The board's server will undergo upgrade maintenance tonight, Nov 5, 2014, beginning approximately around 10 PM ET. Prepare for some possible down time during this process.
I was looking into this when I found out that the FBI has effectively shut it down, ostensibly to combat child pornography. I'm sure this has nothing to do with widespread NSA surveillance and a desire to deter potential leakers.
I have the Tor browser and proxy installed on my computer. What do
I'm not the one to ask. I'm such a late adopter that the service doesn't exist anymore when I attempt to install it. I have no idea if its also compromised, but I just installed Jap/JonDo. The free service is incredibly slow, so get ready to shell out for a functional bandwidth.
Would a mainstream server host suffer similar criminal penalties for inadvertently hosting a kiddie porn website? Unless they received and ignored previous cease and desist orders, I'm guessing not and that they will use the intent to provide anonymity as an indication of criminal behavior at trial.
Joined: Thu January 10, 2013 2:19 am Posts: 8888 Location: SOUTH PORTLAND
some repeat info from the story in the OP, but the plot has thickened to include our beloved FBI.
techdirt.com wrote:
Feds Accused Of Distributing Malware That De-Anonymizes Tor Users from the left-hand,-meet-the-anonymous-right-hand dept
It's somewhat well known that the popular Tor anonymous browsing system gets a significant amount of funding from the US government. In the past, the suggestion had always been that the State Department was a major supporter because of its belief that Tor would help dissidents in other countries communicate better via anonymous systems. However, now there's a lot of buzz because it appears that a bit of malware that was discovered this weekend targeting Tor users, may have come directly from the FBI itself. The implication isn't against the Tor project at all, but rather it appears that whoever pushed out this malware did so by using a vulnerability targreting people using the Tor Browser Bundle -- a Firefox bundle that builds in Tor -- browsing a variety of hidden sites (available only to Tor users) hosted by the somewhat infamous Freedom Hosting. Freedom Hosting's boss, Eric Eoin Marques was arrested in Ireland last week as the US is trying to extradite him. But, what was more interesting was what some people discovered on all Freedom Hosting pages:
Shortly after Marques' arrest last week, all of the hidden service sites hosted by Freedom Hosting began displaying a “Down for Maintenance” message. That included websites that had nothing to do with child pornography, such as the secure email provider TorMail.
Some visitors looking at the source code of the maintenance page realized that it included a hidden iframe tag that loaded a mysterious clump of Javascript code from a Verizon Business internet address located in eastern Virginia.
By midday Sunday, the code was being circulated and dissected all over the net. Mozilla confirmed the code exploits a critical memory management vulnerability in Firefox that was publicly reported on June 25, and is fixed in the latest version of the browser.
Though many older revisions of Firefox are vulnerable to that bug, the malware only targets Firefox 17 ESR, the version of Firefox that forms the basis of the Tor Browser Bundle – the easiest, most user-friendly package for using the Tor anonymity network.
So why do people think the feds are involved? The bit of malware scoops up various identifying information -- MAC address and Windows hostname -- and then sends it to a server in Virginia to find the real IP address of the computer in question. The Virginia server is controlled by the infamous contractor SAIC, who works with numerous government agencies.
It's no secret that law enforcement has wanted to identify folks who are trying to be anonymous. And, as discussed just last week, the FBI has been using malware at an increasing rate. So it wouldn't be a huge surprise to find out that little tricky bit of malware was designed to provide more info on Tor users who might be up to nefarious activity (or, you know, they might just want to surf anonymously). I imagine that this is not the end of this particular story...
Users browsing this forum: No registered users and 15 guests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum