We brought you the story of the hidden websites hosting abusive child pornography disappearing from Tor earlier this week, and the problems with Tor’s email hosting. It’s odd, as Tor was designed to allow users to fly under the radar, keeping their identities a secret and allowing them to post questionable content without fear.
But when I say ‘questionable content,’ I am only referring to the main purpose: keeping the identity of journalists exposing government plots under wraps, and a place for a revolution against a tyrannical government to begin. This is its best use, but we all know that there are those out there that have to ruin a good thing. Of course people are going to post questionable and often illegal content due to the nature of Tor, making them feel safe from capture.
Tor User: The Darknet
Tor is referred to as a sort of parallel internet, often called the darknet or the deep Web. With the Tor Browser Bundle, one can put to work the Firefox 17 modified browser to access this underground Internet, a place where Silk Road (website that allows users to conduct transactions for drugs to come in the mail) and child pornography are alive and well.
These sites are only accessed through the Tor Browser Bundle, content contained on “.onion” sites. And that is how Tor’s security is best described: layered like an onion.
Tor User: What Happened?
In the middle of the night on Sunday, reports were coming in to the volunteers with the Tor project stating “a number of hidden service addresses have completely disappeared from the Tor Network,” according to a Tor blog post. The reason: Eric Eoin Marques, who the FBI called “the largest facilitator of child porn on the planet” and founder of Freedom Hosting, a hidden services hosting provider, was arrested, his cheap hosting company shut down.
When the FBI shut the sites hosted by Freedom Hosting, not only did they shut down the child porn sites, but they also caused half of the hidden sites out there to go dark. Now, while it’s great they killed the porn pages, was it right to shut down the other sites that might have hosted legal content?
Tor User: Not So Secure After All
Naturally, those working on the Tor project are scrambling to figure out how their security was breached. So although they are happy the child porn sites were shut down, they are concerned about the possibility of a security flaw in the Tor Browser Bundle. Mozilla is also working on it, saying it was “notified of a potential security vulnerability in Firefox 17.”
The malware used presents itself in an interesting fashion, mainly because all it does is identify a user’s IP address. This is the reason it is suspected to originate from a law enforcement source rather than a malicious one. However, it is just that: suspected. It should be noted that the most recent version of both Firefox (version 22) and the Tor Browser Bundle do not feature this vulnerability.
Tor User: Additional Concerns
Another thing to consider, as pointed out by security expert Alan Woodward, the volunteers hard at work for Tor are anonymous, and could possibly be law enforcement operating stings. However, this is tough — the routes between nodes are random and reduces the likelihood anyone could gather information in this way. That is, unless they are responsible for a large number of nodes.
So basically, there’s no way to know exactly what happened, nor is there a way to know who was responsible for the shut down. What you should know, if you are a Tor user: watch your back. Know that your content could be compromised, no matter how anonymous it is purported to be.