's all. It's an open network, only does 3 hops, is relatively low latency, outproxies to the regular web, and a lot of nodes are outdated versions still using older encryption which is known breakable. Given the NSA's resources and what we now know about their capabilities this means they can fairly easily mount network takeover, Sybil, timing, endpoint compromise and cryptographic attacks against Tor and evidently they have been doing all of those.

    The question was never "is Tor compromised" but rather "how badly."

  12. Re:So, is TOR worthless now? by Anonymous Coward · · Score: 2, Interesting

    Also the Tor routing algorithm favours fast nodes with high speed links, which is a pretty blatant tradeoff of security for performance. All the NSA has to do is set up a few thousand "supernodes" and stealthily DoS its competitors (who do in fact report getting DoS'd by someone or other) and they can control enough of the network to compromise many communications, for the equivalent of some change they found down the back of their sofa relative to their huge budget.