Former Tor Developer Created Malware To Hack Tor Users For The FBI

Patrick O'Neill writes: Matt Edman is a cybersecurity expert who worked as a part-time employee at Tor Project, the nonprofit that builds Tor software and maintains the network, almost a decade ago. Since then, he's developed potent malware used by law enforcement to unmask Tor users. It's been wielded in multiple investigations by federal law-enforcement and U.S. intelligence agencies in several high-profile cases. The Tor Project has confirmed this report in a statement after being contacted by the Daily Dot, "It has come to out attention that Matt Edman, who worked with the Tor Project until 2009, subsequently was employed by a defense contractor working for the FBI to develop anti-Tor malware." Maybe Tor users will now be less likely to anonymously check Facebook each month...

Less Facebook?

[Gr8Apes]

Yes, please. Anonymous or otherwise, FB needs to be removed as a main gatekeeper for the masses.

Despicable traitor

[ptaff]

Acting for your own paycheck instead of thinking about what's best for humanity, Matt? You're a despicable little traitor, Matt. Let's hope you like the surveillance society you contributed to, Matt, and I hope you already know you'll be stalked by the FBI for the rest of your life, Matt.

Re:Despicable traitor

Technically, any security software should be made with the assumption, and hardened or designed against, any of it's developers working for another team. Nothing security wise can make assumptions based off human social standing.

Re:Despicable traitor

[TheGratefulNet]

the only time I could excuse such traitorous behavior is if you had NO other choice but to go work for the enemy.

I've been in life situations where I could not find a job (almost at that point, now, sad to say) and if I was on my last month's savings and faced homelessness, I'd do whatever I had to, to keep a roof over my head. I'm over 50 and in the software field, its now 20x as hard to get a job as it was when I was just 20 years younger. I could see myself having to take just ANYTHING to keep income flowing.

but this guy - is he like that? is he on the 'do not hire because he's too old and expensive' list? is he of the 'wrong' race for the area of country he lives in?

I kind of doubt that he's in my situation, having to think long and hard about taking ANY job offered, just to stay alive.

I think of people who choose to work for evil corps as traitors (google is a shining example; google steals your info and no one knows where, exactly, it ends up). anyone working for google is helping the enemy in more ways than one. and I doubt there is a single 'hard luck case' at google who HAD to take the google job just to keep a roof over his/her head. its laughable, when you think of this example.

but I do see people my age and of my race who simply will take any job offered since the job offers come only a handful of times a year, if even that, and the 'contract to perm' promise that is all the rage for my age group never pans out and we're always back on the job search in just a few month's time.

my heart goes out to people like this who have no choice.

and I dispise, deeply, those who had a choice and still chose to work for the bad guys.

Anonymous attack?

[tezbobobo]

I wonder if he'd be less likely to continue the work is a hacker collective attacked and destroyed his personal privacy.

Re:Oh please

[SumDog]

> Cornhusker used a Flash application to deliver a user's real Internet Protocol (IP) address to an FBI server outside the Tor network. Cornhusker—so named because the University of Nebraska's nickname is the Cornhuskers—was placed on three servers owned by Nebraska man Aaron McGrath, whose arrest sparked the the larger anti-child-exploitation operation.

So they took control of this guy's servers somehow, and then placed a flash object on all of them. So the only people it would catch are people who proxied their standard browsers via tor or used the tor package ... and installed Flash anyway.

This isn't .. even an exploit really. You could just put a fucking flashed based video player on a .onion and watch the logs.

They would be fools not to

[rmdingler]

It is a pretty safe assumption that the governors have employed a crap ton of former industry specialists to their advantage in every era, and during every new wave of opportunistic technology.

In the same vein that you have a right to employ secure encryption, the spooks have a duty to decrypt it. There really is a national security interest in this now that every nation on earth is involved in it or interested in being so.

The trick is to constantly remind the folks with the unlimited budgets that they work for us.

We are all bounty hunters now

[bretts]

Whoever pays the highest rate wins our (temporary) loyalty. Welcome to society where no one agrees on a set of values.

Hang him as a traitor.

[thedarb]

Subject says it all.

Re: Oh please

[meerling]

And you're just the type of person they want to hire. Someone who believes that the ends justifies the means, just like Stalin, and Hitler, and Mao, and Pol Pot, and so many others... Sure, they were a bit more violent, but they didn't start off with murdering people they don't like in the dark, they started off by convincing people that the ends justified the means.

Re: Oh please

and fucking JUDAS.

The only way this shitstain keeps his head if I meet him is if he convinces me they were going to send his mom and sisters to federal PIMA prison if he didn't comply.

Otherwise, there is a special circle in Hell for moral cripples like this.

Hope those 40 pieces of silver bought you a whole lot of new shiny for your broken ego.