back to article Tor servers vanish as FBI swoops on kiddie-smut suspect

Network anonymisation outfit TOR has posted a fascinating piece of commentary on reports that some of the anonymous servers it routes to have disappeared from its network. “Around midnight on August 4th we were notified by a few people that a large number of hidden service addresses have disappeared from the Tor Network,” the …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Is Tor really secure?

    Correct me if I'm wrong (and I just might be), but it seems to me that Tor has become a bit insecure by default. I'm thinking this because the government spook agencies and probably some criminal outfits [is there a difference?] seem to have figured out that they can just listen in on exit node traffic and scoop up lots of juicy communication from criminals, extremists, freedom fighters, dope smugglers, other spook agencies, etc.

    Am I wrong on this? I've avoided using the Tor Browser Bundle recently for this reason. Not that anyone would be even slightly interested in reading any of my communication, but still it seems kind of a bad idea to place stuff directly into the government dragnet like that.

    1. Yet Another Anonymous coward Silver badge

      Re: Is Tor really secure?

      Tor isn't meant to be secure - it's meant to be anonymous.

      of course if all the exit nodes are FBI then it isn't even that

    2. Vladimir Nicolici

      Re: Trojans

      You are a bit wrong. First of all, exit nodes communicate unencrypted only with the regular web. Accessing hidden services makes the communication encrypted end-to-end. And even for the regular web, you can use https to achieve the same result.

      This will hide both the origin of the traffic and the content of the traffic from anyone listening. Depending on how many intermediate nodes there are between you and the exit node, it can be almost impossible for someone to trace you, under normal conditions.

      However, if most of the entry, exit and intermediate nodes are owned by FBI/NSA etc., everything changes. And it seems they lease some cloud servers from time to time to do just that.

      TL/DR: TOR is not secure when attacked by someone with a lot of resources.

    3. UnauthorisedAccess

      Re: Is Tor really secure?

      > Am I wrong on this? I've avoided using the Tor Browser Bundle recently for this reason. Not that anyone would be even slightly interested in reading any of my communication, but still it seems kind of a bad idea to place stuff directly into the government dragnet like that.

      Use Tails in LiveCD mode, rather than the TOR Browser Bundle.

      For hardcore mode, use Tails in LiveCD mode without a HDD installed in the laptop, a USB wireless dongle that you purchased using cash from a camera less kiosk, change MAC address anyway, wardrive for internet connection while keeping the laptop suspended over a bucket of saltwater. Slowly roll a cyanide capsule around your mouth and be prepared to bite down on it at anytime.

      1. Bob AMG

        Re: Is Tor really secure?

        Don't forget cars have licences plates so rent one from a place without a cam.

      2. Anonymous Coward
        Big Brother

        Re: Is Tor really secure?

        @Unauthorized - >"For hardcore mode, use Tails in LiveCD mode without a HDD installed in the laptop, a USB wireless dongle that you purchased using cash from a camera less kiosk, change MAC address anyway, wardrive for internet connection while keeping the laptop suspended over a bucket of saltwater. Slowly roll a cyanide capsule around your mouth and be prepared to bite down on it at anytime."

        Too risky - you might forget to bite down on the capsule. Safer to grab a 1,000-count bottle of one-minute time-release cyanide capsules. Every 59.5 seconds, spit one out and replace it with a new one.

        Hard core - 5,000-count bottle of 20-second time release capsules.

      3. Dylan Fahey
        Holmes

        Re: Is Tor really secure?

        You forgot the bear trap, just in case they try to hold your jaw open. You can set it to spring close on your head when the lappy drops into the sea water.

        1. Anonymous Coward
          Coffee/keyboard

          Re: Is Tor really secure?

          And the man-eating sharks in sea water, in case they try to reach in and grab it out quickly. And a slow drip of blood into the sea water, to keep the sharks hungry.

          1. Havin_it
            Boffin

            Re: Is Tor really secure?

            Or just take to wearing a long bushy beard sans 'tache, Ray-Bans and a keffiyeh and have lots of online conversations about The Great Satan, meeting up at Logan Airport etc. That should keep you off their radar fine.

      4. Anonymous Coward
        Black Helicopters

        Re: Is Tor really secure?

        Just remember to remove the battery from your cell phone first, before you borrow your ex-neighbor's friend's 1982 car.

    4. Anonymous Coward
      Anonymous Coward

      Re: Is Tor really secure?

      With the recent revelations about the level of internet surveillance, I would have to say Tor's security is not looking good. At least not good enough for anyone the NSA might be after. Hidden services are probably especially vulnerable due to their persistence, and the fact that the Tor Project has been neglecting that part of the software for some time.

      Unfortunately the only countermeasure to this type of correlation attack, as far as I know, is to add a large randomized delay at each step in the circuit. This, needless to say, would not be very attractive to most users.

      Personally, I think some of this also shows that the Tor Project needs to rethink their strategy. Now obviously, their goal was not to provide a way for people to access child pornography, but of course the same attack could be used against more sympathetic users, and it directly took advantage of two things the Tor Project did thinking they would make people safer. #1 Encouraging everyone to use the same browser bundle, and #2 keeping JavaScript enabled. Their thinking was safety in numbers, and that making it user friendly would get more people to use it, but it seems to me they discounted the more acute risk of a targeted exploit.

    5. Ted Treen
      Boffin

      Re: Is Tor really secure?

      @Andy Prough

      "...the government spook agencies and probably some criminal outfits [is there a difference?]..."

      No.

      1. lunatik96
        Trollface

        Re: Is Tor really secure?

        @Ted Treen-

        @Andy Prough

        "...the government spook agencies and probably some criminal outfits [is there a difference?]..."

        No.

        The spook agencies have seemingly unlimited resources. Some of them wear badges.

    6. Anonymous Coward
      Anonymous Coward

      Re: Is Tor really secure?

      Should have used a more secure browser - such s a current version of IE....

  2. Anonymous Coward
    Anonymous Coward

    oh boy

    I wonder how many Tor exit nodes are hosted by the U.S.'s FBI and other organizations?

    1. RobHib
      Angel

      @theodore - Re: oh boy

      Think common sense.

      Who invented TOR/Onion Routing? Why the U.S. Government of course.

      2+2 does actually = 4.

      1. Suricou Raven

        Re: @theodore - oh boy

        Left hand: We need to do something to aid political expression in certain repressive regimes, and prevent those governments snooping on dissidents, as social change in those countries is essential for continued peaceful coexistence.

        Right hand: We need to set up improved monitoring and tracing systems systems for the internet - it'll be impossible to enforce the law effectively online if anyone can disappear into electronic mist at will, not to mention the potential for money laundering.

        I don't think they were communicating at the time.

      2. Anonymous Coward
        Thumb Up

        Re: @theodore - oh boy

        Well, now I know. I've never used it, nor have a felt the need to use it.

        yes, 2+2=4.

    2. DasBub

      Re: oh boy

      A bunch. That shouldn't be an issue if you restrict your usage to hidden services, as there is no exit node involved. However...

      The payload sets a tracking cookie and appears to phone home with information about your system (IP address, for instance) that it shouldn't have. The code will only run if it thinks it's on a Windows machine running Firefox 17... Word is that the Tor Browser Bundle presents itself as FF 17 on Windows, regardless of the machine it is actually running on.

      Sit back and watch the fun.

    3. UnauthorisedAccess

      Re: oh boy

      A large number.

      At the exit nodes the data is decrypted so that it can be sent to its final location. While the FBI et al cannot work out the sender (unless they're accessing a service that gives that away, such as gmail etc, though those details might be limited) they can work out what the sender is doing (in some cases at least, unless you're engaging in encrypted communications and using TOR as the backbone).

    4. Uncle Siggy

      Re: oh boy

      The number is proportional to the number of spooks who participate in civil disobedience/protestes.

    5. Anonymous Coward
      Anonymous Coward

      Re: oh boy

      I used to host a 100 mbit TOR node in the UK, and i'm 99% sure it was monitored by the security services.

      I had a hidden USB camera in my rack server and it showed suspicious repatching taking place to just my server during a mysterious brief outage that my CoLo proider denied knowing anything about, this being a couple of weeks after I started running an exit node....and my server had been in place without change for over a year. As soon I realised what had likely happened I stopped hosting TOR.

  3. WonkoTheSane
    Black Helicopters

    Slashdot has more - TOR hacked by FBI

    http://yro.slashdot.org/story/13/08/04/2054208/half-of-tor-sites-compromised-including-tormail

    1. Anonymous Coward
      Big Brother

      Re: Slashdot has more - TOR hacked by FBI

      Wow. Talk about walking into a trap. The fact that you get infected by a 0-day exploit on top of it is really bad. This quote on the Tor blog does not instill confidence: "We're investigating these bugs and will fix them if we can." I guess this is what you get when you build your service on a 1-year-old browser with known security holes.

      Hadn't used it in quite awhile, but Tor Browser Bundle has just gotten permanently banned from any of my systems.

      1. Daniel B.
        Boffin

        Re: Slashdot has more - TOR hacked by FBI

        The included browser is supposed to be optimized to avoid leaking info, but it isn't required to do Tor browsing. You can simply point any FF/Chrome build to Tor by setting up the proxy settings to use the Tor local relay.

        That said, Tor can be de-anonymized if the same person owns both the guard relay (entry point to Tor network) and the exit node, as explained by the Tor Project people at DEFCON. It could be what happened here, and it has more to do with the fact that Tor wasn't designed against a multi-national cooperation attacking the network, but was more about one single country trying to check on their users (i.e. China).

    2. Matt Bryant Silver badge
      Go

      Re: WonkoTheSane Re: Slashdot has more - TOR hacked by FBI

      The slashdot post about the FBI putting malware on the site is interesting but hardly surprising, but could be construed as interfering in an investigation.

      As to how effective the FBI are being, the Internet Watch Foundation may provide an insight. They report that since June there has been a spike in the number of attacks looking to create hidden folders of paedo porn on poorly defended websites, linked to regular pron sites, which looks like the paedo peddlers desperately moving and hiding their stuff and trying to hide their traffic amongst regular porn traffic (http://www.iwf.org.uk/about-iwf/news/post/367-websites-hacked-to-host-the-worst-of-the-worst-child-sexual-abuse-images). Whatever the FBI did in Ireland seems to be making the paedos a bit desperate and they seem to be deserting TOR. All good news AFAICS.

  4. Denarius Silver badge
    Holmes

    is this a surprise ?

    spooks, cops and assorted crims would have TOR as main target for years. Real cyberwarfare. The Norks will be jealous

    1. Anonymous Coward
      Anonymous Coward

      Re: is this a surprise ?

      Just use a decent anonymous VPN provider too - then it's going to be very hard to trace you....Such malware will just show your VPN IP.....

  5. John Smith 19 Gold badge
    Unhappy

    So a system that protects *privacy* is a major target for everyone.

    Which kind of suggests who their real enemy is.

    Individual rights.

  6. NomNomNom

    thank god this sick fuck network is down.

    now they just need to arrest all the trolls on twitter and the internet will finally be clean and polite.

    1. Dr. Mouse

      I REALLY hope that post was in jest. It looks like it, but you can never be sure...

    2. Blitterbug
      Facepalm

      Inappropriate sarcasm much?

      Badly misplaced irony, dude, seriously

    3. Fatman

      RE: thank god this sick fuck network is down.

      Obviously, you forgot your <sarcasm> tag!

  7. RobHib
    Black Helicopters

    Frankly, I wouldn't use TOR for anything really secure

    I rarely use TOR/Onion routers, and then I only use them out of frustration to overcome the irritating IP location-based blocking (watching online TV outside the viewing region and such).

    It seems to me that trusting TOR with anything truly secure is a dangerous move. I do not believe--nor I'm not convinced--that the internet can ever be truly secure when messages are sent, say, between Alice and Bob and both their IP addresses are known and linked to them personally.

    The internet cannot work unless IP addresses are 'published'. And as we've seen with recent revelations, government has back-door access to all those IP addresses--and probably access to servers along the way which would allow man-in-the-middle attacks.

    With government having so much access to the internet, and with its very powerful pattern matching capabilities aided by super computers which are triggered at the first sight of encrypted text, you'd be mad to trust your secrets to the net.

    Moreover, no one has shown that programs such as Mozilla Firefox can ever be truly secure.

    In my opinion, TOR/Onion routers etc. should only be used in once-off emergencies such as a dissident trying to escape an oppressive regime.

    A few high profile cases such as this might eventually serve to warn the world that the internet can never be truly secure in the same way as most us know that you never say anything on a public telephone network that you don't want the world to know about.

  8. AndrueC Silver badge

    TOR is “investigating these bugs and will fix them if we can

    'If'?

  9. raydpratt

    Good News?

    This is one of the few places where I would support a fascist dictatorship of allegedly moral officials. The Libertarian ideal of freedom to the point of not harming others is crossed badly by kiddie porn, and who would doubt it? The only danger here is that a fascist dictatorship of allegedly moral officials would accuse their detractors of anything -- even kiddie porn -- as a means to an end. I support any fascist dictatorship if kiddie porn is their actual target, but it says volumes about what I think of their character if I don't trust them even as to their statements about kiddie porn. After Snowden's revelations -- and their lies in response -- who would doubt it?

    1. gazthejourno (Written by Reg staff)

      Re: Good News?

      But the point of kiddy porn is that the child is harmed in its creation - thus, the libertarian ideal of doing no harm still stands against child porn.

      (yes, I'm vaguely libertarian'ish, sort of, mainly on Thursday nights when there's nothing good on the telly...)

      1. Matt Bryant Silver badge
        Boffin

        Re: Gaz Re: Good News?

        ".....the point of kiddy porn is that the child is harmed in its creation....." I used to think that all paedos were dribbling old men with snuff vids of 5-year-olds, but the reality is it is not all kiddie-rapists and the like. A while back I helped host a website for a charity, one of the services they provided was storage space for code contributors and some users did dump porn in their folders. This wasn't a problem until a guy in Spain started dumping pics of young teen couples, nothing abusive or looking like it was either party being coerced, but legally paedo material in the UK. The website owner and I had a chat with the guy and he pointed out that in Spain the age of consent was 13, so he felt unfairly judged when we accused him of being a paedo using UK law, and was horrified that we lumped him in with the type of people raping infants and the like. Our response was tough, the server is in the UK, remove your material. He wasn't too pleased and left the site, threatening to sue us for slander (which he didn't).

        It all goes to show that some paedos do not view themselves as crims nor think that they are doing wrong, and some apply cultural values that make them think what they do is not morally wrong even though we would consider it morally repugnant and illegal. Don't assume it is all nasty types willingly torturing kiddies, there are some "normal" and talented people out there willingly helping paedos hack code for hidden sites and the so-called digital underground or dark net.

        1. This post has been deleted by its author

        2. Sir Runcible Spoon

          Definition time

          "Pedophilia:

          Sex or sexual activity with children who have not reached puberty."

          i.e. Pre-pubescent.

          Above this age and below 16 (in the UK) it is illegal, but biology reckons this group to be physically (if not emotionally) mature - (hence the illegality of it here).

      2. lunatik96
        Coat

        Re: Good News?

        In a perfect world, we would ALL be Libertarians. We don't live in that perfect world so we have to do the best with what we got. The game is rigged.

    2. Amorous Cowherder
      Facepalm

      Re: Good News?

      What a great idea!

      What about your sister or brother who has autism? Uncle Fred, the benevolent leader doesn't like imperfections ( even though he's probably a short-arse with gammy leg! ) so off to "the hospital" with little Johnny or Sarah.

      Your Mum or Dad, being of a different generation, forgot one day that things are different and said something the Great Leader ( "All hail his magnificence!" ) wouldn't like and uh-oh the neighbour they never got along with dobbed them in as state-traitors! They even gave the neighour a nice reward for it so he could get that nice new car!

      Your partner and you had a baby and it's got a finger missing? Oh dear, you can't keep it, off the state orphanage with it!

      You wanted to read what book that you read as a child? Sorry but that's not the state's agree reading list!

      You were heard down the pub talking about "the old days", I think a little red-education with a 240v shock to your dangly bits will sort out that head of yours down at the "the hospital"!

      Hey-ho we can lock up a couple hundred kiddie-fiddlers so fuck the 100 million people in the country who've done nothing wrong and will no longer be allowed to have their own opinion on anything ever again!

  10. DrXym Silver badge

    I wouldn't trust Tor for anything illegal

    It's too easy for law enforcement to set up any number of exit nodes and stand a good chance of discovering illegality and in far higher concentrations than if they just monitored regular network activity.

    That said, someone wishing to stay anonymous for more mundane reasons (torrent sites etc.) probably has nothing to fear.

  11. Sir Runcible Spoon

    Sir

    It looks like a lot of people have just received thier first virtual electronic tag.

  12. Crisp

    I don't think that law enforcement carried this out.

    If they had then they would be crowing from every rooftop about this.

    1. Anonymous Coward
      Anonymous Coward

      Re: I don't think that law enforcement carried this out.

      Re "crowing from the rooftops"

      I rather think they'd prefer people go on using it to be honest. Expect minimal crowing, apart from the people involved TOR and the like, which is what we've seen here.

  13. Kraggy

    "Crowing from the rooftop"

    Er, no, not while it's clearly 'work in progress'.

    Once they'd destroyed the entire TOR network then yes, pull out all the stops to help justify PRISM (yes, I know it's not really related but 'saving the children' is a great carrion cry excuse for anything like this) and anti-freedom actions in general.

    1. Anonymous Coward
      Anonymous Coward

      Yep

      This is the start of the smear campaign that will be used to taint anyone using such services.

      If you've nothing to hide, and are an honest law abiding sheeple, why are you using TOR or a VPN?

      Very soon that will be used as the justification to destroy whatever privacy options we have left.

      1. jonathanb Silver badge

        Re: Yep

        I use it so I can watch TV on http://pluzz.francetv.fr/ and similar sites without it making racist comments about my IP address.

      2. Anonymous Coward
        Anonymous Coward

        Re: Yep

        "If you've nothing to hide, and are an honest law abiding sheeple, why are you using TOR or a VPN?"

        Because I'm paranoid. Any further questions, Sir? :)

  14. Anonymous Coward
    Anonymous Coward

    Get ready for the big announcement

    Get ready for the big announcement about how PRISM is doing a fantastic job at 'protecting the children' from sickos anytime soon!

    Well they have to justify it somehow don't they?

  15. Anonymous Coward
    Big Brother

    The FEDs and Freedom Hosting ..

    I know nothing about the case but I would be suspicious when the FEDs start flinging round paedophile accusations whenever they go after someone who hosts anonymousing services. Such accusations being one of a troike, money laundering, drug dealing and paedophilia. I figure this is a pretext to shut down Freedom Hosting. I guess the only sort of secure and anonymous web sites the security services is one they run themselves.

    1. Anonymous Coward
      Anonymous Coward

      Re: The FEDs and Freedom Hosting ..

      "troike"

      In the Latin alphabet it's spelled troika (nom. sing., fem.) or trojka depending on the language, and in this context it simply means "three" / "three of" / "trio" in various Slavic languages, so why not just use "three" or "trio"?

      Unless we're talking about a Swedish troika, that is. Different kettle of fish that one. :)

      1. Havin_it
        Coat

        Re: The FEDs and Freedom Hosting ..

        >"troike"...

        No no no, it's a boike wi' tree wheels yeh gobshoite, what're yeh loike?

  16. Anonymous Coward
    Anonymous Coward

    ps:

    Run an anonymising service and risk getting shit flunk your way by the security apparatus of the greatest democracy in the world ..

  17. Paul V

    TOR works fine..

    ..where fine is defined as "as advertised".

    The problem, it would appear, is the default enabling of Javascript. Further from that, is our incomprehensible dependence on and use of it and its inherent insecurity.

    There's the old adage that as functionality increases, security decreases. Java and shockwave have long been labeled the black sheep of the plugin crowd, but it's beginning to come out that HTML5 itself is buggy. It's to be expected - anything that can run things client-side is a potential issue.

    As for the snoopong, from my perspective, between monitoring virtually everything, active attacks on privacy-software users and who-knows-what-else, it's hard not to feel a bit embattled. This reminds me of the old old days around 1993-1994 when the NSA was pushing for Key Escrow. During the Computers Freedom and Privacy conference in 1994 in Chicago, PGP had just been released in response to the key escrow issue, and the NSAs attorney basically told the crowd that despite their misgivings, it was going to go through, and there was nothing they could do about it. Their justifications have changed little from todays arguments: Kiddy porn and Terrorism.

    I suppose it's a bit ludicrous to base your national policy off of the actions of a minority of sexual deviants, indefensible as it is, but the terrorism has become so broadly defined by the public that the likelihood of the invasion of privacy going away anytime soon - or ever - is nil. In '94 they asked permission. They don't even do that anymore.

  18. Anonymous Coward
    Anonymous Coward

    Maybe coincidental.........

    or something's fishy ?

    Run 3 websites for 8 years, daily subjected to spambot signups and hack attacks.

    Every morning check previous day's worth IPs for incorporation into blocking list.

    Sunday, quite surprised, (only as in 'first time seen' *), to find one resolving to TOR-RELAY-01, (at 'Freedom Hosting').

    So spammer/hacker or other "agency" ?

    .

    .

    .

    Today that 'Freedom Hosting' range of IPs is assigned to 'Solido Networks ApS'.

    * About two weeks ago had seen first off VPN originating attack.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021