[tor-talk] Wired Story on Uncovering Users of Hidden Services.

blobby at openmailbox.org blobby at openmailbox.org
Sun Sep 7 19:25:00 UTC 2014


On 2014-08-14 00:18, Roger Dingledine wrote:
> On Wed, Aug 13, 2014 at 10:06:00AM +0000, blobby at openmailbox.org wrote:
>> If it's possible for the owner of a hidden service (whether the FBI
>> or a regular person) to install malware which grabs visitors' IPs,
>> then what is stopping any hidden service owner from doing this?
> 
> See
> https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html
> and
> https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable
> plus all the discussion under it.
> 
> Browser security is a big issue because there's so much surface area
> to secure.
> 
> The defense is to stay up to date on your browser. It's not perfect
> but it sure does help (and it was sufficient in this case).
> 
>> How, in this case, was it possible for the FBI to learn the IP
>> addresses of visitors to this hidden service? The Tor hidden server
>> page states that "In general, the complete connection between client
>> and hidden service consists of 6 relays: 3 of them were picked by
>> the client with the third being the rendezvous point and the other 3
>> were picked by the hidden service."
>> 
>> Can someone knowledgeable please explain how visitors to a Tor
>> hidden service can have their real IPs detected?
> 
> In addition to the above links, you might also like
> https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-august-7th-2013
> https://blog.torproject.org/blog/tor-weekly-news-%E2%80%94-august-14th-2013
> https://blog.torproject.org/blog/hidden-services-current-events-and-freedom-hosting
> 
> --Roger

Thanks for these links. Illuminating reading.

However, the story I referred to has nothing to do with Freedom Hosting.

It refers to "Operation Torpedo" (get the joke: "tor" + "pedo").

Wired did a follow up to the original story on 26 August: 
http://www.wired.com/2014/08/federal-cybersecurity-director-guilty-child-porn-charges/

Original story (5 August): 
http://www.wired.com/2014/08/operation_torpedo/

As I mentioned, the original story has a link to the affidavit which 
contains information about the FBI malware.


More information about the tor-talk mailing list