-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/06/2013 10:18 AM, Pavol Luptak wrote:
> The question is how FBI gained access to Freedom Hosting? What kind > of exploits did they use? Freedom Hosting offered web hosting services to people that asked for it, yes? A hypothesis I've seen floating around (without evidence, that's all it is) is this: The FBI asked for and received web space on Freedom Hosting. They uploaded an app that they knew had a couple of vulnerabilities that allowed for server side code execution and used them to compromise other sites on that machine. No need to send ninjas to raid the cookie jar when you can say, "Mother, may I?" - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Livin' la vida alpha test. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlIBNJAACgkQO9j/K4B7F8GoOgCg6tLxg4LDf08CX64XsLTBQvlj kmQAn34OwraBqPwY8EH+rt2O1QLd6zC8 =eZ9N -----END PGP SIGNATURE----- -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech