[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] FBI cracked Tor security



On 14 July 2016 at 01:51, Nick Levinson <nick_levinson@yahoo.com> wrote:
> The FBI reportedly cracked Tor's security to crack a child porn case with over 100 arrests of Tor users.

I think what you'll find in such cases is that the FBI generally crack
the servers hosting the illicit material, not Tor itself.

In other words, the feds locate onion sites hosting illegal material,
using standard intelligence gathering techniques. They establish
(encrypted, secure, private, and presumably uncracked) Tor connections
to those servers, and then attack them over those connections. There
are frequently vulnerabilities in hosting services - content
platforms, web forums, third-party Javascript libraries, file uploads,
management interfaces...many sites, darkweb or not, have much broader
attack surfaces than their owners understand.

Having pwned the server, a malware component is then injected to
visiting computers. Ie: when the criminal visits the infected site,
his PC is infected (over that encrypted, secure, etc) connection. Now
infected, his PC will be under the control of the FBI, and the
investigation will proceed from there. As soon as it's connected to
the regular internet, that connection will be traced, but that
connection is not necessary - data on the PC can be exfiltrated by the
feds over Tor and used to identify the user.

-J
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk