Silk Road forums
Discussion => Security => Topic started by: TravellingWithoutMoving on August 10, 2013, 12:32 pm
-
first up, know Tormail reported as down, hope this isnt dup information
i'm just reporting what i've found on clearnet
points of view may not be my own i never wrote the articles:
http://www.theepochtimes.com/n3/230738-freedom-hosting-operator-arrested-fbi-suspected-in-tor-malware/
"
Freedom Hosting Operator Arrested; FBI Suspected in Tor Malware
By Jack Phillips, Epoch Times | August 5, 2013
Freedom Hosting operator Eric Eoin Marques, a 28-year-old Irishman, was arrested this weekend, dealing a major blow to users of the “darknet” Tor service.
According to reports, Marques is being held without bail in Ireland and he might be sent to the United States to face child pornography charges. He is due in court on Thursday and if extradited to the U.S., he could face 30 years in prison.
The Irish Independent quoted an FBI source as saying that Freedom Hosting is the “largest facilitator of child porn on the planet.”
Tor is a free service that allows users to mostly conceal their location and Internet use from entities that carry out network surveillance or analysis of traffic. It can be used by human rights proponents in some countries–like China or Iran–to communicate in a secure manner, but it has also been derided for providing illegal services–including the Silk Road drug trade website–and child pornography.
The network uses the .onion domain and can only be accessed via the Tor network...
READ: Uncovering the Darknet
Freedom Hosting is considered a staple inside the Tor network, and it is believed to be one of the largest hosters on the service. In 2011, the Anonymous hacker group threatened the purveyors of Freedom Hosting, saying it would carry out attacks on its websites and servers if it didn’t clean up its act.
His arrest coincides with a piece of malware that appeared on sites in the Tor network. The malware appeared Sunday morning on Freedom Hosting sites, according to Wired magazine. And security experts believe the FBI is the origin of the malware.
“It just sends identifying information to some IP in Reston, Virginia,” reverse-engineer Vlad Tsyrklevich told the publication. “It’s pretty clear that it’s FBI or it’s some other law enforcement agency that’s U.S.-based.”
The malware is a JavaScript exploit for older versions of the FireFox browser, according to Tor.
“From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the web pages delivered to users,” the company wrote in a blog posting.
The post continued: “This exploit is used to load a malware payload to infect user’s computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We’re investigating these bugs and will fix them if we can."
"
http://nakedsecurity.sophos.com/2013/08/05/freedom-hosting-arrest-and-takedown-linked-to-tor-privacy-compromise/
"
Freedom Hosting arrest and takedown linked to Tor privacy compromise
by John Hawes on August 5, 2013 | 3 Comments
Filed Under: Featured, Firefox, Law & order, Privacy
The anonymising service Tor and the secretive web underworld operating under its shadowy cloak were rocked over the weekend by the arrest of a major hosting provider, and suggestions that malicious JavaScript may have been planted on a number of sites, aimed at revealing the identities of those using Tor.
Eric Eoin Marques, a 28-year-old Irish citizen, is being held without bail in Ireland after a preliminary extradition hearing on Saturday aimed at sending him to the US, where he would face charges of distributing child pornography online.
Marques owned and operated the "Freedom Hosting" service inside the Tor network, thought to be one of the largest operators within Tor having provided a number of popular privacy tools including TorMail.
The service has a history of issues with child pornography, with Anonymous collective apparently warning the service to clean up its act in 2011.
Coinciding with his arrest, reports began to emerge of suspect JavaScript being spotted on sites served by Freedom Hosting. The code is believed to be designed to reveal the identity of those visiting the sites, reporting back to a site hosted on the open web in the Washington DC area.
The script exploits a known vulnerability in Firefox, in a way which should only compromise older, unpatched versions of the browser.
Given the timing, of course most people have speculated that the script was inserted by investigators with the FBI, aiming to round up users of illegal child abuse sites believed to be hosted by Freedom Hosting.
This seems to be something of a trend for FBI investigations lately, leaving known paedophile sites up and running for a while after discovering them so the feds can track down their users.
The revelations will prove worrying for many legitimate Tor users, who rely on the service to protect them from snooping by government agencies. While it may sometimes be used for criminal purposes, Tor also often allows access to freedom of speech which might otherwise be denied to people in certain parts of the world.
The operators of the Tor Project have publicly distanced themselves from Freedom Hosting, in a blog post which also describes how the private networks they facilitate work.
The 'deep web' operating inside the Tor cloud has been hit by internal issues of late too, with a major criminal message board being hijacked and defrauded by one of its own trusted admins.
We've also seen that merely using Tor can flag you as a person of interest to government snoops, as one might well expect.
It seems that there's no such thing as 100% reliable privacy and anonymity on the web.
"
-
Erm you're only a week late.
-
weaksaause....