Bitcoin Forum
June 17, 2024, 07:05:50 AM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Warrant allows FBI to hack and install Malware on Tor users - DAFUQ?  (Read 1420 times)
CrackedLogic (OP)
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000



View Profile
August 06, 2014, 04:25:16 PM
 #1

http://www.hackersnewsbulletin.com/2014/08/warrant-allows-fbi-hack-install-malware-tor-users.html



Shocked BUY GAMESWITHBTCITCOINFORDISCOUNTEDPRICES Shocked
ForgottenPassword
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
August 06, 2014, 04:32:44 PM
 #2


Wow that article is very badly written.

Quote
At the end of Last month, TOR itself confirmed that someone out there which is exploiting TOR Network for De-Anonymize tor users

Looks like the author didn't even bother to read the blogpost that the Tor Project put up: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

In short: they are COMPLETELY different attacks. The attack in the OP's article is the one that was used against Freedom Hosting back in August 2013, where they hacked the freedom hosting server and served up malicious javascript to anyone visiting the kiddy porn sites they were hosting.

This issue has been patched (it was a 0-day exploit in Firefox) and similar exploits can be prevent by DISABLING JAVASCRIPT like you are supposed to do when using Tor as javascript can do all sorts of evil things such as this.

The attack detected by the Tor Project recently is MUCH more serious. It involves running hundreds of malicious Tor nodes and using traffic analysis techniques to determine the users IP. It was also used to determine the IP's of the hidden services they were visiting. This kind of attack was already well known in theory, it is just the first time someone has successfully pulled it off, especially in a large scale and for such a long time (5 months).

Additionally it shows a huge failure on the part of the Tor Project as they had actually detected these malicious nodes hours after they originally came online in January but they thought that it wasn't enough nodes to pull off the attack.

Please note that this attack was ONLY executed against people visiting Tor hidden services. If you used Tor for general internet browsing you are unaffected. In addition it has been found out that the attack was executed by security researchers and it appears they are going to destroy all the information they collected (users IP's) so we dodged a bullet this time.

I have private messages disabled. Send me an email instead. My contact details can be found here.

Tip Address: 13Lwo1hK5smoBpFWxmqeKSL52EvN8U7asX
elliwilli
Sr. Member
****
Offline Offline

Activity: 307
Merit: 250


et rich or die tryi


View Profile WWW
August 06, 2014, 04:43:19 PM
 #3

The writing in this article is atrocious and the points made are mostly inaccurate
The WIRED article it links to near the start is astronomically better than the one thrown together by this crappy hackernews ripoff.
http://www.wired.com/2014/08/operation_torpedo/

ForgottenPassword
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
August 06, 2014, 04:47:51 PM
 #4

The writing in this article is atrocious and the points made are mostly inaccurate
The WIRED article it links to near the start is astronomically better than the one thrown together by this crappy hackernews ripoff.
http://www.wired.com/2014/08/operation_torpedo/

Yes thats a much better article.

I have private messages disabled. Send me an email instead. My contact details can be found here.

Tip Address: 13Lwo1hK5smoBpFWxmqeKSL52EvN8U7asX
FUR11
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250

FURring bitcoin up since 1762


View Profile
August 06, 2014, 05:06:43 PM
 #5

So which one of those articles tells the truth? I find it highly interesting that the US are trying to undermine the TOR network and use it (want to use it?) to spy on people and on the other hand donate millions to that program in order to improve people's privacy???

ForgottenPassword
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
August 06, 2014, 05:09:30 PM
 #6

So which one of those articles tells the truth? I find it highly interesting that the US are trying to undermine the TOR network and use it (want to use it?) to spy on people and on the other hand donate millions to that program in order to improve people's privacy???

Thats because different government agencies have different goals. The US military need Tor to protect their communications hence why they donate to it. Tor hinders FBI investigations hence why they attack it.

The CIA have admitted to spying on the senate and distributing drugs overseas. The NSA have placed backdoors in crypto which was used by other government agencies. Each agency does what it needs to do to fulfill its goals, even if it conflicts with the goals other agencies.

http://www.theguardian.com/world/2014/jul/31/cia-admits-spying-senate-staffers
http://en.wikipedia.org/wiki/Allegations_of_CIA_drug_trafficking#CIA_and_Kuomintang_opium_smuggling_operations

I have private messages disabled. Send me an email instead. My contact details can be found here.

Tip Address: 13Lwo1hK5smoBpFWxmqeKSL52EvN8U7asX
vm1990
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002



View Profile
August 06, 2014, 05:18:13 PM
 #7

Americans always trying to control the internet... and they always fail.
not to worry the quicker exploits pop up the quicker people find a way to stop it. as spoke says "the needs of the many out way the needs of the one" you let them find weakness then you brick it up make them do all the hard work its what there paid for  Grin

(oYo)
Sr. Member
****
Offline Offline

Activity: 476
Merit: 500


I like boobies


View Profile WWW
August 06, 2014, 05:18:41 PM
 #8

"We’re All Criminals and Outlaws in the Eyes of the American Police State"

vm1990
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002



View Profile
August 06, 2014, 05:21:38 PM
 #9


good job i dont behave on the internet then (insert evil smile)

P.S for anyone's information if you dont like whats on the internet then turn it off by smashing your computer with a hammer. the internet isnt evil aslong as you dont look for evil on it

JLynn171
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile
August 06, 2014, 05:22:16 PM
 #10

FBI NSA CIA can do whatever they want whether court ordered or not in my opinion if you are in their cross hairs beware
NapoleonBonaparte
Full Member
***
Offline Offline

Activity: 176
Merit: 100


View Profile
August 06, 2014, 05:48:05 PM
 #11

So, lots of users will go to jail soon for doing doggy thing?
ForgottenPassword
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
August 06, 2014, 05:54:12 PM
 #12

So, lots of users will go to jail soon for doing doggy thing?

They already did. This attack was executed back in August 2013:
http://bitcoinmagazine.com/6113/freedom-hosting-taken-down-founder-arrestes-users-fed-javascript-exploits/
http://www.wired.com/2013/09/freedom-hosting-fbi/

I have private messages disabled. Send me an email instead. My contact details can be found here.

Tip Address: 13Lwo1hK5smoBpFWxmqeKSL52EvN8U7asX
CrackedLogic (OP)
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000



View Profile
August 06, 2014, 06:03:25 PM
 #13

Americans always trying to control the internet... and they always fail.

Germany much?

Shocked BUY GAMESWITHBTCITCOINFORDISCOUNTEDPRICES Shocked
vm1990
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002



View Profile
August 06, 2014, 06:06:45 PM
 #14

Americans always trying to control the internet... and they always fail.

Germany much?

nope British... wish i was Germany or Russian though  Grin

beetcoin
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
August 06, 2014, 06:12:54 PM
 #15

i don't even use tor anymore now that i have my coins in cold storage.. and if i did still use it, i'd use it on tails.
transient858
Full Member
***
Offline Offline

Activity: 153
Merit: 100


View Profile
August 06, 2014, 06:25:03 PM
 #16

i don't even use tor anymore now that i have my coins in cold storage.. and if i did still use it, i'd use it on tails.

They will probably go after tails next. Think there is an exploit being done on tails two weeks ago.
Damnyo
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
August 06, 2014, 07:11:16 PM
 #17

I only went on tor a couple times using tails live cd, what are the chances to get in trouble like that (and you live outside US).
Well even if i am outside us they have done what they wanted, put fear into people so im not using tor again. its not like i found much interesting stuff anyway tho.
iluvbitcoins
Legendary
*
Offline Offline

Activity: 2198
Merit: 1150


Freedom&Honor


View Profile
August 06, 2014, 07:13:24 PM
 #18

Quote
Please note that this attack was ONLY executed against people visiting Tor hidden services

what's the difference?

Looking for a signature campaign.
ForgottenPassword
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
August 06, 2014, 07:36:07 PM
 #19

Quote
Please note that this attack was ONLY executed against people visiting Tor hidden services

what's the difference?

If you use Tor for browsing the internet, such as browsing bitcointalk.org or any "clearnet" website, you would not be affected by this attack.

If you visited a hidden service like silkroadssdadgs.onion or any other .onion website you could've been de-anonymized, but the issue has been fixed so not anymore but similar kinds of attacks are still possible.

I have private messages disabled. Send me an email instead. My contact details can be found here.

Tip Address: 13Lwo1hK5smoBpFWxmqeKSL52EvN8U7asX
iluvbitcoins
Legendary
*
Offline Offline

Activity: 2198
Merit: 1150


Freedom&Honor


View Profile
August 06, 2014, 07:40:57 PM
 #20

Quote
Please note that this attack was ONLY executed against people visiting Tor hidden services

what's the difference?

If you use Tor for browsing the internet, such as browsing bitcointalk.org or any "clearnet" website, you would not be affected by this attack.

If you visited a hidden service like silkroadssdadgs.onion or any other .onion website you could've been de-anonymized, but the issue has been fixed so not anymore but similar kinds of attacks are still possible.

they should be sued for this

malware in a user from the Netherlands buying weed on Silk Road

he's not doing anything illegal and the FBI doesn't have jurisdiction there

Looking for a signature campaign.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!