Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you: No adverts like this in the forums anymore. Times and dates in your local timezone. Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance. Email notifications for threads you want to watch closely. Being a part of the oldest wargaming community on the net. If you are already a member then feel free to login now.

Seems you yanks are at it again.
http://arstechnica.com/tech-policy/2013/08/researchers-say-tor-targeted-malware-phoned-home-to-nsa/

Malware planted on the servers of Freedom Hosting—the "hidden service" hosting provider on the Tor anonymized network brought down late last week—may have de-anonymized visitors to the sites running on that service. This issue could send identifying information about site visitors to an Internet Protocol address that was hard-coded into the script the malware injected into browsers. And it appears the IP address in question belongs to the National Security Agency (NSA).

Can you covert what you just said to English for the non-nerd?

 Frazzled wrote:
Can you covert what you just said to English for the non-nerd?

Your spying on people again, And got caught, again


Automatically Appended Next Post:
National security agency hack firefox
http://arstechnica.com/security/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-users/

Risk Assessment / Security & Hacktivism
Attackers wield Firefox exploit to uncloak anonymous Tor users
Publicly available exploit threatens all Tor users unless they take action now.

by Dan Goodin - Aug 5 2013, 6:02pm GMTST


Attackers exploited a recently patched vulnerability in the Firefox browser to uncloak users of the Tor anonymity service, and the attack code is now publicly circulating online. While the exploit was most likely designed to identify people alleged to have frequented a child porn forum recently targeted by the FBI, anonymity advocates say the code could be used against almost any Tor user.

A piece of malicious JavaScript was found embedded in webpages delivered by Freedom Hosting, a provider of "hidden services" that are available only to people surfing anonymously through Tor. The attack code exploited a memory-management vulnerability, forcing Firefox to send a unique identifier to a third-party server using a public IP address that can be linked back to the person's ISP. The exploit contained several hallmarks of professional malware development, including "heap spraying" techniques to bypass Windows security protections and the loading of executable code that prompted compromised machines to send the identifying information to a server located in Virginia, according to an analysis by researcher Vlad Tsrklevich.

I've had my doubts that TOR was ever really anonymous anyway... and, frankly, serious concerns that such a network is actually in the best interests of our society.

 Ouze wrote:
I've had my doubts that TOR was ever really anonymous anyway... and, frankly, serious concerns that such a network is actually in the best interests of our society.

Yeah... TOR or other sites like that...

Anonymonity ain't their strong suits.

 Ouze wrote:
I've had my doubts that TOR was ever really anonymous anyway... and, frankly, serious concerns that such a network is actually in the best interests of our society.

Lets make it clear there is no anonymity on the internet unless you use a third party computer. ISP can always be traced, by someone its just that the tools to do so are not widely distributed and agencies able to do so might not share enough data to complete the path.
But essentially if you are on the net you can be found, however if the keyboard you type on isnt directly linked to you and its environment is not directly monitored your anonymity can be recovered, but that isn't anonymity of the internet, it's an unlabeled physical location.

This has been true for a long while, the only difference is that now after recent exposes we can reasonable claim this to be true without running into dismissive blanket claims if tinfoil hat paranoia.

 Frazzled wrote:
Can you covert what you just said to English for the non-nerd?

There's software that's been developed to give you anonymity. It's the closest thing to true anonymity you can currently get. Effectively everyone running it appears to be using the internet connections of everyone else on it currently, so you can't determine who is doing what from where. The NSA has compromised one of the providers for such software, allowing them to find out what was done through that provider.

In one way, this is a good thing, as it was a vector for child porn, and was done as part of a child porn investigation.
On the other hand, that's all you have to say to make this a good thing.

More interesting still, this is what it took to find people through Tor.

Then there is this.

While I am glad that he might go to jail, I have to wonder - what is the probable cause? Because I have to imagine any evidence that was gathered by surreptitiously by injected malware by an agency with no purview for domestic law enforcement is going to be classic fruit of the poison tree.

 Ouze wrote:
Because I have to imagine any evidence that was gathered by surreptitiously by injected malware by an agency with no purview for domestic law enforcement is going to be classic fruit of the poison tree.

Well, there's this: http://www.dakkadakka.com/dakkaforum/posts/list/544310.page

For what it's worth, I was personally assured by Kan himself that its use is legitimate.

I guess Morgan Freeman never told them "we need a reason to knock on this door".

Well I haven't a dog in this fight, don't use tor.

But why does the NSA get caught. If some little tyke can do it, and get away scott free.

I don't understand your post. Are you saying it should be OK for the NSA to break electronic surveillence statutes because other criminals also do so, or what?

 Ouze wrote:
I don't understand your post. Are you saying it should be OK for the NSA to break electronic surveillence statutes because other criminals also do so, or what?

No I am saying, are they incompetent ?

Well, it sure seems like they could have obfuscated the destination IP better

Maybe they wanted to be known.

Maybe the NSA is really a distraction for the actual government surveillance organization which remains quietly anonymous.

After all, it would be weird for the government to not be spying on people.

Tor and networks like it should not exist.

The ends justify the means here, honestly. I don't care what country leads the charge.

 Monster Rain wrote:
Tor and networks like it should not exist.

If you aren't guilty than you don't need privacy?

another place Gates made billions

selling back gates to his OS to the feds


at one time EVERY company in the world ran Microsoft, most still do

It's good for getting around that stupid site ban notice that issued to British ISPs

Just a question, for those unwilling/unable to find much... What are these "tor" networks?


I get that this piece of malware was used in a "righteous" manner (taking down kiddie porn), and I think that many people would be OK with it, if it's use was literally kept to those sorts of instances, however we all know the US government cannot keeps it's grubby mitts away from things it shouldnt be touching.

 Ensis Ferrae wrote:
Just a question, for those unwilling/unable to find much... What are these "tor" networks?


I get that this piece of malware was used in a "righteous" manner (taking down kiddie porn), and I think that many people would be OK with it, if it's use was literally kept to those sorts of instances, however we all know the US government cannot keeps it's grubby mitts away from things it shouldnt be touching.

There is pretty much no legitimate reason whatsoever that anyone would need an IP mask.

And herein is the problem no? Its essentially the "well if they have nothing to hide then they have nothing to worry about with a warrantless search."

Whats the legitimate reason for anyone to NOT have an IP mask?*


*Frazzled doesn't have one. Frazzled still working on latest in rotary phone technology.

 Kanluwen wrote:
There is pretty much no legitimate reason whatsoever that anyone would need an IP mask.

Maybe not in the US.

I can think of a number of countries where saying things that you and I take for granted can lead to prison time or execution where a reasonably secure form of anonymity would be highly desirable.

 Kanluwen wrote:

 Ensis Ferrae wrote:
Just a question, for those unwilling/unable to find much... What are these "tor" networks?


I get that this piece of malware was used in a "righteous" manner (taking down kiddie porn), and I think that many people would be OK with it, if it's use was literally kept to those sorts of instances, however we all know the US government cannot keeps it's grubby mitts away from things it shouldnt be touching.

There is pretty much no legitimate reason whatsoever that anyone would need an IP mask.

Or, more likely, that's not how the world actually works: http://mashable.com/2011/04/01/tor-free-software-award/

In Iran, political dissent before, during and after the 2009 election caused a firestorm on Twitter and Facebook; as a result, the government began censoring many apps and sites. The Tor Project allowed users to bypass the blocks and access the web apps they needed to continue to organize.

And in Egypt and other countries in North Africa and the Middle East, a couple months of steady political unrest has been punctuated by periods of site-specific blocks and even total Internet blackouts. Once again, Tor was instrumental for continuing to allow many users to access the web, where they communicated internally and externally and rallied for change.

Not all laws are good. Not all rulers are just.

 daedalus wrote:

 Kanluwen wrote:

 Ensis Ferrae wrote:
Just a question, for those unwilling/unable to find much... What are these "tor" networks?


I get that this piece of malware was used in a "righteous" manner (taking down kiddie porn), and I think that many people would be OK with it, if it's use was literally kept to those sorts of instances, however we all know the US government cannot keeps it's grubby mitts away from things it shouldnt be touching.

There is pretty much no legitimate reason whatsoever that anyone would need an IP mask.

Or, more likely, that's not how the world actually works: http://mashable.com/2011/04/01/tor-free-software-award/

In Iran, political dissent before, during and after the 2009 election caused a firestorm on Twitter and Facebook; as a result, the government began censoring many apps and sites. The Tor Project allowed users to bypass the blocks and access the web apps they needed to continue to organize.

And in Egypt and other countries in North Africa and the Middle East, a couple months of steady political unrest has been punctuated by periods of site-specific blocks and even total Internet blackouts. Once again, Tor was instrumental for continuing to allow many users to access the web, where they communicated internally and externally and rallied for change.

Not all laws are good. Not all rulers are just.

How many posters on Dakka are from Iran or Egypt?

When one of them speaks up, I'll change my statement. As it stands my statement applies to individuals posting on Dakka, not the world at large.

So, hacking is OK if it is the government doing it?

And as Americans are so fond of their guns - why do they need to have them when gun crimes aren't as bad as some 3rd world war zone? Why doesn't the government take them all off them since they obviously don't need them since they are prefectly safe and have no reason to have them.

Protections exist under law, regardless of how much that protection is required on a day to day basis. If it is legal to mask your IP/etc, you should be free to do so even if all you are doing is browsing Dakka.

The legalities of masking your IP, etc is not what is being questioned here.

It is the reasoning as to why you would need to do so in a country where you are not, in fact, being oppressed or taken away for voicing your opinions.

 Kanluwen wrote:

How many posters on Dakka are from Iran or Egypt?

When one of them speaks up, I'll change my statement. As it stands my statement applies to individuals posting on Dakka, not the world at large.

Shifting goalposts. Always, the shifting goalposts.

Here's one: http://www.dakkadakka.com/dakkaforum/user/profile/57245.page

0 posts though.

 SilverMK2 wrote:
So, hacking is OK if it is the government doing it?

Nope, not without a warrant. Unless its a feren devil site of course. Then its fine, especially if I get cash for it. Or at least a nice cake.

And as Americans are so fond of their guns - why do they need to have them when gun crimes aren't as bad as some 3rd world war zone? Why doesn't the government take them all off them since they obviously don't need them since they are prefectly safe and have no reason to have them.

WO WO WO Klingon back the freaight train up. kanluwen might agree with you on this but thats wrong too.

Protections exist under law, regardless of how much that protection is required on a day to day basis. If it is legal to mask your IP/etc, you should be free to do so even if all you are doing is browsing Dakka.

Welcome to the Libertarian Party. Your ACLU card is in the mail.
Now that I think about it, I don't know if I ever did get a membership card from the ACLU. Mmm..


Automatically Appended Next Post:

 Kanluwen wrote:
The legalities of masking your IP, etc is not what is being questioned here.

It is the reasoning as to why you would need to do so in a country where you are not, in fact, being oppressed or taken away for voicing your opinions.

Why do they need a reason?