Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
Hey mirmir how ya doin. Do you no when Juan gets out? I heard he was picked up for a thought crime -. Original Message On Feb 10, 2020, 1:11 PM, Mirimir wrote: > On 02/09/2020 05:23 PM, grarpamp wrote: > > > >> Question how exactly the servers are being physically found in >> the *first place*. Look for cases where the servers were mysteriously >> just "found", with rest of timeline unfolding after that secret or >> questionable moment. Tor and other networks are sold as being >> able to protect from such network "finds". > > I just saw a HN thread that proposes a ~simple answer.[0] > > It could just be one of the standard malicious guard attacks. The risk > isn't huge for a single onion service. But if you have hundreds of onion > services on one server, each with its own guards, the odds of just one > onion service getting pwned by a malicious guard are correspondingly > greater. And one malicious guard is enough to pwn the server. > > > > 0) https://news.ycombinator.com/item?id=22292161
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
On Sun, Feb 09, 2020 at 10:02:03PM -0500, grarpamp wrote: > https://cryptome.org/2020/02/marques-62.pdf > https://www.wired.com/2013/09/freedom-hosting-fbi/ > > For example, these are some example of the type of > suspicious quotes lacking any further details that people > can spot littering cases and investigate further in their > analysis project of cases... > > "It's not clear how the FBI took over the servers in late July ..." > > "the Federal Bureau of Investigation ("FBI") discovered that ..." > > "the FBI identified a possible Internet Protocol ("IP") > address for the Freedom Hosting server ..." > > "The Defendant waives any and all rights under the Freedom > of Information Act relating to the investigation and prosecution > of the above-captioned matter and agrees not to file any > request for documents from the Office or any investigating > agency." Dang dudes! Since the -defendant- made that promise, now we'll -never- find out!
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
On 02/09/2020 05:23 PM, grarpamp wrote: > Question how exactly the servers are being physically found in > the *first place*. Look for cases where the servers were mysteriously > just "found", with rest of timeline unfolding after that secret or > questionable moment. Tor and other networks are sold as being > able to protect from such network "finds". I just saw a HN thread that proposes a ~simple answer.[0] It could just be one of the standard malicious guard attacks. The risk isn't huge for a single onion service. But if you have hundreds of onion services on one server, each with its own guards, the odds of just one onion service getting pwned by a malicious guard are correspondingly greater. And one malicious guard is enough to pwn the server. 0) https://news.ycombinator.com/item?id=22292161
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
https://cryptome.org/2020/02/marques-62.pdf https://www.wired.com/2013/09/freedom-hosting-fbi/ For example, these are some example of the type of suspicious quotes lacking any further details that people can spot littering cases and investigate further in their analysis project of cases... "It's not clear how the FBI took over the servers in late July ..." "the Federal Bureau of Investigation ("FBI") discovered that ..." "the FBI identified a possible Internet Protocol ("IP") address for the Freedom Hosting server ..." "The Defendant waives any and all rights under the Freedom of Information Act relating to the investigation and prosecution of the above-captioned matter and agrees not to file any request for documents from the Office or any investigating agency."
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
On 2/9/20, Razer wrote: >> users noticed “unknown Javascript” hidden in websites running on > ... > The article answers the question. Pick a random case, then go back *before* the users were exploited with some silly browser "NIT" or whatever else. The question in some of the cases is not what was done to the servers and users *after* the servers were cracked remotely over tor or whatever other overlay network, or similarly done *after* being physically found... that's obviously going to be some silly exploit. Question how exactly the servers are being physically found in the *first place*. Look for cases where the servers were mysteriously just "found", with rest of timeline unfolding after that secret or questionable moment. Tor and other networks are sold as being able to protect from such network "finds". It would be a big project to find, collate, research, and report on those cases... some fame awaits whatever group can bring them into more light, or even generate some numerical statistics on the different types of cases, exploits, questions remaining, etc. Though in the end, with all the known public research exploits proof of concept (traffic / protocol / sybil analysis and attacks) against tor and other networks, it's safe to assume some of the mystery cases do in fact use such network exploits (and even some non public ones) and are being parallel constructed against the prohibitions some jurisdictions have against such illegal secret trickery. >> even those using it for legal purposes such as visiting Tor Mail And until those public research exploits are addressed with fixes, and better designs in new networks, even things like free speech mail comms and boring political blogs that offend some King will continue to be taken down by said Kings. Or until Kings trickery is embarrasingly exposed via reporting. Or both. Here's more on this case... https://old.reddit.com/search?q=freedom+hosting https://old.reddit.com/r/TOR/comments/2b8oq3/please_read_if_you_usedepend_on_tor_never_before/
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
On 2/9/20 3:40 AM, grarpamp wrote: > “We can’t have a world where a government is allowed to use a black box of > technology from which spring these serious criminal prosecutions,” This guy is from another planet (like most lloigors. Yes you can. You do. You ALWAYS will, as long as there are 'governments'. https://www.yog-sothoth.com/wiki/index.php/Lloigor Rr signature.asc Description: OpenPGP digital signature
Re: Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
On 2/9/20 3:40 AM, grarpamp wrote: > Early on August 2 or 3, 2013, some of the users noticed “unknown > Javascript” hidden in websites running on Freedom Hosting. Hours > later, as panicked chatter about the new code began to spread, the > sites all went down simultaneously. The code had attacked a Firefox > vulnerability that could target and unmask Tor users—even those using > it for legal purposes such as visiting Tor Mail—if they failed to > update their software fast enough. The article answers the question. Rr signature.asc Description: OpenPGP digital signature
Tor Speculated Broken by FBI Etc - Freedom Hosting, MITTechReview
https://www.technologyreview.com/s/615163/a-dark-web-tycoon-pleads-guilty-but-how-was-he-caught https://twitter.com/techreview/status/1226212530856611840 https://www.courtlistener.com/recap/gov.uscourts.mdd.451238/gov.uscourts.mdd.451238.57.0.pdf https://www.courtlistener.com/recap/gov.uscourts.mdd.247657/gov.uscourts.mdd.247657.13.1.pdf https://arstechnica.com/tech-policy/2017/03/doj-drops-case-against-child-porn-suspect-rather-than-disclose-fbi-hack/ http://darknetq7skv7hgo.onion/ Given the variety of known weaknesses, exploits, categories of papers, and increasing research efforts against tor and overlay networks in general, and the large number of these "mystery gaps" type of articles (some court cases leaving hardly any other conclusion with fishy case secrecy, dismissals, etc)... the area of speculative brokeness and parallel construction seems to deserve serious investigative fact finding project of global case collation, interview, analysis to better characterize. Feb 8, 2020 A dark web tycoon pleads guilty. But how was he caught? The FBI found Eric Marques by breaking the famed anonymity service Tor, and officials won’t reveal if a vulnerability was used. That has activists and lawyers concerned. When the enterprising cybercriminal Eric Eoin Marques pleaded guilty in an American court this week, it was meant to bring closure to a seven-year-long international legal struggle centered on his dark web empire. In the end, it did anything but. Marques faces up to 30 years in jail for running Freedom Hosting, which temporarily existed beyond reach of the law and ended up being used to host drug markets, money-laundering operations, hacking groups, and millions of images of child abuse. But there is still one question that police have yet to answer: How exactly were they able to catch him? Investigators were somehow able to break the layers of anonymity that Marques had constructed, leading them to locate a crucial server in France. This discovery eventually led them to Marques himself, who was arrested in Ireland in 2013. Marques was the first in a line of famous cybercriminals to be caught despite believing that using the privacy-shielding anonymity network Tor would make them safe behind their keyboards. The case demonstrates that government agencies can trace suspects through networks that were designed to be impenetrable. Marques has blamed the American NSA’s world-class hackers, but the FBI has also been building up its efforts since 2002. And, some observers say, they often withhold key details of their investigations from defendants and judges alike—secrecy that could have wide-ranging cybersecurity implications across the internet. “The overarching question is when are criminal defendants entitled to information about how law enforcement located them?” asks Mark Rumold, a staff attorney at the Electronic Frontier Foundation, an organization that promotes online civil liberties. “It does a disservice to our criminal justice system when the government hides techniques of investigation from public and criminal defendants. Oftentimes the reason they do this kind of obscuring is because the technique they use is questionable legally or might raise questions in the public’s mind about why they were doing it. While it’s common for them to do this, I don’t think it benefits anyone.” Freedom Hosting was an anonymous and illicit cloud computing company running what some estimated to be up to half of all dark web sites in 2013. The operation existed entirely on the anonymity network Tor and was used for a wide range of illegal activity, including the hacking and fraud forum HackBB and money-laundering operations including the Onion Bank. It also maintained servers for the legal email service Tor Mail and the singularly strange encyclopedia Hidden Wiki. But it was the hosting of sites used for photos and videos of child exploitation that attracted the most hostile government attention. When Marques was arrested in 2013, the FBI called him the “largest facilitator” of such images “on the planet.” Early on August 2 or 3, 2013, some of the users noticed “unknown Javascript” hidden in websites running on Freedom Hosting. Hours later, as panicked chatter about the new code began to spread, the sites all went down simultaneously. The code had attacked a Firefox vulnerability that could target and unmask Tor users—even those using it for legal purposes such as visiting Tor Mail—if they failed to update their software fast enough. While in control of Freedom Hosting, the agency then used malware that probably touched thousands of computers. The ACLU criticized the FBI for indiscriminately using the code like a “grenade.” The FBI had found a way to break Tor’s anonymity protections, but the technical details of how it happened remain a mystery. “Perhaps the greatest overarching question related to the investigation of this case is how the government was able to pierce Tor’s veil of anonymity and locat