[tor-talk] Did the CMU team out Silk Road 2 to the FBI?

Greg Norcie gnorcie at umail.iu.edu
Fri Jan 23 21:12:17 UTC 2015


Correct me if I'm wrong, but doesn't CERT contract out to federal
agencies sometimes?
--
Greg Norcie (gnorcie at indiana.edu)
PhD Student, Security Informatics
Indiana University

On 1/21/15 5:59 PM, Mirimir wrote:
> OK, so this is very interesting:
> 
> | The court documents refer to a source that provided "reliable
> | IP addresses" for Tor hidden services between January and July
> | of 2014, leading them back to both the servers and 78 different
> | people doing business on the site.
> |
> | According to a Tor blog post, someone during that period was
> | infiltrating the network by offering new relays, then altering
> | the traffic subtly so as to weaken Tor's anonymity protections.
> | By attacking the system from within, they were able to trace
> | traffic across the network, effectively following the server
> | traffic back to their home IP. In July, Tor noticed the bug and
> | published an update to fix it — but for six months, certain
> | hidden services were badly exposed, and the Silk Road 2 appears
> | to have been one of them.
> |
> || OK, almost certain: CERT Tor deanon attack was FBI source:
> || https://t.co/JKwWD2E3VK SR2 server, 78 vendor IPs, Jan-July 2014
> || — Nicholas Weaver (@ncweaver) January 21, 2015
> |
> | So who carried out the attack? Already, researchers are pointing
> | to a Black Hat presentation this summer that promised to outline
> | a similar attack, but was controversially cancelled at the last
> | minute. The researchers, working for CMU's CERT Center described
> | similar capabilities and performed their research over a nearly
> | identical span of time: January to July of 2014. If the
> | researchers were also helping the FBI investigate criminal
> | activity on Tor, it would explain why law enforcement might
> | not want their methods getting out to the community at large.
> 
> https://www.theverge.com/2015/1/21/7867471/fbi-found-silk-road-2-tor-anonymity-hack
> 


More information about the tor-talk mailing list