Bitcoin Forum

http://www.reddit.com/r/Bitcoin/comments/1joli2/breaking_half_of_tor_sites_compromised_including/

Yeah this isn't good and should be interesting to see how it shakes out for BTC.

I agree, it will be interesting to see where this goes. I think the information that TORMail was included in the compromise will be giving a few people some anxious moments

I wonder if the FBI would even have the infrastructure in place to confiscate all of SR's bitcoins.

One person in the loop knows the private key and they are suddenly rich.

You ARE aware that one of the minds behind TOR is/was one of "them",,right?

One of those who lived in one of the many, possibly several of the "acronym" companies.

Look who developed it and their beginnings.

I BELIEVE in litecoin/bitcoin as superior alternative "currencies".

BUT

I also believe that TOR, like Kazzaa and Morpheus and Limewire, it was put there to entrap users.

Yea I am paranoid, and you should be too.

When did tormail go down?

SR never went down, and where does this half number come from?

Tor sites that were hosted with that one dude, which had tons of CP on it, were compromised...

A lot of FUD on that post.

So I just looked into this, not thoroughly so someone please correct me where wrong, but have the following assessment.

The FBI conducted a successful operation against a big person in the Tor world named Eric Eoin Marques who runs a company called Host Ultra Limited. They are trying to extradite Eric to the US to face charges. I'm guessing Eric either distributed directly, or hosted sites dealing in child pornography. Apparently he was conducting business as a Tor Hidden Service.

Now, Tor Hidden Services is different than using Tor normally. Tor Hidden Services is what allows Silk Road to operate because the server itself can gain anonymity while still handling incoming client requests.

What is not readily apparent (to me) is how the FBI found Eric's servers, and what was done with them. It could be that his servers were found with investigative methods outside Tor. However, there does appear to be a way to de-anonymize servers using Hidden Services revealed in the following paper at a security symposium in May 2013:

Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization (http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf)

I only read the first couple pages but have no reason to doubt the claims. Whether or not the FBI used similar exploits for this case isn't apparent, but I'd say Silk Road looks vulnerable unless and until there is a patch or re-work of the Hidden Services protocol.

Yes, yes you are.


Better stop using the internet too, considering it was primarily developed by DARPA/DOD (probably as a plot to monitor your porn usage). If you are going to be crazy, you might as well take it all the way.

Well damn it.  I was going to look for some ayahuasca on SR today, but I guess I will just consult my local shaman :(

pruddy much, the first internet was a government intranet.

the TOR scare is related to people not hardening their TorBrowsers... disable JS/enable NS.

Anybody who was using Tormail should have been encrypting their messages anyway.

More info here:

http://www.independent.ie/irish-news/courts/fbi-bids-to-extradite-largest-childporn-dealer-on-planet-29469402.html

and more tech in this article:

http://siliconangle.com/blog/2013/08/06/darknet-freedom-hosting-sites-shutdown-led-by-fbi-exploit-use-against-tor-network/

From what I understand, the privacy of the TOR network has been kept. What went wrong was that some users were using an old browser, but that doesn't explain what led the FBI to Eric Eoin Marques, who was assuredly aware that using an old browser isn't safe.

From a pure technical point of view;

- they got a list of specific onion websites to target
- analyse and exploit a weakness in the website coding (think of sql injection etc)
- gain access to at least the privilege level of the webservice (like apache etc)
- from there they can easily lookup the IP and other details of the system and manipulate / load custom code

Especially if those websites are concentrated on a few systems sharing common weaknesses in their website code.

There was a black hat hacker, recently arrested (by uniformed police) within fifteen minutes of logging into irc from a coffee shop. One time not using Tor. Fifteen minutes.

Granted he was probably already on a 'List', and server hacks can be used, but when your phone inadvertently connects to 'attwifi' at Starbucks, you can be found.

I thought Host Ultra Limited was also Freedom Hosting or no?

As for silk road, I'd be very fucking surprised if they were paying pedohost for their services. With SR income they could easily have a front company/servers for it under a watchful eye.

(Hi FBI in this thread ;)