Drug Case In Ireland Has Fingerprints of Carnegie Mellon's Attack On Tor

← Back to Stories (view on slashdot.org)

Drug Case In Ireland Has Fingerprints of Carnegie Mellon's Attack On Tor

Posted by samzenpus on Monday December 21, 2015 @12:39PM from the tainted-fruit dept.

blottsie writes: Newly released evidence shows that Irish detectives who worked the case of two convicted drug dealers may have also used data obtained through CMU's Software Engineering Institute's methods. Mannion and O'Connor were arrested on Nov. 5, 2014, according to a database of Dark Net arrests created by independent researcher Gwern Branwen. That's the same day that the owner of Silk Road 2.0, the replacement for the infamous drug marketplace Silk Road, was arrested. The IP addresses of Silk Road 2.0 were provided to the FBI by a "source of information," according to a search warrant in another case impacted by the attack on Tor, which court documents later confirmed was a university-based research institute.

72 comments

Min score:

Reason:

Sort:

Good Read by alphamore · 2015-12-21 12:54 · Score: 0

Good read, thanks.
Good for CMU. by Nutria · 2015-12-21 12:54 · Score: -1, Flamebait

At last a University doing something besides being left-wing and libertarian idiots.

--
"I don't know, therefore Aliens" Wafflebox1
1. Re:Good for CMU. by Anonymous Coward · 2015-12-21 13:01 · Score: 1
  
  What university promotes libertarian thought in any way shape or form? Seriously, I'd love to know.
2. Re:Good for CMU. by Kernel+Kurtz · 2015-12-21 13:01 · Score: 1
  
  Kids need to be taught that spying on each other is normal and good long before university.
  (cough)
3. Re:Good for CMU. by Anonymous Coward · 2015-12-21 13:12 · Score: 0
  
  Seriously, hook us up OP.
4. Re:Good for CMU. by Nutria · 2015-12-21 13:21 · Score: 1
  
  Spying on the enemy *is* normal, and has been since, oh... the beginning of humanity.
  
  --
  "I don't know, therefore Aliens" Wafflebox1
5. Re:Good for CMU. by HairyNevus · 2015-12-21 13:36 · Score: 2
  
  Right, so because everyone who buys or sells drugs is an enemy, and every citizen has the potential to buy/sell drugs, then we should spy on all citizens. It's basic logic, citizen, the NSA, FBI, DEA, and ATF are all spying on you, because that's what a responsible government does to protect itself from its enemies. You do like having a government, don't you, citizen? Citizen...?
  
  --
  You were critically hit for no damage. The bruise will look nice, and maybe the scars will make good party talk.
6. Re:Good for CMU. by Pentium100 · 2015-12-21 13:41 · Score: 2
  
  Remember kids - your so-called "friends" may be your enemy! They may be secretly communists/capitalists/muslims/jews/infidels (underline where necessary), therefore you need to secretly check their phones etc and report any unauthorized content to local authorities.
7. Re:Good for CMU. by Anonymous Coward · 2015-12-21 13:42 · Score: 0
  
  being left-wing and libertarian
  Next time, pull the pants off your head before you post.
8. Re:Good for CMU. by AmiMoJo · 2015-12-21 13:49 · Score: 2
  
  The problem is that nowadays the tools needed to spy on other countries end up being used against us, either by those other countries or by our own traitors.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
9. Re:Good for CMU. by Anonymous Coward · 2015-12-21 13:53 · Score: 0
  
  OP pls
10. Re:Good for CMU. by fuzzyfuzzyfungus · 2015-12-21 14:25 · Score: 4, Insightful
  
  Unfortunately, what they were doing before was arguably much more useful: CERT/CC, a program heavily intertwined with CMU's software engineering side, has a relatively noble history of doing security research with the intent to make software more secure; rather than weaponize exploits for somebody's petty temporary advantage at the expense of every other user.
  
  There is absolutely no way that catching a few druggies could possibly be worth tainting the reputation of a respected security research institution with the suspicion of being just another malware vendor for the feds. Are there scary bad people who use software? Sure. Do all the rest of us use mostly the same software, almost all of it terrifyingly full of holes and in dire need of any and all assistance available? Also yes.
11. Re:Good for CMU. by PopeRatzo · 2015-12-21 14:38 · Score: 1, Troll
  
  What university promotes libertarian thought in any way shape or form?
  It's true. Secular institutions like universities don't generally promote faith-based philosophies like libertarianism.
  
  --
  You are welcome on my lawn.
12. Re: Good for CMU. by Anonymous Coward · 2015-12-21 16:01 · Score: 0
  
  I know you're trolling, but I can't resist:
  How does a libertarian philosophy require faith? What must be believed without evidence?
13. Re:Good for CMU. by Krishnoid · 2015-12-21 16:07 · Score: 1, Insightful
  Maybe it played out for CMU like this:
  Do all the rest of us use mostly the same software, almost all of it terrifyingly full of holes and in dire need of any and all assistance available?
  Let's establish a relatively noble history of doing security research with the intent to make software more secure;
  Work diligently to do so, and time passes
  All the rest of us use mostly the same software, almost all of it *still* terrifyingly full of holes and in dire need of any and all assistance available
  re-evaluate the effectiveness of their efforts
  choose to weaponize exploits for somebody's petty temporary advantage at the expense of every other user.
  taint the reputation of a respected security research institution with the suspicion of being just another malware vendor for the feds.
  decide that the general population doesn't really value or understand security research anyway, and determine that their reputation in that area is of less value than being in the good graces with the US government
14. Re: Good for CMU. by Anonymous Coward · 2015-12-21 16:12 · Score: 0
  
  That people, left to their own devices, will simultaneously act for both their own good and for the good of the commons?
15. Re:Good for CMU. by ls671 · 2015-12-21 16:27 · Score: 1
  
  Yeah but it is much funnier to spy on friends.
  
  --
  Everything I write is lies, read between the lines.
16. Re:Good for CMU. by Aighearach · 2015-12-21 16:42 · Score: 1
  
  CMU is a high-profile institution, their reputation won't be negatively impacted in any way.
  To believe their reputation would suffer you should believe that the general public would view their activities negatively. It shouldn't matter at all what your own personal opinion of their actions are. If you dislike what they do, that doesn't mean the public does, or that they should be concerned the impression would be negative.
  I think most people would view this as them doing one of the tasks that security research is for, even if there are others with different color hats in the niche who might disagree. Don't expect an educational institution to take stands against the government on your behalf; they never agreed with your position, and whatever the government is lawfully doing is going to be seen as "white hat" work by, lets see, almost all of society.
  That people who disagree have an echo chamber should not alter their analysis about what the standard, default public position will be.
  TOR was created and supported by the US government to encourage free speech in oppressive locations. From the view of many academics, using it for criminal activity subverts its purpose and is harmful to free speech. If the drug war is absurd, that does not change that calculation for most people. TOR is absolutely not viewed by most people as being intended as an anti-government tool of anarchy; arresting users for non-speech-related crimes in no way tarnishes TOR, or the researchers involved. That criminals have made such extensive use of it is the blemish on the reputations of all the researchers whose work involves TOR. Turnabout is exactly what might improve the reputations of these people.
  Don't confuse disagreement with being in a silent majority, and don't let an echo chamber convince you of it either. CMU researchers got paid by the government to do legal stuff. That will enhance their reputation. There is no way to avoid it.
17. Re: Good for CMU. by Zero__Kelvin · 2015-12-21 16:52 · Score: 1
  
  "How does a libertarian philosophy require faith?"
  All Philosophy requires faith, other wise it would be called Science.
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
18. Re: Good for CMU. by Anonymous Coward · 2015-12-21 16:53 · Score: 0
  
  Consumers will have perfect access to market information and will therefore pick good products and punish companies by not buying bad products.
19. Re:Good for CMU. by Anonymous Coward · 2015-12-21 16:54 · Score: 0
  
  Yes, how great that we have a university fighting moral bankruptcy with.... moral bankruptcy.
20. Re:Good for CMU. by Zero__Kelvin · 2015-12-21 16:56 · Score: 2
  
  "... spying on each other is normal ..."
  
  "... "Spying on the enemy *is* normal ..."
  What isn't normal is the little twist you are trying top slip in under the radar. It isn't normal to consider each other to be the enemy. That is something encouraged by the government, but shunned by intelligent and educated people, as well as plenty who don't have those opportunities.
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
21. Re:Good for CMU. by ElectricHellKnight · 2015-12-21 17:50 · Score: 1
  
  What university promotes libertarian thought in any way shape or form? Seriously, I'd love to know.
  
  Seriously, hook us up OP.
  
  OP pls
  You just have to love the AC that posts three separate times to appear is if he is three different people. Heads up: everyone can tell.
22. Re:Good for CMU. by Anonymous Coward · 2015-12-21 20:48 · Score: 0
  
  The mods can tell that at least "Seriously, hook us up OP" didn't come from the same place as the other two, cause I typed that one and I'm not the other guy(s).
  Are you willing to stop being meta and deliver for OP tho? Definitely want to find the university pushing libertarianism.
23. Re: Good for CMU. by Znork · 2015-12-21 21:22 · Score: 1
  
  Libertarianism doesn't require faith in that. The mix of people actually enjoying acting out of altruism and the situations where people acting for their own good inherently results in the good of the commons (competition, efficiency improvements) is enough for a lot of things and is quite demonstrable without any faith needed.
24. Re:Good for CMU. by fuzzyfuzzyfungus · 2015-12-22 00:03 · Score: 1
  
  Their reputation with the general public is largely irrelevant, nor do I think that it will be affected(if the general public could even identify 'CERT/CC' at all).
  
  The problem is their reputation with people who don't directly work for them; but have historically worked with them: if they are respected as a group that coordinates security improvements, that is one thing. If they are seen as feeding exploits to the feds rather than fixing things; why work with them when you could sell to one of the outfits that already makes a business of selling exploits to the feds?
25. Re: Good for CMU. by PopeRatzo · 2015-12-22 00:07 · Score: 3, Interesting
  
  Libertarianism doesn't require faith in that.
  Libertarianism always starts with "if only". As in, "If only people were different, people would be different."
  
  and is quite demonstrable
  The part that's demonstrable is that those that act only for their own good will inevitably take advantage of those who work in the good of the commons, and eventually will poison the well. There is a reason greed has been considered a human failing, at least until the relatively recent development of libertarianism. Let's be honest: libertarianism only exists to provide a moral/social/political framework to give cover to sociopaths. Not that all libertarians are sociopaths. I don't believe that at all. But all libertarians are useful to the sociopaths.
  
  --
  You are welcome on my lawn.
26. Re:Good for CMU. by Coren22 · 2015-12-22 03:31 · Score: 1
  
  No, mods can't tell who ACs are. I would assume you are the same person as it is a common thing being done by ACs.
  It you want to differentiate yourself, make an account, otherwise you are the amorphous blob called AC.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
27. Re:Good for CMU. by Coren22 · 2015-12-22 03:33 · Score: 1
  
  I think your tin foil hat might be a little tight.
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
28. Re:Good for CMU. by XXongo · 2015-12-22 03:53 · Score: 1
  
  There is absolutely no way that catching a few druggies could possibly be worth tainting the reputation of a respected security research institution with the suspicion of being just another malware vendor for the feds.
  CMU is a high-profile institution, their reputation won't be negatively impacted in any way.
  Their reputation may be harmed in some segment of the tech population, but do keep in mind that it will be enhanced in other segments. You may not believe it, but the response "Good! At least one institution is actively working to unmask terrorists, pedophiles, and drug pushers" is going to be exactly the way some people will view it.
  You many not like it, but not everybody thinks the same.
29. Re:Good for CMU. by ultranova · 2015-12-22 04:07 · Score: 1
  
  Spying on the enemy *is* normal, and has been since, oh... the beginning of humanity.
  
  And human history is a grim testament to the bloody results. Perhaps it's time to just admit this "enemy" thing isn't working and try something else?
  
  --
  Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
30. Re:Good for CMU. by Anonymous Coward · 2015-12-22 04:54 · Score: 0
  
  Why do you think this toy is so popular this year? Get the kids used to the idea of someone always there, quiet and observing everything.
31. Re: Good for CMU. by sjames · 2015-12-22 06:17 · Score: 1
  
  Not really, no. Those assumptions don't really bear close examination. If not for your faith, you'd see that.
32. Re: Good for CMU. by KGIII · 2015-12-22 06:27 · Score: 1
  
  You don't actually know any Libertarians, do you? *sighs* I am not typing this out again Pope. You know better. At least read the Wikipedia article (even just the first four paragraphs) before I have to type all this shit out all over again. I seriously need to start cutting and pasting.
  *I* am a Libertarian and have been for some 40 years or so. I am further to the left of any elected official (probably even Bernie) and the difference is that I used logic and reason to come to my conclusions. Randians aren't Libertarians - they're idiots. Ashamed Republicans who self-identify as Libertarians don't even understand the platform. Anarco-capitalists are not Libertarians, they're just stupid.
  Of course, you might call me a Classic Libertarian or even a Socialist Libertarian but you'd fucking KNOW that if you actually knew anything about Libertarianism. Sheesh. I gotta repeat this at least once a week. By the time I type it all out people are like, "Oh, well that's cool. I had no idea." Well, maybe if I'd stop writing novellas and try to fit it on bumper sticker you'd finally understand!
  Ah well... I swear to Christ, I'm not typing it out again already this week. You can wait until the weekend for a Political Science lesson. Yes, me... The guy who admits he pays too little in taxes, donates, loves drugs and guns, supports single payer health care, supports a strong social safety net, and evens supports reasonable regulation and governance - is a Libertarian. Now, I do admit, we've got some straight up idiots in our party but they're no more or less idiotic than the ones you have in other parties. They just make the news more often because the bleat they loudest and say the stupidest things which means they get the ratings. Rand Paul is not a Libertarian. He's an idiot. His dad was a lunatic, I kind of liked him.
  We need image macros. Grumpy Cat is appropriate here.
  
  --
  "So long and thanks for all the fish."
33. Re: Good for CMU. by KGIII · 2015-12-22 06:29 · Score: 1
  
  And what of a Philosopher of Mathematics then, hmm? The highest order of science, indeed. ;-)
  
  --
  "So long and thanks for all the fish."
34. Re: Good for CMU. by PopeRatzo · 2015-12-22 07:00 · Score: 1
  
  You don't actually know any Libertarians, do you?
  
  I see the confusion. There is a world of difference between big "L" libertarians and small "l" libertarians.
  One is a political faction (or party). The other is a socio-economic fantasy. My earlier comment was in reference to the latter.
  
  --
  You are welcome on my lawn.
35. Re: Good for CMU. by KGIII · 2015-12-22 07:24 · Score: 1
  
  LOL It's okay. I was just feeling like ranting for a while. I generally assume you're joking when you're posting wiseass remarks. I even found it funny but I wanted a good excuse to rant and there it was. ;-)
  I think it only fair that I point out that it is nearly 70 outside here in PCB. The downside is, of course, I'm in Florida. Err... So take that!
  But yeah, we do have a bunch of idiots in our party. It would be a bit antithetical to silence them or kick them out. I think the vast majority of people who self-identify as a Libertarian (note capitalization) don't actually understand the platform but are convinced it either means that they can be anarchists and greedy without remorse or limit. Also, they probably noticed some of us have a pro-choice drug use opinion.
  I can't help it. Anyone can identify as a Libertarian if they want. It's not like we have a purity test (GOP) or insist on conformity by shaming (DNC). It's also not like I don't understand why some people are confused. I gotta be honest here, some Libertarians are straight up fruitcakes. We've got our share of zealots, idiots, and insane. It's not like we've been very forthcoming about telling people that they're idiots - we kind of wanted the attention and party memberships. "Give us your tired, your poor..." Yeah, we said, "Give us your crazy, degenerates, and imbeciles." In our defense, we were probably quite drunk at the time.
  
  --
  "So long and thanks for all the fish."
36. Re:Good for CMU. by Anonymous Coward · 2015-12-22 08:00 · Score: 0
  
  Under the spreading chestnut tree
  I sold you and you sold me.
37. Re:Good for CMU. by fafalone · 2015-12-22 11:33 · Score: 1
  
  There is absolutely no way that catching a few druggies could possibly be worth tainting the reputation of a respected security research institution with the suspicion of being just another malware vendor for the feds.
  No, but like many things it probably started with the feds saying 'you have to help us catch those evil child abusers hiding on Tor and posting their sick images'. Because who can oppose that? There's also 'Without these powers, the terrorists will attack again!' Because nobody wants to stop the government from getting terrorists. But pretty soon it's 'well, we've got power, why shouldn't we also use it against those evil drug traffickers?' and suddenly, much like PATRIOT act powers, drug cases become the predominant use of new abilities. Back in the day getting the druggies was enough of an excuse on its own to trample the constitution, but now they need to justify their powers with OMG PEDOS! or OMG TERRISTS! and bust 1-2 of them, THEN they can go after the hundreds of drug arrests just dripping with forfetiable assets and pocket-filling cash and dope on the table.
  And it's such an effective skeleton key because whatever arguments you possibly make are drowned out by people screaming that you're supporting child abusers and terrorists.
38. Re: Good for CMU. by el_chicano · 2015-12-22 12:49 · Score: 1
  
  Libertarianism doesn't require faith in that. The mix of people actually enjoying acting out of altruism and the situations where people acting for their own good inherently results in the good of the commons (competition, efficiency improvements) is enough for a lot of things and is quite demonstrable without any faith needed.
  Uh, OK, if you say so.
  
  By the way, if you are looking for an investment there is some land in Chile you may be interested in:
  
  http://gawker.com/ayn-rands-capitalist-paradise-is-now-a-greedy-land-grab-1627574870
  
  --
  A man who wants nothing is invincible
39. Re:Good for CMU. by Aighearach · 2015-12-24 07:34 · Score: 1
  
  So, are you proposing that security researchers who won't take money from the government for white-hat work is the majority, or even a significant faction?
  I would propose instead that even the ones who don't really like this will very carefully limit any complaints to hair-splitting details. They certainly won't refer to the government as The Feds, or call service work of identifying online parties based on existing (unrelated) research to be an "exploit." For one thing, calling it an exploit would cause them to lose a lot of professional reputation. For another, selling exploits to the government is a large part of what white-hat security researchers (that's the ones that work in academia, to be sure) do. I mean, that is the top-shelf stuff of what they do that involves having a "career" in the industry instead of just being teachers and summertime contractors. To the extent that their peers look over the fence because of this, it is probably fond gazes, maybe a few extra resumes get mailed or something.
  As far as coordinating security improvements goes, the industry is used to working with even black-hats, to the extent that many of the black-hats are good-intentioned security activists who are breaking into stuff to piss people off into securing it. Even when it comes to commercially interested black hats, there is a willingness in the industry to pay them for information, for example. Extremists who view working with the government as being worse than working with criminals... I hate to break it to you, but people in that category are not exactly lining up to participate in coordinated security improvements.
  And ultimately, people who care the most about security improvements are sysadmin types who do not care who did what or who coordinated what. CMU reputation as an institution is what they'll look at to decide if they can trust them to still be around in the future. That's the part they care about; will the improvement be in long-term stable use, or is it an imperfect improvement with a lot of feature thrash or potential abandonment in the future? And it turns out to be "above their pay grade" anyways.
wow first.. by Anonymous Coward · 2015-12-21 12:55 · Score: 0

Its a shame we have to hire interns to do the important stuff..
and then capitalize on it, as if it was their own..
lame
I hope some privacy concerns come up strong enough to topple this crap
as expected by Anonymous Coward · 2015-12-21 12:57 · Score: 0

What did you expect that research to be used for? It is not like a company was paying them so they could deliver relevant ads via tor. (mmmm, donuts)
"The money was right but the risk was too high" by Anonymous Coward · 2015-12-21 12:58 · Score: 0

https://youtu.be/dGOVbXF7Iog?t=1m4s
"Speaking as a roofer: I can tell you a roofer's personal politics comes in to play heavily when choosing jobs."
Silk Road? by Frosty+Piss · 2015-12-21 13:26 · Score: -1, Offtopic

The Silk Road dude went beyond the line. He didn't just try (and succeed) at building a "dark market", he tried to have people killed. Now, some may dispute this, and the paranoid conspiracy nutters will say it's all fabricated, but I believe the facts will come out in the trial, and it will be shown that the Silk Road dude crossed over to the dark side and became a sociopathic asshole.

--
If you want news from today, you have to come back tomorrow.
1. Re:Silk Road? by cfalcon · 2015-12-21 13:30 · Score: 4, Insightful
  
  You seem off topic.
  First, I agree with you about Ulbright, DPR.
  Second, this seems to be about silk road 2.
  Third, this isn't even about jackasses acting with jackassery- this is about attacks on TOR.
2. Re:Silk Road? by Aighearach · 2015-12-21 16:51 · Score: 0
  
  "Attacks on TOR" or the unmasking of criminals abusing a free speech platform by building a black market inside it?
  I don't approve of the drug war, but I'm not convinced that black is white whenever a drug dealer gets arrested. How is it an attack on the tool they were abusing? If they were using TOR to engage in anonymous speech about how awful drug prohibition is and discussing their efforts to get the law changed, and they were arrested for the content of their speech, then that would clearly be an attack on TOR. Or if the researchers had used some sort of exploit to gain control of somebody else's computers, and used that control to get the information, that would clearly be an attack. But tipping off the police with information about the identity of a criminal? Even if you dislike the law, it seems obvious that isn't an "attack" at all, especially not when the context is computer security research.
3. Re:Silk Road? by cfalcon · 2015-12-21 17:45 · Score: 1
  
  Spare the moralizing. "Attacks" aren't bad from the perspective of the attacker, and the attacker could well be doing something like busting up bad guys. That doesn't make the technical discussion less valid, or warrant some new fucking word to avoid offending someone. More importantly, the TOR project isn't there to give back doors to good guys but not to bad guys.
4. Re:Silk Road? by Aighearach · 2015-12-24 08:28 · Score: 1
  
  Attacks are attacks from the perspective of the attacker, or else they really suck at it. And you might find causing of harm to be part of the meaning of attack.
  You're so busy moralizing and accusing others of it so that you can be on the other side than them that you failed to consider that somebody might simply find value in the correct meaning of words and in communicating honestly from an objective basis instead of just spewing subjectivity from opinion.
  And yes, the TOR project is there to give "back doors" to "good guys," assuming you agree that the local oppressive government being unable to locate them to punish them for speech is a "back door." I think that is rather specious, personally. I think it is generally agreed that people engaging in political free speech and trying not to get in trouble for it are "good guys." Even if you think they're bad, you'd have to acknowledge that in general language they will be talked about as being good.
  Wishing that the purpose of TOR was privacy, instead of free (political) speech is just technical ignorance. It is historical fact, it is not opinion. Nobody cares if it offends you, certainly not me. But when people are whining about how their fake privacy isn't being respected by people using the tool as it was intended (a tool to expand certain western political values), they're just being loud and lame.
  Also, when they talk about this thing being "like" (or falsely using the word "fingerprint of" when they really mean "the technique used by") what CMU did, lets remember that CMU helped bust some pedos. That is who the actual "bad guys" in question are when discussing CMU. And somebody, maybe them or more likely somebody else, then also used the same technique to catch other criminals.
Weed... by Frosty+Piss · 2015-12-21 13:33 · Score: 0, Offtopic

By the way, in Washington (where I live), Colorado, and very soon Oregon, you can buy weed in regulated stores in shopping malls and downtown hipster hangouts, take it home and toke to your heart's content, and answer the door to a cop who will tell you to turn your music down and then go away.

--
If you want news from today, you have to come back tomorrow.
1. Re:Weed... by Anonymous Coward · 2015-12-21 13:51 · Score: 0
  
  It's not "very soon" in Oregon. It's now.
2. Re:Weed... by Anonymous Coward · 2015-12-21 14:00 · Score: 0
  
  It's still illegal under US Federal Law and you can still be arrested for it at any time.
3. Re:Weed... by Impy+the+Impiuos+Imp · 2015-12-21 14:26 · Score: 1
  
  The politicians see the handwriting on the wall as these law changes steamroller throug the country. Good luck.
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
4. Re:Weed... by Aighearach · 2015-12-21 16:56 · Score: 1
  
  If you believe that Federal law applies all the time, you're crazy. Read more, spew less.
  Federal law doesn't even come up unless I cross a state line with it, or at least conspire to.
  The funny part is, the Federal Government agrees with me. Check their legal filings regarding the challenges to the Colorado law. I recommend SCOTUSblog for a high-level review. They have even adjusted the federal policy about marijuana marketing to make clear that small quantities legal under state law can be locally marketed.
5. Re:Weed... by Zero__Kelvin · 2015-12-21 17:18 · Score: 1
  
  "It's still illegal under US Federal Law and you can still be arrested for it at any time."
  Not by a local or State cop you can't. Even if it were technically legal to do that, the local Judge(s) would spank the arresting officer so hard his children wouldn't be able to sit down.
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
6. Re:Weed... by cfalcon · 2015-12-21 20:52 · Score: 1
  
  > you can still be arrested for it at any time
  You won't be, though. Downtown Denver is full of weed shops. There aren't federal agents trying to randomly fuck with people, and if they were, they'd probably start with the weed shops. These store are recreational marijuana dispensaries, just sitting there with giant glowing green cannabis leaves as their logos and stuff. Also it hasn't happened yet.
7. Re:Weed... by Anonymous Coward · 2015-12-22 02:26 · Score: 0
  
  Beware the government. Especially beware the government that says "We promise not to".
  Work for a company that does business in other states? Travel outside your own state in the last 12 months? Use or part of any federal financial programs or services? Make any federal payments with money obtained from the sale or production of these "legal" products, Or perhaps a car loan in another state?
  The devil is in the details and comfort breeds carelessness. Just as Al Capone about those little details and complacence.
8. Re:Weed... by sjames · 2015-12-22 06:28 · Score: 1
  
  The feds do NOT want to go to war with the states over this. They have been careful not to step on too many toes in states that have legalized marijuana.
9. Re:Weed... by sjames · 2015-12-22 06:35 · Score: 1
  
  That's the crux of the matter. Federal authorities depend on state authorities' cooperation to get most of their work done. They do not want to risk a state defaulting to no cooperation over this.
On the plus side! by fuzzyfuzzyfungus · 2015-12-21 14:19 · Score: 1

An Irish narcotics trafficking site will presumably involve some jail time for those involved; but at least the tax burden will be among the lightest in the EU!
1. Re:On the plus side! by PopeRatzo · 2015-12-21 14:58 · Score: 0
  
  An Irish narcotics trafficking site
  This story would be much better if it was a Scottish narcotics trafficking site, as this undercover video of a Scottish drug gang demonstrates.
  https://youtu.be/29-LRuuqFT0
  
  --
  You are welcome on my lawn.
New Years Resolution: Cover TAILS Releases by Anonymous Coward · 2015-12-21 15:33 · Score: 0

It's an OS, and /. has covered releases even of stuff like OpenBSD which must have a smaller user base than TAILS does.
1. Re:New Years Resolution: Cover TAILS Releases by cfalcon · 2015-12-21 20:53 · Score: 1
  
  > stuff like OpenBSD which must have a smaller user base than TAILS does
  Can you PROVE how big the TAILS userbase is? If you can, I have some harsh things to say about TAILS...
2. Re:New Years Resolution: Cover TAILS Releases by Anonymous Coward · 2015-12-21 21:07 · Score: 0
  
  "I have some harsh things to say about TAILS..."
  Well, spill it anyway.
3. Re:New Years Resolution: Cover TAILS Releases by Anonymous Coward · 2015-12-21 21:09 · Score: 0
  
  mod parent up
  if you can post stories like this you should actually post GOOD stories, too, even WHEN NEW VERSIONS OF TAILS ARE RELEASED. It is an OS. Period.
4. Re:New Years Resolution: Cover TAILS Releases by Anonymous Coward · 2015-12-22 09:20 · Score: 0
  
  the six of you can just take it to email surely?
So, where to now? by RuffMasterD · 2015-12-22 00:12 · Score: 4, Interesting

Looks like this genie is out of the bottle, and the temptation will simply be too great for law enforcement to let it back in. Tor is compromised. What can we do now? Can Tor be improved to mitigate such attacks, or to warn users in real time that an attack is happening? Are there alternative systems that are not known to have been compromised yet?

--
Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
1. Re:So, where to now? by Anonymous Coward · 2015-12-22 09:41 · Score: 0
  
  The Invisible Internet Porject (i2p)
Federal Law, Weed, and DC by Anonymous Coward · 2015-12-22 01:03 · Score: 0

Federal law applies on federal property in DC. So no toking in the park,
since they're almost all National Park Service property. Pity.
Faith [Re: Good for CMU.] by XXongo · 2015-12-22 03:46 · Score: 1

Secular institutions like universities don't generally promote faith-based philosophies like libertarianism.
I know you're trolling, but I can't resist: How does a libertarian philosophy require faith? What must be believed without evidence?
Libertarianism doesn't require faith in that. The mix of people actually enjoying acting out of altruism and the situations where people acting for their own good inherently results ...
There you go. That word "inherently" is the faith part.
It just requires traffic analysis by Anonymous Coward · 2015-12-22 04:54 · Score: 0

If you can monitor just the packet headers passing in and out of Tor you can identify the dark web host. It takes a little while, but sending traffic to the server at randomly chosen times will eventually give it up.
This is true even if random delays are added to the forwarding. User response time severely limits how much a delay can be added. Once you know the mean and variance of the added delays. You just need to control a packet stream going to the host and run it for a long enough period of time. It need not even be a single session. It can be multiple sessions. It's slow, but traffic analysis like this cannot be bypassed.
Fuck drug dealers by Anonymous Coward · 2015-12-22 10:15 · Score: 0

Glad they got these two terrible shits. I can't stand it that drug addicts are ruining Tor for everybody though.