FBI control of exit nodes beginning 2012, interest in DoS deanonymization

Dratel has filed some new motions asking for a mistrial/new trial for Ulbricht: http://antilop.cc/sr/files/2015_03_06_ULBRICHT_motion_new_trial.pdf Most of it is arcane legal arguing; Dratel lamely argued several times for a mistrial during the Ulbricht trial with zero success, and I don't think this is going to work either.

But particularly interesting are several claims I noticed on pg20-22 (emphasis added):

The predominant share of the documents necessitating the reopening of Mr. Ulbricht's suppression motion were included in the 3500 material produced in regard to SA Der-Yeghiayan. In particular, text messages between SA Der-Yeghiahan and a confidential informant (designated in the 3500 material and hereinafter as "CI") demonstrate unequivocally that the government was conducting warrantless TOR network surveillance on a TOR exit node that would have enabled the government to capture information about the source and content of the data passing through the TOR exit node. See 3505-4059 to 3505-4066.

For example, in an August 4, 2012, communication, at 2:13 p.m., SA Der-Yeghiayan asked the CI, "[a]re we up on the exit node yet?" In response, at 7:18 p.m., August 12, 2012, the CI states "[s]uceess!" and then, at 7:20 p.m., "100 percent running, logging, and recording . . . with verification." Id., at 3505-4059 to 3505-4060. 5

In the context of Mr. Ulbricht's suppression motion, this surveillance raises some novel Fourth Amendment issues, and also provides further evidence that the government discovered the Internet Protocol (hereinafter "IP") address for the Iceland server ending in ".49" through warrantless TOR network surveillance.

In addition, still other text messages between SA Der-Yeghiayan and the CI discuss the prospect of the government performing a distributed denial of service (hereinafter "DDOS") attack on the Silk Road server, with the express purpose of "listening" to the Silk Road servers. See 3505-4066. While it is not clear from the context of the text messages whether the government ever performed the DDOS attack discussed, it is known, from evidence in the record, that DDOS attacks on the Silk Road servers did occur, including one during the Spring of 2013, when the government was actively seeking to find the Silk Road servers, and during which period the government claimed to determine the IP address of the Iceland server by other means.

(One big missing piece here is that I'm not sure how controlling exit nodes would help with locating hidden servers or the SR1 investigation. Do exit nodes also serve as middlemen for hidden services or was this some sort of general data collection in the hope of finding interesting user names and maybe target particular SR-related clearnet sites like Mtgox?)


Comments


[28 Points] None:

[deleted]


[3 Points] None:

i would be willing to be they mistakenly referred to a guard node as an exit node (common mistake, even I do it too sometimes) and set up a guard node. then by DDOS'ing the SR server and other guard nodes, they can have the guard node with the highest up time, which would make the SR server connect to it.


[3 Points] TotesMessenger:

This thread has been linked to from another place on reddit.

If you follow any of the above links, respect the rules of reddit and don't vote. (Info / Contact)


[5 Points] None:

[deleted]


[3 Points] 666fun:

Exit nodes are for accessing the clearnet through Tor. For instance, if you're reading reddit via torbrowser, reddita servers only see you connecting via that exit node. To my knowledge, exits aren't involved at all with hidden services, so I'm not sure how they all apply here. And, as I think it was you, gwern, who do discovered that the Silk Road server connected to mtgox via direct connections n rather than through Tor, it doesn't seem like the argument is applicable there either

Who knows what the guy what to the guy is up to


[1 Points] None:

[deleted]


[2 Points] sharpshooter789:

Exit nodes are not used with hidden services so they could not have been used to locate SR’s HS. For more information check out Tor’s explnation or a good overview from stack exchange.

Further, I do not think the FBI was able to perform any time of timing analysis because Tor uses entry guards to make this more difficult (and there is no mention of entry nodes). Basically, in order to perform a time analysis attack the adversary needs to know the first (entry) and last (exit) node to perform a time analysis attack. Since the first node (entry) can see the clients IP[+ time and size of data] and the last node (exit) can see the destination[+time and size of data] an adversary with access to both of these nodes can correlate volume and timing of traffic to identify a user. For more information about this type of attack and counter measures check out this blog post. Also, I would like to point out that the CMU

Indeed, running a compromised exit node can be useful for other purposes. Its well known that an exit node can see clear text HTTP requests. Although, I should point this type of attack can not be targeted since exit nodes are chosen from a public list so if the FBI was doing this, they would be monitoring lots of innocent people. I’d also like to point out that Tor changes it’s circuit every 10 minutes. This would increase the chances going through a compromised exit node.

Remember, how I said an exit node can only see data not sent over TLS (HTTPS)? Well, there is an technique that would allow an adversary to trick the client into making a non-TLS (HTTP) connection. This technique is known as SSLstrip and this very attack was used to compromise blockchain.info accounts in 2014.

Anyway, the only attack that is possible with only an exit node is eavesdropping on clear net traffic. Although I’m not sure of the legality of this, maybe the FBI logging users attempting to use Tor to connect to mtgox or other major bitcoin website. However, if they did do this I am not sure how useful that information would be since they probably would not be able to get a warrant based on it. Technically, if they gathered the users credentials they could login to the account and see the activity, but this is probably highly illegal [if they got caught].

The part about a DDOS is very interesting. In 2013, there was paper published, titled “Trawling Tor Hidden Services”, where the author was able to use a DOS attack identify the guard nodes being used by a hidden service. The paper can be found here. Of particular importance is this paragraph on pg 89 (emphasis added).

As mentioned in the background section, each hidden service keeps a list of guard nodes. Revealing the guards does not immediately allow an attacker to reveal the location of the hidden service but gives her the next point of attack. This can be dangerous for a hidden service since it is supposed to be online for a long11 time. This gives an attacker sufficient amount of time either to take control over the guard nodes or to start sniffing network traffic near the guards. Given that guard nodes are valid for more than a month, this may also be sufficient to mount a legal attack to recover traffic meta data for the guard node, depending on the jurisdiction the guard node is located in.

Another interesting excerpt from the article (pg 88). The author notes that this attack is ineffective if the HS encrypts their descriptor, but this isn’t common (I doubt Ross was even aware of this.

If the list of introduction points is encrypted, an attacker will not be able to establish a connection to the hidden service. Hence the attack described in the previous section does not apply. However, we can use a different method to determine if some of those encrypted hidden services use a guard node controlled by us. We will not be able distinguish between hidden services with encrypted introduction points though. On the other hand, note that results from Section V show that the number of hidden services which encrypt their introduction points is comparatively small.


[1 Points] TotesMessenger:

This thread has been linked to from another place on reddit.

If you follow any of the above links, respect the rules of reddit and don't vote. (Info / Contact)


[1 Points] gibraltarcrackrock:

Along with the messages referring to the ddos attacks, it sounds like they meant a guard node, and not an actual exit node. Connecting the dots draws a picture of them running a ddos to have their controlled server become a guard node for the SR server.


[1 Points] supersadtrueprivacy:

Has there been any technical follow-up on this?


[1 Points] None:

Keep in mind the feds lie about what/how they build cases:

https://en.wikipedia.org/wiki/Parallel_construction