Old 08-05-13, 09:01 PM   #1
Newcomer
Join Date: Jul 2013
Posts: 20
Default NSA infiltrates TOR network

Very interesting article:

http://www.slate.com/blogs/future_tense/2013/08/05/freedom_hosting_saic_nsa_behind_a_spyware_hack_on_privacy_protecting_network.html
lazarus is offline  
Old 08-06-13, 12:38 AM   #2
Elder

Join Date: May 2009
Location: Eire
Posts: 4,224
I've been following this since I first heard.. Excellent, that in one fell swoop they've managed to nuke a large portion of the filth from the internet. I'm generally against big brother and their creepy surveillance but freedom hosting had to go.

The downside is tormail and the various other non-repulsive hidden services that got caught in the crossfire. No matter I have no doubt that the darknet will survive and thrive in spite of this.


https://freenetproject.org/news.html#2013-tor-bust

Last edited by FirtY; 08-06-13 at 12:41 AM.
FirtY is offline   Reply With Quote
Old 08-06-13, 01:12 AM   #3
Hellblazer

Join Date: Aug 2011
Location: On a little rock floating in the vast emptiness of the multiverse
Posts: 984
Yeah... except they didn't nuke anything. This was the equivalent of a script kiddie injecting a referral through an exploit in, and only in, Tor bundle's FF 17 (which is the older version).

Anything who knows anything about Tor and anonymity, knows that turning off flash/silverlight/javascript etc. is the first thing you do, since those scripts have been known to ignore nodes and reveal your ip, and this exploit only affected those who had JS on.

The sites themselves, the good and bad, will be back under different names and different hosts (only good thing is it will take a while), or else running their own servers. Tor is still anonymous and has not been hacked. Nothing got infiltrated, which, regardless of the unfortunate fact that the dark side of Tor isn't dead, is also good news, cos if Tor really was cracked and figured out, it would die instantly. No point in using it for anything if it isn't secure (or, as the case is, MORE secure than almost any other alternative - nothing is 100% secure, and the exit nodes aren't encrypted).

Just to be clear, I'm not standing up for the repulsive services, obviously, but if given the choice of removing them from Tor forever through a legitimate way of hacking and tracking users, or having it as secure as it ever was, and tolerating those sites, I'll choose the latter every time. Today it's child pornography, what's tomorrow? Drugs? 3D print schematics? Political/corporate dissent blogs? You can't have censorship while still enjoying anonymity and security.
HeavyGrimm is offline   Reply With Quote
Old 08-06-13, 01:21 AM   #4
Elder

Join Date: May 2009
Location: Eire
Posts: 4,224
Default Heavy Grimm get a clue!!!

https://www.cryptocloud.org/viewtopic.php?f=9&t=2894&p=3852#p3852
The phone home server onfirst look is owned by SAIC, yet further scrutiny shows it's part of IP space directly allocated to the NSA's Autonomous Systems. script kiddies ROFL


Did you read the freenet article? then why parrot it..

Last edited by FirtY; 08-06-13 at 01:27 AM.
FirtY is offline   Reply With Quote
Old 08-06-13, 03:02 AM   #5
Newcomer
Join Date: Nov 2010
Posts: 11
Tor isn't exclusively run by child pornographers, it's actually a very important tool for a lot of journalists, political dissidents and civilians living in dictatorships who want to forgo persecution. Viewing this as some kind of "victory" is juvenile and missing the point entirely. Tor is a great way to remain anonymous from government surveillance (despite the NSA "bust"). Yes, it is a haven for illegal activities too, but that is the price you pay for true anonymity.
JayVex is offline   Reply With Quote
Old 08-06-13, 04:55 AM   #6
Illuminati Member

Join Date: Dec 2008
Location: kuala lampur
Posts: 3,904
Why is it whenever they wish to trample on rights they say child porn? As sick as it is, it has been around before and during tor. Supporting tor does not mean we support child porn. That is like saying if your not for our troops your for the enemy.

They do this every time. It's either or, and that ain't right either. Its a scare tactic that has been used for ages because in a sick and twisted way its effective.

And why is the NSA not being busted for hacking? Anonymous where are you when we truly need ya?
dormin is online now   Reply With Quote
Old 08-06-13, 07:04 AM   #7
Expert

Join Date: Jul 2008
Location: England
Posts: 669
If people bin the TV and ditch the FM radio garbage then people will have the time and space to think for themselves. Are sitcoms and Hollywood worth more than your mind?
bethechange is offline   Reply With Quote
Old 08-06-13, 07:26 AM   #8
Australian

Join Date: Oct 2008
Location: behind the scope
Posts: 1,344
My knowledge is a little lacking when it comes to TOR and similar programs, and I don't want to take this off topic, but I have used TOR in the past to get around NLs country limits, is it still safe to be using it?, should I take this to a new topic?
HEVIHITR is offline   Reply With Quote
Old 08-06-13, 07:43 AM   #9
Elder

Join Date: May 2009
Location: Eire
Posts: 4,224
Tor, freenet, I2p are legitimate and necessary technologies in a world where censorship threatens the whole internet. As to safety have a read
http://www.hiddenwiki.org/
Hell yeah I count the demise of the largest center of child pornography and heinous abuse on the internet a major victory JayVex, and no mistake about it. Do a little research of the sort of material we are talking about here!
I champion our right to privacy, and abhor government censorship, especially when the protection of the child is used as an excuse limit our rights. That said the trash needs to be taken out every once and a while and that is what seems to have happened with little collateral damage and no obvious lasting negative effects to the underweb.
WIN WIN!!!
FirtY is offline   Reply With Quote
Old 08-06-13, 08:49 AM   #10
Newcomer
Join Date: Jul 2013
Posts: 20
Reading the comments to the Slate article, not the ones here, it's disturbing how many supporters there are of CP. Lots of sick fu*ks out there.
lazarus is offline   Reply With Quote
Old 08-06-13, 09:26 AM   #11
Australian

Join Date: Oct 2008
Location: behind the scope
Posts: 1,344
Thanks for the link FirtY, I am starting to get a basic understanding of what TOR really is, while my intentions for using TOR were simply to get around a payment gateway, I see it is way more complex than I had originally thought, I had heard of some of the places listed, even had a friend ask if I could buy him weed through TOR[I figured he was high at the time] so I ignored it, turns out I could have, but I really don't want to get into all the illegal realms that exist in there, I just want to be anonymous sometimes.

Once again thanks, I plan to read up more on this, if only so I can gain some knowledge.
HEVIHITR is offline   Reply With Quote
Old 08-08-13, 06:30 AM   #12
Elder

Join Date: May 2009
Location: Eire
Posts: 4,224
Information IP attribution update

we've published this essay, despite the fact that it still awaits the inclusion of quite a few more linked resources, and several rounds of proofing/text cleanup; bear with us, we'll get 'er done, but in the meantime this is we hope useful and timely information for folks who are following torsploit realtime - thanks!

Since we began working on the "Torsploit" analysis, on Sunday and in collaboration with Baneki Privacy Labs, we've worked pretty hard to make it clear that when it comes to attributing "custody and control" to IP addresses, we're not subject matter experts. Sure, we know how to use the tools and we know our way around a C block reasonably well (even subnetting, given what we do for a living, isn't outside our competence)... but there's a big difference between knowing how to use a tool and knowing enough to write a tool. We're in the former category.

As the last few days have gone by, several genuine subject matter experts have stepped forward and helped enormously in educating us (and quite a few other folks following along in twitter, we hope, as Baneki asks for advice and explanation and gets great replies back). What do we know for sure, now:
Quote:
We know that those ARIN records that appeared to show the torsploit IP addresses (65.222.202.53 & 65.222.202.54) as being directly allocated to SAIC are inaccurate. Or, rather, the popular analytics resource domaintools.com uses an old (ca. 1993) method for interpolating individual IP ownership ("assignment" is a better term, really, but it's a bit clunky). That old method, all evidence suggests, doesn't give accurate information about the 2 torsploit IPs in question.

Continued:
https://www.cryptocloud.org/viewtopic.php?f=14&t=2951&p=3888#p3888
FirtY is offline   Reply With Quote
Old 08-08-13, 08:40 AM   #13
Newcomer
Join Date: Jul 2013
Posts: 20
This may have been going on much longer. I just lucked into this. Read comment #14 on this TAILS forum topic:

https://tails.boum.org/forum/How_to_know_when_someone_is_trying_to_hack_tails/
What's so interesting is the date. October 2012. Almost one year ago. The exploit may not have been the same one but the information it was collecting seems to be the same. Yet no one but that poster noticed it. It is almost certainly a government agency if it is only tracking your IP. The OP stated that he had no script turned on.

All the info out there right now is just about the hack. But, nothing on how the FBI, NSA, whatever, found the hidden servers and compromised them. And as shown above they may have infiltrated some servers long ago.
lazarus is offline   Reply With Quote
Old 08-08-13, 09:16 AM   #14
Elder

Join Date: May 2009
Location: Eire
Posts: 4,224
I think given flame & stuxnet and now the Snowden revelations that there's been a concerted effort to being the entire internet including the darknets, & especially tor into the light so to speak for as long as the net has existed.

An interesting read
http://wikileaks.org/wiki/Perry_Fellwock
FirtY is offline   Reply With Quote
Reply


Thread Tools



All times are GMT -7. The time now is 09:01 PM.
SEO by vBSEO ©2011, Crawlability, Inc.