1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tor Users Busted

Discussion in 'BlackHat Lounge' started by ibmethatswhoib, Aug 6, 2013.

  1. ibmethatswhoib

    ibmethatswhoib Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 17, 2011
    Messages:
    1,560
    Likes Received:
    1,164
    Occupation:
    Staying Informed
    Location:
    Bay Area, Ca
    Home Page:
    I never really used Tor but it's supposed to be anonymous but this guy got busted in a child porn ring. Glad he got busted but sounds like he was using Tor as well as a Freedom Hosting and all the sites that use it went down. Freedom Hosting with which Marques is connected operated via Tor. Another part of the article says:

    There's even more to the story. Before Freedom Hosting went down, it began serving a highly targeted form of malware to all the visitors of the invisible websites it hosted. Not the kind of malware that serves up ads or slows down your computer, but a very specific exploit that caused affected browsers to reaveal their own location on the Internet (normally obscured by the Tor network) to a certain IP address.

    And who does this IP address appear to belong to? A U.S. defense department security contractor called SAIC, found investigators at Baneki Privacy Labs.

    Full Story - http://www.nbcnews.com/technology/how-anonymous-tor-users-compromised-child-porn-takedown-6C10848680
     
    • Thanks Thanks x 1
  2. leetchart

    leetchart Regular Member

    Joined:
    Aug 15, 2012
    Messages:
    453
    Likes Received:
    108
    It's hard to be anonymous in the virtual world of internet but TOR it's not too bad about saving privacy.
    If anyone think about being fully anonymous need to take care more about future than just money...
     
  3. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
  4. Majinn

    Majinn Junior Member

    Joined:
    Jun 22, 2010
    Messages:
    119
    Likes Received:
    41
    Occupation:
    Self-employed
    Location:
    ✫✫✫✫✫
    Well, It appears he didn't follow the complete anonymous guide with essential elements in order to run Tor browser with all the 'must have' addons. Currently, Tor network with it's browser is not completely anonymous, that's why there are some steps to be taken before you use Tor browser.
     
    • Thanks Thanks x 1
  5. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
    I always said that it is ridiculous from the TOR Project to enable JavaScript by default in their bundle, because it is a huge hole in the concept of anonymity. This wouldn't have happened without this major screw-up.
     
    • Thanks Thanks x 2
  6. Black.Star

    Black.Star Junior Member

    Joined:
    Oct 4, 2011
    Messages:
    185
    Likes Received:
    1,028
    Occupation:
    IT security specialist
    Location:
    Europe
    Okay to clear some things up:

    TOR was not compromised. The owner of the hostingservice freedomhosting got busted (probably in some unrelated computer crime case).
    The Feds took control off his hosting servers and set up a javascriptexploit. Here is the funny thing. Javascript is disabled by default in the TOR browser (citation needed. Could be that it´s only in the linux bundle. no reason to use TOR on a windows machine anyways) and the TOR bundle even comes with the addon "noscript" to block any kind of scripts on websites. The only ones who were "busted" in any way were the people who were stupid enough to run TOR on a Windows machine with noscript disabled and javascript enabled.
     
    • Thanks Thanks x 1
    Last edited: Aug 7, 2013
  7. Black.Star

    Black.Star Junior Member

    Joined:
    Oct 4, 2011
    Messages:
    185
    Likes Received:
    1,028
    Occupation:
    IT security specialist
    Location:
    Europe
    As far as I know this goes only for the windows bundle?
     
  8. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
    You could be right (and probably are), I am only familiar with the windows bundle.
     
  9. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
    And you are right Black.Star, the amount of people who got "busted" trough the JavaScript Exploit is probably very small, but the compromised Freedom Hosting also hosted hidden services like TOR-Mail...
     
  10. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
    This huge blow to TOR is also a disaster for Bitcoins, which got a lot of its value from the illegal trades going on in the Onion Network. I see a lot of people panicking right now in the Bitcoin forums.
     
  11. Roparadise

    Roparadise BANNED BANNED

    Joined:
    May 25, 2011
    Messages:
    783
    Likes Received:
    1,417
    Its not a blow for tor, just the crappy onion websites. Tor is still a good part of being anonymous,but its just a part, and the more attention grabbing things you do online, the more parts of a system you need to remain anonymous.
     
  12. Qokaine

    Qokaine Regular Member

    Joined:
    Mar 8, 2009
    Messages:
    367
    Likes Received:
    122
    This is no blow to tor or bitcoins, 1 of the sites i know they busted is tormail.
     
    Last edited: Aug 7, 2013
  13. HaiiroNeko

    HaiiroNeko Power Member

    Joined:
    Jun 12, 2013
    Messages:
    528
    Likes Received:
    413
    Location:
    Tashirojima
    Maybe blow was the wrong word for it, but it showed how vulnerable TOR really is and how the TOR Project jeopardized the anonymity of their users by enabling JavaScript by default in their browser bundle.

    Regarding the Value of Bitcoins, it is certainly a disaster for them, since hidden services like Silkroad & co. are responsible for a huge part of the demand and turnover of Bitcoins.

    Edit: I shouldn't have posted Silkroad & co. , since Silkroad is not hosted by Freedom Hosting, but a lot of other hidden services were. A lot of money laundering services, document providers, drug&weapon markets and stealth account sellers are gone now who all operated on Bitcoins.
     
    Last edited: Aug 7, 2013
  14. hahablid

    hahablid Newbie

    Joined:
    Jan 21, 2011
    Messages:
    13
    Likes Received:
    0
    you will never be anonymous in the virtual world , there is always someone who keeps an eye on you :D, and it's a good news this man got busted
     
  15. WorkHardL0veLife

    WorkHardL0veLife Regular Member

    Joined:
    Mar 14, 2011
    Messages:
    232
    Likes Received:
    436
    Those SilkRoad users better watch out lol
     
  16. Roparadise

    Roparadise BANNED BANNED

    Joined:
    May 25, 2011
    Messages:
    783
    Likes Received:
    1,417
    Firearms on the silkroad are way to expensive, its like $700 for a 9mm handgun there, I could go to academy sports store and get one for $300.
     
  17. Nigel Farage

    Nigel Farage BANNED BANNED

    Joined:
    Feb 8, 2012
    Messages:
    565
    Likes Received:
    1,495
    But would it be anonymous, untraceable, etc...?
     
  18. Roparadise

    Roparadise BANNED BANNED

    Joined:
    May 25, 2011
    Messages:
    783
    Likes Received:
    1,417
    Why would I need an untraceable firearm? Im not going to become a gangbanger or hitman

    And even if I want an untraceable firearm I could still get it for $300 at a gun show without showing ID.
     
    Last edited: Aug 7, 2013
  19. edgarcuevos

    edgarcuevos Junior Member

    Joined:
    May 8, 2013
    Messages:
    112
    Likes Received:
    81
    Location:
    Texas
    I once tried to use tor for making fb accounts. But everytime the fb account said phone verification needed. Does tor switch proxies every couple of seconds? I am a bit of noob when it comes to tor and proxies. Gonna google about its use in detail today.
     
  20. PoeMansDreams

    PoeMansDreams Registered Member

    Joined:
    Oct 6, 2012
    Messages:
    89
    Likes Received:
    82
    Occupation:
    Student
    Location:
    Hawaii, Honolulu
    Home Page:
    That's kind of useless, because many people use the same IP aswell.