Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Courts Encryption Privacy Security

DOJ Official Tells 100 Federal Judges To Use Tor (vice.com) 61

The director for the Cybercrime Lab at the Department of Justice urged a roomful of 100 federal judges to use Tor to protect their computers, remembers judge Robert J. Bryan. An anonymous reader quotes a report from Vice: While the US is the biggest funder of the non-profit that maintains the software, law enforcement bodies such as the FBI are exploiting Tor browser vulnerabilities on a huge scale to identify criminal suspects. To add to that messy, nuanced mix, one Department of Justice official recently personally recommended Tor to a room of over a hundred federal judges...

"I almost felt like saying, 'That's not a good way to protect your stuff, because the FBI can go through it like eggshells,'" Bryan continues. Of course, this isn't really true: although the FBI has had some notable successes at identifying criminal suspects on the dark web with technological means, it is not the norm. It's worth remembering Carroll is not the only Justice Department or US law enforcement official to endorse Tor...one FBI agent was also an advocate of Tor.

This discussion has been archived. No new comments can be posted.

DOJ Official Tells 100 Federal Judges To Use Tor

Comments Filter:
  • for your honor's consideration
    • by PRMan ( 959735 ) on Sunday August 07, 2016 @06:08PM (#52662011)

      Tor kept the Silk Road online for 2 years where without it they would have shut him down immediately. And they found him with old fashioned police work, not Tor hacking.

      They have become better at finding IP leaks to exploit, but to say that they can go through Tor like eggshells is overstating it quite a bit.

      • by lgw ( 121541 ) on Sunday August 07, 2016 @06:24PM (#52662063) Journal

        TOR seems really good at preventing mass harvesting of data by the government. Everything we've seen requires them to make a special effort to hack someone they're interested in, so maybe it's not so useful for high-profile criminal activity. But for doing things today which may be made illegal one day in the future, and your browsing history used against you, it seems to work fine.

        • by AmiMoJo ( 196126 )

          If you use it perfectly it will keep you safe. Use the Tails live CD, ideally through public wifi some distance from where you live. Never, ever enable Javascript. Never make your browser window maximised or full screen. And of course, never reveal any identifying information yourself.

          Makes running a criminal empire difficult, but that's not the design goal. It's great for people looking for uncensored web access, journalists trying to get stories out, whistleblowers leaking information etc. It kept Snowden

          • *DO* make your browser window full sized.

            The size of the window can be determined by the web site, and used to track people. If your window size is the same as most users, you're just a blip. But if your window size is unique, you stand out as an individual.

            • by AmiMoJo ( 196126 )

              Maximizing the window reveals monitor resolution and toolbar sizes (by inference from the available rendering area). The Tor browser by default picks a window size that is common, and if you check with fingerprinting tools it's actually less unique than when maximized.

              I tried it a while back. With the default size I got about 1 in 4000 with panopticlick. Maximized that fell to 1 in about 2,000,000, much worse.

              • Wow.

                Thank you for that. I had assumed that maximum size would be limited only by screen resolution (1024 wide), and common to anyone else with the same monitor size.

        • by Falos ( 2905315 )
          This. There's a (frequently understated) distinction between mass automated logging and targeted, active monitoring. Very diligent use of TOR and associated tools/behavior can resist or even outright beat the latter, but most of us are just trying to beat the former, not the latter's scrutiny.

          It's pretty easy (tinfoil check: probably) to get "on a list" but I'm confident (mostly) that getting put under a microscope is very rare and only happens to people involved with large amounts of money, influence (i
      • by TroII ( 4484479 )

        Tor kept the Silk Road online for 2 years where without it they would have shut him down immediately.

        If they'd shut him down immediately he'd probably already be out of prison. They let it go as long as they did so they could pile on more and more charges.

      • by Anonymous Coward

        DEA has already admitted it routinely receives spook information, it routinely covers up the source of that information with a parallel fake set of evidence.

        DEA was the lead agency against Silk Road. You claim 'IP' leaks, others have made vague 'informant' claims, but in reality none of that has been claimed or shown to a court. What was shown to the court was remarkably light on challengable information. Which is a strong indicator that it was a false Parallel Construction case:

        https://www.wired.com/2014/0

  • ... warns its members to protect itself from another branch of the DOJ. That shadow government we've been warning you about is here. Fuck the rule of law, judicial warrants and the Constitution. The FBI is a rogue operation that doesn't obey it's chain of command anymore.

  • "Our helpful DoJ tech will install Tor on your laptop your honour."

  • The military should be using it too. I imagine a judge's personal computer habits are wonderful places to score data regarding blackmail material, pending judgements for buying and shorting stocks, etc.
    • I imagine a judge's personal computer habits are wonderful places to score data regarding blackmail material, pending judgements for buying and shorting stocks, etc.

      Many in the Judicial refuse to use the Intertubes at all.

    • The military should *not* be using Tor. Look, unless you're doing some shady dark web stuff, your Tor traffic eventually has to pass through a random exit node which you do not control. It can be controlled by some Russian hacker. Why would you think the military should be ok with that?
      • You think their internet connections aren't monitored by foreign interests already? Not just the installations, but the home connections? Maybe it's less of a concern for state side bases, but the ones overseas are a different issue. Besides, you're assuming they couldn't use a private version with known and trusted exits.
    • How many of us really have anything blackmail-worthy that would be revealed by our internet usage?

      The worst they could get on me would be some kinky, but legal, porn searches. I wouldn't want everyone in the world to know about that, but if I were a judge I wouldn't let someone blackmail me over it either.

      If the information came out and I had to even address it, I'd simply say "Yeah, I have viewed porn on the internet. So what?"

      Maybe it would be more typical for someone to casually "pirate" movies or TV

  • too late (Score:1, Funny)

    by Anonymous Coward

    im 14 years ahead of this warning LOL
    and the idiots at torrent freak swore it was safe.....i knew better and ill never tell how i found out..oh and i even once sold a mug inside the usa that had root code of the fbi webserver a year after they illegally attacked my server cause i did not want a war game and give me compensation for businesses i was looking after.

    OH and all they cold do was the same knda DDoS that lolsec was famous for a tip that told me and my brothers and sisters to lay off and away from t

  • by BitterOak ( 537666 ) on Sunday August 07, 2016 @07:26PM (#52662283)
    I could understand recommending some sort of full disk encryption product to protect confidential information on their computers, but Tor was designed for something different: anonymous browsing. Why would judges need that as part of their professional duties?
    • It's probably the usual information decay. "TOR is for privacy and anonymity" becomes "TOR protects your privacy" becomes "TOR protects your data" becomes "TOR keeps hackers from looking at your secret data and using it to blackmail you and take over your computer" becomes "TOR is secure! You must have secure! Computers are so fucking dangerous hackers everywhere OMG we must all secure! We must all TOR!"

      It's like the Barack Obama thing where someone went asking random folks if Barack Obama was still

  • Most business are hacked by hackers, not the government. They want to mitigate the risk they have, not a risk you made up to suite your own parnaioa. Until business see damages from Intelligence Agencies, it's not a point compared to hackers. Elon Musk is not protecting his networks primarily from the FBI. He is protecting it from prolific armies of Chinese hackers. China is not like the US, it's prioritizing science, technology and efficiency. To some degree their population forces those kinds of smarter
    • by raind ( 174356 )
      True but let's not forget the rest of the national actors (Amerika and her allies) Our education rate (?) Rigged like it's elections.
  • What could be more convenient than to have them funnel all their work to the FBI through Tor?

  • "The director for the Cybercrime Lab at the Department of Justice urged a roomful of 100 federal judges to use Tor to protect their computers"

    TOR will disguise the IP address of your computer. But there are a number of ways from compromised nodes to malicious dark sites that can be used to reveal your location, especially if you use the latest iteration of Microsoft Windows.

Make sure your code does nothing gracefully.

Working...