Tag: tor

Cameron told to sling his hook on Tor

David CameronMonths after Prime Minister David “One is an Ordinary Bloke” Cameron said he wants to ban encryption and online anonymity, a Parliamentary report has told him to shutup.

A briefing issued by the Parliamentary Office of Science and Technology saying that the such an act is “neither acceptable nor technically feasible” which is about as close as you can get to telling Cameron to shut up short of a coup and a guillotine.

The briefing specifically referenced the Tor anonymity network and its ability to slide right around such censorship schemes.

While briefings from the Parliamentary Office of Science and Technology are not legally binding it does mean that if Cameron pushes through any censorship bill it will be without the science behind him.

The briefing does explicitly state that there is “widespread agreement” banning Tor is not acceptable policy nor is it feasible technologically.

Tor has about 100,000 users at any given moment within the United Kingdom.

“There is widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the UK,” the briefing explained. “Even if it were, there would be technical challenges.”

In 2012, UK police moaned that the Tor anonymity service was used by “many” pedophiles in order to trade child abuse images. However now it appears that they have changed their minds.

The briefing, quoting Britain’s Parliament by the Child Exploitation and Online Protection Command (CEOP) of the UK National Crime Agency said that Tor “plays only a minor role in the online viewing and distribution of indecent images of children,” according to the briefing,

Coppers have worked out that Tor is less popular among offenders because it decreases the speed at which images can be downloaded.

Tor wants government freedom

tor-browsingSecurity outfit Tor has said it wants to wean itself off US government cash.

In 2013, Tor received more than $1.8 million from the US government, about 75 percent of the $2.4 million in total annual expenses, according to their latest publicly available tax returns.

While Tor is grateful for the cash, it is worried that conspiracy theorists claim that the US spooks have the system wired up to be a honeypot.

The premise is that while  Tor is meant to keep you anonymous on the Internet but it’s funded in large part by the US government who does not want you to be anonymous. So it must be a way that the government locates those who want to be anonymous and tracks them down.

Technically this is tricky, but it is probably better for Tor if it was free of a government involvement – particularly when that government has been seen as a big fan of snooping.

Developers recently discussed the push to diversify funding at Tor’s biannual meeting in Spain, including setting a goal of 50 percent non-U.S. government funding by 2016.

Tor developers at the meeting also brought up the possibility of lobbying foreign governments within, for instance, the European Union.

However, increasing non-governmental funding is a major priority. Individual donations rose significantly in the last year and Tor plans on soliciting them much more aggressively in 2015. Every new download of Tor—there were 120 million in 2014—will be asked to donate to the project, a change expected to take place in the near future.

Tor is launching a crowdfunding campaign in May of this year.

Tsar Putin set to make proxies and Tor illegal

Putin + gunThe Russian Government is coming up with justifications for banning proxy server access and hacking Tor networks.

Leonid Levin, Chairman of the Duma Committee on Information Policy, Information Technologies and Communications, proposed to consider limiting access to anonymising networks such as Tor and VPNs. Levin said that the world was a tough place and it needed tougher policing.

Levin also opined that restricting access to  proxy networks  which would “increase opportunities to counter the commercial distribution of malware” and also help to impede access to “forbidden” information.

Vadim Ampelonsky, the press secretary of Russia’s media watchdog Roskomnadzor  supported Levin’s stance on Tor, claiming that the technological obstacles to blocking The Onion Router’s obfuscation protocols are “difficult, but solvable,”

The Safe Internet League, which consists of Russia’s state telecom company Rostelecom and two other major mobile providers, slammed Tor.  Its spokesman Denis Davydov said: “We strongly support the idea of limiting Russia’s access to anonymous networks, including Tor. The ‘Invisible’ Internet has made it possible for offenders of all kinds to hide their intentions from the state and use it to commit crimes: acquiring drugs and weapons, distributing child pornography, trafficking in human beings – including sex slaves – and leading political struggle.”

It a return to the old language of the cold war, he added “do not forget that Tor was developed and is used by Americans, including US intelligence agencies, to expand the hegemony of the United States around the world.”

Nanning anonymising networks would increase user-trust among the Russian people and lead to economic benefits, having described Tor as an ‘Anonymous network used primarily to commit crimes’.

Roskomnadzor already maintains a government blacklist of forbidden sites, updates to which are regularly circulated to network providers, who are then obliged to block the domains.

Tor wonders how US spooks shut down sites

tor-browsingTor has been left scratching its encrypted head over how US and European law enforcement shut down more than 400 websites, including Silk Road 2.0, which used its technology.

Tor was set up, not to hide criminals, but to allow dissidents in autocratic countries to make contact with the real world. The fear is that if the US cops could break Tor, then lives could be at risk in countries whose governments would like to shut down dissident sites.

The websites were set up using a special feature of the Tor network, which is designed to mask people’s Internet use using special software that routes encrypted browsing traffic through a network of worldwide servers.

Tor—short for The Onion Router—also allows people to host ”hidden” websites with a special “.onion” URL, which is difficult to trace. But law enforcement appears to have figured out a method to find out where sites are hosted.

Last Week the Department of Justice shut down more than 410 hidden websites as part of ”Operation Onymous” and arrested more than 17 people, including Blake Benthall, 26, who is accused of running the underground marketplace Silk Road 2.0.

However, Tor is broke and does not have the cash to play a cat and mouse game with the well-funded European and US cops.

Andrew Lewman, the project’s executive director, in a blog post said that it was a miracle that its hidden services have survived so far.

It is possible that a remote-code execution vulnerability has been found in Tor’s software, or that the individual sites had flaws such as SQL injection vulnerabilities.

“Tor is most interested in understanding how these services were located and if this indicates a security weakness in Tor hidden services that could be exploited by criminals or secret police repressing dissents,” he wrote.

Dark net raided by police worldwide

seizedPolice in Europe and the United States have shut down over 400 so-called dark net sites and made multiple arrests.

The police forces shut down Silk Road 2.0 and other sites using the Tor network, that some have dubbed the unternet of fangs.

The sites were alleged to have sold weapons and drugs, according to the BBC.

Out of those arrested, six were British and have been bailed.

The report said Bitcoins worth over £630 thousand were seized.  Troels Oerling, who runs Europol’s cybercrime unit said the combined forces had closed web sites using Tor – crooks had thought themselves out of reach of the law.

Tor was originally created by the US Navy and still gets funding from the US government.  It uses many different levels of encryption in daisy chains across the globe, each link being separately encrypted.

Comcast declares war on Tor

Newspaper Seller, 1939The most popular telco in the US, famous for its happy customers and commitment to a positive future for an open internet, Comcast has declared war on the encrypted system Tor.

Comcast agents have contacted customers using Tor and instructed them to stop using the browser or risk being cut off.

According to Deep Dot Web one Comcast agent named Jeremy insisted Tor an “illegal service” and was against usage policies. The Comcast agent then repeatedly asked the customer to tell him what sites he was accessing on the Tor browser. Of course the customer told him to go forth and multiply.

What is scary is that Comcast knew that any customer was using Tor. This would mean that Comcast is spying on the online activities of its users.

There is some bad blood between Tor and Comcast. The Tor project has listed Comcast as a Bad ISP. The Tor project cited Comcast’s Acceptable Use Policy for its residential customers which claims to not allow servers or proxies.

A Comcast spokesperson insisted that the outfit did respect customer privacy and security and would only investigate the specifics of a customer’s account with a valid court order.

However, this did not happen in the case of Comcast’s treatment of Ross Ulbricht, alleged Dread Pirate Roberts.

Comcast previously collaborated with the FBI by providing information on alleged Silk Road mastermind Ross Ulbricht’s internet usage. Ulbricht was most certainly never given a warning by Comcast or given time to contact a lawyer before he was arrested in a San Francisco library last October.


Government hackers take down Tor

glastonbury-torOne of the last refuges of dissidents in oppressive regimes has been taken down by hacker agencies working for the US government.

The Tor system, which was often the only way that dissidents could communicate in repressive regimes or that whistle blowers could leak their information, warned that many of its users might have been identified by government-funded researchers.

Tor Project leader Roger Dingledine said the service had identified computers on its network that had been altering Tor traffic for five months in an attempt to unmask users connecting to what are known as “hidden services.”

Dingledine said it was “likely” the attacking computers were operated on behalf of two researchers at the Software Engineering Institute, which is housed at Carnegie-Mellon University, but funded mainly by the US Department of Defence. The computers have been removed from the network, but the damage has already been done.

The pair had been scheduled to speak on identifying Tor users at the Black Hat security conference next month. After Tor developers complained to Carnegie-Mellon, officials there said the research had not been cleared and cancelled the talk.

Dingledine said that users who operated or accessed hidden services from early February through July 4 should assume they were affected.

Those navigating to ordinary websites should be in the clear.

Hidden services include underground drug sites such as the shuttered Silk Road, as well as privacy-conscious outfits such as SecureDrop, which is designed to connect whistle blowers with media outlets.

Dingledine said the physical locations where the hidden services were housed could have been exposed, although probably not the content on them that was viewed by a visitor.

All that matters now is if the spooks will just pop around to the researchers with a warrant and ask that they hand over all the details.

The FBI had no immediate response to questions about whether it would seek the data and the Defence Department was not sure if it had the right to raw research from the Institute.

Dingledine advised users to upgrade to the latest version of its software, which addresses the vulnerability that was exploited. He warned that attempts to break Tor were likely to continue.




Hole found in Edward Snowden

black_holeSecurity experts have found a flaw that could expose the identities of people using a privacy-oriented operating system touted by Edward Snowden.

The news came two days after widely used anonymity service Tor acknowledged a similar problem, making this a bad week for those who do not want their information made public.

The most recent finding concerns a heavily encrypted networking program called the Invisible Internet Project, or I2P. It is used to send messages and run websites anonymously and ships along with the specialized operating system “Tails.”

Tails was what Snowden used to communicate with journalists in secret.

I2P is supposed to obscure the Internet Protocol addresses of its roughly 30,000 users, but anyone who visits a booby-trapped website could have their true address revealed, making it likely that their name could be exposed as well.

The hole was found by researchers at Exodus Intelligence which warned people might think the technology is safe because Snowden used it.

Tails launches from a DVD or USB stick and is designed to maintain privacy even when a computer or network has been hacked.

The I2P flaw will be fixed, in what a spokesman for the I2P project called the “near future.” In the meantime, he said, users should disable JavaScript.

Exodus is normally seen as one of the bad guys, working with one of a dozen or more companies known to sell secret security flaws to intelligence agencies and spooks. In this case, Exodus alerted I2P and Tails to the problem and said it would not divulge the details to customers until the problem has been fixed.


Tor used to distribute Ransomware

Al CaponeA new breed of Crypto ransomware which uses Tor to hide its antics has hit the streets.

Critroni has been flogged on underground forums for the last month or so and is now being used by the Angler exploit kit.

Security experts say that it is the first crypto ransomware seen using the Tor network for command and control.

It is bad news. The ransomware landscape has been ruled by CryptoLocker and that bit of code has proved really hard to defeat. CryptoLocker encrypts all of the files on an infected computer and then demands that the victim pay a ransom in order to get the private key to decrypt the data.

Coppers in the United States and Europe took down the GameOver Zeus malware operation, one of the key mechanisms that attackers were using to push CryptoLocker. Since then security researchers spotted advertisements for the Critroni ransomware. Critroni also is known as CTB-Locker, and was first used in Russia.

You can pick up Critroni ransomware for $3,000 and researchers say it is now being used by a range of attackers, some of whom are using the Angler exploit kit to drop a spambot on victims’ machines.

Once on a victim’s PC, Critroni encrypts a variety of files, including photos and documents, and then displays a dialogue box that informs the user of the infection and demands a payment in Bitcoins in order to decrypt the files.

Victims have 72 hours to pay up. The ransom payment is usually about $300, for victims in the US, Canada and Europe.

One of the unique features of Critroni/CTB-Locker is that it uses the C2 function hidden in the Tor network Tor for its command-and-control infrastructure.

Fedor Sinitsyn, senior malware analyst at Kaspersky Lab said that the executable code for establishing Tor connection is embedded in the malware’s body.

Embedding Tor functions in the malware’s body is difficult from the programming point of view, but it helps to avoid detection.

Critroni is in English and Russian right now, so it is expected that countries which use those languages will be a target.


TOR charged with protecting criminals

texasflagIt seems that the legal system in Texas believes that it can charge the TOR network for aiding criminals.

Tor has been sued in the state of Texas over a revenge porn website that used its free service.

Shelby Conklin, a criminal justice major at the University of North Texas is suing the website called Pinkmeth, which lets users upload and publicly share sexually explicit material without consent from the people in the pictures. The service is often used by hackers and ex-partners, and it’s illegal in 11 states.

It is still legal in Texas, a State where it is illegal to own more six dildos, or to flirt in a public place.

Conklin alleges Pinkmeth “gained unauthorized access to nude photographs” she owned and posted them to the internet. She thinks Tor ” was involved in an active “civil conspiracy” with Pinkmeth because the revenge porn website used the anonymous communications service to prevent others from tracking its location.

She wants a million dollars in damages for “mental anguish and loss in earning capacity” as a result of the publication and dissemination of the nude photos.

He case said that a Texas state court has “jurisdiction over TOR because it advertises and offers the services referenced above in Texas and to Texas residents and knowingly assists websites such as Pinkmeth in committing torts against residents of Texas.”

To win her case she needs to show that Pinkmeth actually communicated with TOR.

Of course the judge might dismiss Tor as a defendant in the case as its conduct could be protected by Section 230 of the Communications Decency Act, which says “no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”