IF this was what is exploited, then it would seem that the latest non-obfsproxy Tor Broswer Bundle [2] will be ok. It seems that Tor released a new TBB the day after upstream Firefox vulnerability was patched.
Might be worth keeping in mind that the State Department has a significant interest in TOR's continued existence, contributing roughly 60% of the TOR Foundation's annual income. Unsurprising, because TOR is a powerful tool for activists, journalists, and intelligence sources in the Middle East.
Doesn't mean the US doesn't want to weaken TOR, but it might not be that simple.
The ideal outcome for the USG is that TOR provides anonymity to its users from everyone on the planet except the USG. Then people who do things they like can be protected while people who do things they don't like can be punished.
Right, then if the non-US find out, they change their practices, and the surveillance may become useless. I think this is what the GP meant by saying it is complex.
> FBI special agent describing Marques as “the largest facilitator of child porn on the planet.”
Is it just me or is "facilitator" a PR weasel word?
They would have said "distributor" or "seller" if they could.
Does "facilitator" mean in the same sense that BitTorrent "facilitates" illegal MP3 downloads? Or in the sense that Verizon and Comcast do? Or in the sense that HTTP does?
i.e. Is this RIAA/MPAA style spin, or is their more substance to it?
(Not rhetorical questions. Although cynical and suspicious, I genuinely don't know.)
It's quite obvious that the child porn aspect of the case is just an excuse to take down/tap what was probably a communication hub for all sorts of fun stuff the NSA would like to hear about.
It's not illegal when you're above the law. Law enforcement in the US (well, the entire executive branch of the federal government) seems to think the law doesn't apply to them. "When the President does it, that means it is not illegal..." In the present climate, it's "When the President does it, or authorizes someone to do it..."
This atmosphere of apathy is a major cause of said present climate. LE isn't meeting much material resistance, even now. There's lots of media coverage, but nobody does anything. Insisting that nothing can be done is worse than saying nothing, because it inspires the attitude of inaction that has brought us to this state.
I think mtgx has got the right idea. Challenging the government in the courts, even if ultimately unsuccessful, sends a much more powerful message than the censures that have, time and time again, caused no change. Surely there are some lawyers browsing this site who can evaluate mtgx's idea.
To be honest, I've found that the ones most apathetic are the ones complaining about apathy. If you don't like it, DO SOMETHING.
Campaign for increased privacy. Give solid, concrete examples of how the USG needs definite barriers after tearing the ones constructed during the inception of the Constitution. Spread the word, organize rallies, and do whatever you can.
Don't stick your nose in the sand and complain about apathy.
It depends on whether a search warrant was obtained. Given the article notes how similar it is to what data you can get from a search warrant, it may be the case that a court gave them a thumbs up.
We really need to come to the internalized understanding that our government is increasingly becoming a threat to its people and a danger from within; a saboteur, a spy, a traitor to it's own people.
As Peter Swire has pointed out in a PBS Frontline interview: "General warrants was part of the reason for the American Revolution. It was that the king's agent could go in and search a house everywhere, search a whole neighborhood with one warrant. And the Boston people said: 'We don't like that. [...] We'll fight you.' We said no." (redaction to avoid erroneous similarity)
That summary is not quite in line with what the warrants were used for and ignores the context... Britain was at war with the West Indies and created new import taxes to help finance it as well as economically damage their enemy, but traders at ports such as Boston continuously traded illegally (smuggled) with the enemy, thus avoiding the needed foreign-import taxes and sustaining the enemy's well-being. Writs of assistance were authorized by the Massachusetts governor to allow customs officers to generally search ships or buildings that they suspected contained smuggled goods (and demand the assistance of local authorities), and this was pretty effective at stopping the smugglers. Naturally, the Boston merchants didn't like being deprived of their tax-free profits on the black market, so they sued: http://revolutionaryboston.wikia.com/wiki/Petition_of_Lechme... And lost, as generalized warrants, though falling out of favor, were not without precedent. (There's actually a whole book on this: http://books.google.com/books?id=pBBBwSTwdrEC&printsec=front...)
Is this really that bad? They used a clever exploit to reveal the identity of people attempting to be anonymous on a server that hosted a boatload of illegal content.
They used a clever exploit to blatantly infect and gain unauthorized access to a blanket set of machines...which may or may not have been doing something illegal.
The FBI hacked PC's technically, and with no inkling of due process...they should be held liable for it.
What does the code actually deliver in the HTTP request, and what path does the request travel?
Is the exploit that the request is made outside of the TOR proxy (thus revealing the true origin IP) or that it gathers information about the host and sends that via TOR to some machine?
Should read "suspected" -- suspects seems to mean they are being investigated for criminal activity. I'd be interested to hear what an editor as to say.
IF this was what is exploited, then it would seem that the latest non-obfsproxy Tor Broswer Bundle [2] will be ok. It seems that Tor released a new TBB the day after upstream Firefox vulnerability was patched.
Double check though.
Here's what seems to be the original security advisory [3] http://www.mozilla.org/security/announce/2013/mfsa2013-53.ht...
Also, Tor have responded here: [4] https://blog.torproject.org/blog/hidden-services-current-eve...