Over the weekend, security researchers noticed some strange activity happening on the Tor network, an anonymous "darknet" used for everything from private browsing to selling drugs. Some hacker appeared to be using custom-made malware to identify its users. But according to Wired's sources, this was no hacker. It was the FBI.
This is particularly concerning for privacy advocates, because the whole purpose of Tor is to hide the identities of users. Tor conceals users' geographic information by routing connections through servers around the world and although it's sometimes used for illicit purposes, it's also used by folks like political dissidents who need to protect their identities for their own safety.
Whoever did the hacking exploited a security flaw in Firefox and identified users on websites hosted by Freedom Hosting. The telltale signs of an FBI operation are embedded in the details of the hack itself. First of all the malware's origins were traced back to Reston, Virginia, just a few miles from FBI headquarters, and rather than breaking into these websites and building a backdoor so that it could steal usernames and passwords like hackers are wont to do in these kinds of situations, the malware spotted over the weekend simply identified the users on the site in what can be best described as evidence-gathering.
Furthermore, this particular line of investigation makes particular sense after last Thursday's arrest of child porn kingpin Eric Eoin Marques in Ireland. Freedom Hosting is somewhat infamous for being a favourite destination for child porn loving sickos, infamous enough that Anonymous actually targeted the hosting service in 2011 for allegedly hosting illicit material. So if the FBI was participating an investigation related to Marques and his potential contacts in the United States, Freedom Hosting is an obvious place to look.
So you're probably feeling a little torn. On one hand, it's not very cool for government agencies to break into anonymous networks and start cherry-picking users. Sort of takes all the fun out of the anonymous part of anonymity. On the other hand however, child porn is awful. If indeed it is the FBI breaking into Tor, and the agency's trying to bring down more child porn kingpins, then who are we to judge?
Well nobody's doing any judging here. What we are doing is observing yet another chapter in a growing volume of government creeping in on the privacy of unsuspecting people. It seems like every day we learn about some new NSA spying program that gives the US federal government access to private communications or online activity. Now we're learning that it's not just the NSA either but many government agencies that want to keep track of what you're doing when nobody's looking. So now the FBI is potentially hacking into our Anonymous network and stomping the anonymity right out of it? What's next, some crazy tool that can tell the Feds exactly what we're saying and doing at all times online? Oh wait, that already exists. [Wired]
Image via Flickr / Joss U