Tor And The FBI

This is a post series on cybercrime. For more posts click here or the cybercrime tag below.

I’m going to point out that the big mistake was made by the people who assumed that use of TOR would allow them to remain anonymous.  What they need to understand is that TOR is a utility that is funded by the State Dept. of the US government and created by the US Navy.  Which might give you pause if yo think that you can avoid the interest of US law enforcement forever.  While in this case it was child porn, I imagine that all illegal interactions on TOR are becoming roundtuits for the various US and international law enforcement agencies as the use of TOR for things like ransomware, dark markets and things like playpen, have gotten out of hand in recent years.

The FBI has withdrawn from this case to avoid revealing the methods used to hack TOR, for the moment, though you have to wonder what that gets the defendant, who for a long time is going have to realize that he will be under investigation and all it’s going to take is one little slipup.  This isn’t like a ransomware ring where the perpetrators will just disappear and who expect to get servers seized and shutdown as a part of the business.  Pedophiles tend to return to their bad habits and the Cops can afford to wait on this one.

https://arstechnica.com/tech-policy/2017/03/doj-drops-case-against-child-porn-suspect-rather-than-disclose-fbi-hack/

https://threatpost.com/doj-dismisses-playpen-case-to-keep-tor-hack-private/124102/

People shouldn’t believe that TOR protects them from illegal activities. The fact is that TOR actually has rules it has to live by and can liable for illegal activities if it’s found that TOR aided in those activities.  That’s both due to the funding legislation for TOR and the common carrier laws under which TOR operates.  So expecting illegal activity to continue to be secured by using the TOR network is probably a fools choice as the sudden destruction of dark markets and other illegal activities that used TOR has proven.

The week in ransomware:
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-10th-2017-spora-cerber-and-technical-writeups/

Advertisements

2 comments

  1. penneyvanderbilt · March 12

    Reblogged this on Ancien Hippie.

    Like

  2. davidelang · March 12

    The reason Tor was funded by all those agencies is that they wanted to have a secure means for their agents to be able to communicate.

    So you have one hand trying to make it untraceable, and the other hand trying to break it to track the bad guys. It’s always going to be a contest between these viewpoints, but it is odd to see both viewpoints in the same organization 🙂

    That said, from what I’ve seen about ‘breaking Tor’, most of the problems boil down to the browser doing too much, and someone using the same browser inside Tor and outside Tor (so they can trick the browser to contact a system they own outside tor)

    I’m not advocating trying to get away with crimes (well, not by my definition of crimes anyway, there are things I commonly do that would be considered crimes by some governments around the world, and I’m happy to not comply with what they would want me to do :-), but there are legitimate reasons to maintain privacy. If you are going to use Tor, setup a machine (or VM) just for use with Tor and don’t ever use that browser outside of Tor. If you can limit the features that are enabled on the browser, do so (this is why people make ‘tor browsers’, they are trying to limit the functionality)

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s