[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tor-talk] Did the CMU team out Silk Road 2 to the FBI?
OK, so this is very interesting:
| The court documents refer to a source that provided "reliable
| IP addresses" for Tor hidden services between January and July
| of 2014, leading them back to both the servers and 78 different
| people doing business on the site.
| According to a Tor blog post, someone during that period was
| infiltrating the network by offering new relays, then altering
| the traffic subtly so as to weaken Tor's anonymity protections.
| By attacking the system from within, they were able to trace
| traffic across the network, effectively following the server
| traffic back to their home IP. In July, Tor noticed the bug and
| published an update to fix it — but for six months, certain
| hidden services were badly exposed, and the Silk Road 2 appears
| to have been one of them.
|| OK, almost certain: CERT Tor deanon attack was FBI source:
|| https://t.co/JKwWD2E3VK SR2 server, 78 vendor IPs, Jan-July 2014
|| — Nicholas Weaver (@ncweaver) January 21, 2015
| So who carried out the attack? Already, researchers are pointing
| to a Black Hat presentation this summer that promised to outline
| a similar attack, but was controversially cancelled at the last
| minute. The researchers, working for CMU's CERT Center described
| similar capabilities and performed their research over a nearly
| identical span of time: January to July of 2014. If the
| researchers were also helping the FBI investigate criminal
| activity on Tor, it would explain why law enforcement might
| not want their methods getting out to the community at large.
tor-talk mailing list - firstname.lastname@example.org
To unsubscribe or change other settings go to