Half of Tor Sites Compromised, Including TORMail

First time accepted submitter elysiuan writes "The founder of Freedom Hosting has been arrested in Ireland and is awaiting extradition to USA. In a crackdown the FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network have been compromised, including the e-mail counterpart of TOR deep web, TORmail. The FBI has also embedded a 0-day Javascript attack against Firefox 17 on Freedom Hosting's server. It appears to install a tracking cookie and a payload that phones home to the FBI when the victim resumes non-TOR browsing. Interesting implications for The Silk Road and the value of Bitcoin stemming from this. The attack relies on two extremely unsafe practices when using TOR: Enabled Javascript, and using the same browser for TOR and non-TOR browsing. Any users accessing a Freedom Hosting hosted site since 8/2 with javascript enabled are potentially compromised."

Tips for Tor

[Meditato]

Put your Tor client in a Secure Linux VM, so none of your hardware information can be exposed. Go to https://check.torproject.org/ [torproject.org] to check if Tor is working, and make sure NoScript or something similar is enabled.

Re:Tips for Tor

[Cynops]

Or use Tails, a Linux distro specifically designed for paranoia. You burn it on a CD (or USB stick) and boot from it into a Linux desktop environment specially crafted for privacy and security. All internet traffic is routed through Tor (sic), so after rebooting you should be fine.

Re:Tips for Tor

[Anonymous Coward]

Tails have Javascript enabled, so would be insecure. Wait for the next update.

Re:Did I read that right?

[Skuto]

You should had to be running Firefox 17 on windows afaik (that was the version included by the Tor Bundle).

You had be running the specific, modified Firefox version that's shipped with Tor.

Mozilla's Firefox 17 (ESR) has been patched for this vulnerability. (i.e. it's not a real 0-day)

Re:it's now just a matter of days

[Bill, Shooter of Bul]

Crazy libertarian conspiracy talk, Not real.

http://www.snopes.com/politics/guns/ssabullets.asp [snopes.com]

Re:I kind of want to be angry but..

[Anonymous Coward]

... claimed they did something to protect the children ...

Why? The FBI hasn't found child pornography on this server. I'd be surprised if they didn't but I notice a distinct lack of jack-booted thugs doing their usual circle-jerk.

Note the FBI allege the company had "facilitated the spread of child pornography". Which would of course include every router and tel-co between Ireland and the person downloading. The FBI hasn't claimed the company hosted the material or linked to it, or even hosted tracker files. It is far too soon to be claiming "think of the children" in this story.

FBI director reports to Clapper, Obama

[raymorris]

It's the freaking FBI. That's not exactly a secret rogue agency. FBI director Mueller briefs Obama directly. Technically, Clapper is Mulleur's boss, and Obama is Clapper's boss. That's ONE GUY in the chain of command between Obama and the FBI.

Re:We are living in interesting times

[Pino Grigio]

Speaking of the Soviets, I happen to be reading Hayek's, The Road to Serfdom [amazon.com] at the moment. The conflict between Freedom and Security is covered in some detail. I highly recommend slashdotters read it too.

Re:We are living in interesting times

[slashmon]

Pedophile means that the person has a condition called "pedophilia". It does not mean they break the law. It's not illegal to be attracted to children. Most people with pedophilia live their lives legally and deal with their attractions to children (which they cannot change) legally, also. Pedophile does not equal child molester. Just as someone who just thinks about robbing a bank is not a bank robber. This short article tells the real deal about pedophiles: http://www.commonatheist.com/ped.htm [commonatheist.com]

Re:We are living in interesting times

[icebike]

Only a moron would believe that.

Check your facts:
http://en.wikipedia.org/wiki/Tor_(anonymity_network)#History [wikipedia.org]
https://www.usenix.org/legacy/events/sec04/tech/full_papers/dingledine/dingledine_html/index.html [usenix.org]

Why do you think almost 2/3rds of all TOR sited portal to the net in Virginia?

Re:FISA secret courts

[Anonymous Coward]

Actually, these secret courts started in 1978 [wikipedia.org]

Re:citation needed

[Mashiki]

Considering that they've been approving 100% of all warrants? [arstechnica.com] Yeah, pretty sure there's a problem. Reminds me of the kangeroo courts...I mean human rights councils here in Canada. Which had a 100% conviction rate.

Re:Nobody mentioned the exploit?

[AHuxley]

http://www.zdnet.com/blog/security/hacker-builds-tracking-system-to-nab-tor-pedophiles/114 [zdnet.com] hinted
"custom software to monitor peer-to-peer networks"
http://news.cnet.com/8301-10784_3-9920665-7.html [cnet.com] from 2008
"unique serial numbers" from the person's computer and keeps a tally.."

Why doesn't Tor block scripts?

[Urza9814]

OK, so why the hell doesn't someone take the five minutes to add some code to Tor that would strip out client-side scripting? It's not that hard; plenty of other secure networks do it (ex. Freenet) so why the hell doesn't Tor? I mean yeah, I get it, they give you ample warnings before you download, but is there any legitimate reason they don't do this or have they just decided they don't want to try to stop this kind of attack?

The dangers of Big Data crime enforcement

[aNonnyMouseCowered]

We're now in the age of Big Data crime enforcement, where to be abnormal, in the sense of deviating too far from the median/norm is all it takes to be flagged as a suspect. The danger I see in the future is that, in order to avoid being caught in the net of the federal surveillance agencies people will deliberately start acting within the "norm", like visiting the sites online, Facebook/Twitter/G-something for your communication needs, or CNN/Fox/BBC for your "news", or whatever local site is "popular" in your area. To have an opinion will be to choose from an approved list, much like a multiple-choice exam or, worse, like the presidential election.

Re:We are living in interesting times

[BlueStrat]

Sorry, but the Soviets didn't invent that trick. If anything they copied it from the Nazis, but then the Nazis didn't originate it either. Perhaps they copied it from the Inquisition, or from any of many other prior "practitioners of the art". It's so old that one can't even say how old it is. It *probably* didn't predate language.

The amazing thing is that it still works.

Actually, if you count it as a subset of propaganda, then you need to go back to Edward Bernays and the Wilson administration's implementation of the first government propaganda agency, the Committee on Public Information.

http://en.wikipedia.org/wiki/Edward_Bernays [wikipedia.org]
----
Bernays's public relations efforts helped to popularize Freud's theories in the United States. Bernays also pioneered the PR industry's use of psychology and other social sciences to design its public persuasion campaigns:

      " If we understand the mechanism and motives of the group mind, is it not possible to control and regiment the masses according to our will without their knowing about it? The recent practice of propaganda has proved that it is possible, at least up to a certain point and within certain limits."

He called this scientific technique of opinion-molding the 'engineering of consent'.

Bernays began his career as press agent in 1913, counseling to theaters, concerts and the ballet. In 1917, US President Woodrow Wilson engaged George Creel and realizing one of his ideas, he founded the Committee on Public Information. Bernays, Carl Byoir and John Price Jones worked together to influence public opinion towards supporting American participation in World War I.
----

Goebbels owned a copy of Bernays's book on the subject IIRC, and acknowledged Bernays's and Wilson's achievements with the use of propaganda domestically and utilized many of their techniques and principals in Nazi propaganda programs. I believe Stalin is reported to have taken many propaganda ideas and concepts from Bernays's work as well..

Wilson was a real racist/segregationist, political/policy-opposition-arresting piece of work all on his own. People should read about the actions taken and policies enacted by Wilson domestically. In a lot of ways, like the Executive Branch/DoJ running wild, it resembles our current situation with a DoJ exceeding it's powers and deliberately inflicting illegal, un-Constitutional, and criminal injustice for political reasons.

Strat

The exploit phones home, IP address 65.222.202.54

[Alsee]

The exploit transmits your identifying information to IP address 65.222.202.54. The information includes a unique tracking number generated by the exploit server, your computer's MAC address, your computer's host name, and any other IP addresses and host names visible on your local network.

This IP address traces back to a Verizon business account just outside Washington D.C., not far from FBI and CIA headquarters. You can see the IP location trace here [truevue.org], complete with a zoomable Google map. However note that the location trace is probably just an approximate location. Zooming all the way in shows a local shopping center, but that's probably just the location randomly landing at the "center" of a town or other service area.

-