Skip to comments.A bunch of Tor sites spread malware. Was the FBI behind it?
Posted on 08/05/2013 11:13:27 AM PDT by markomalley
Eric Eoin Marques, the man believed to be behind Freedom Hosting, was arrested in Ireland Thursday and is currently awaiting extradition to the U.S. on child pornography charges. While Freedom Hosting was the largest hosting service for secret .onion sites and used for things like the secret e-mail service TorMail, it was also infamous for hosting sites that included depictions of the rape and torture of pre-pubescent children. Taking down the hosting service may have removed some half of the hidden sites accessible through the Tor network.
A lot of people know that you can use Tor to browse the Internet anonymously. This works by routing traffic through several randomly-selected computers in the Tor networks. Web site operators can use the same technique to hide the location of their servers. This can be for illicit purposes like child pornography or dealing drugs. However, Tors hidden service capability can also be a boon to political activists, whistleblowers, and journalists who want to publish anonymously.
(Excerpt) Read more at washingtonpost.com ...
I personally use TOR through FF 21 over Ubuntu 12.04 LTS for my day to day browsing and I haven't seen this come up (course I don't go to the types of sites being targeted either). This could just be some government agitprop, but in case it's not, be aware.
The torbrowser bundle seems to be the best, it’s a stripped down firefox package. No cookies or scripting allowed, so it’s not something you can really use all the time imo.
Anyway, they’ll infiltrate anything they can and I’m sure they are all over TOR.
Oh, after I read the article, the torbrowser package is the target. lol.. So much for even that.
Posted August 5th, 2013 by arma
This vulnerability was fixed in Firefox 17.0.7 ESR. The following versions of the Tor Browser Bundle include this fixed version:
2.3.25-10 (released June 26 2013)
2.4.15-alpha-1 (released June 26 2013)
2.4.15-beta-1 (released July 8 2013)
3.0alpha2 (released June 30 2013)
Tor Browser Bundle users should ensure they’re running a recent enough bundle version, and consider taking further security precautions.
Wondering why Wired is on the “no posting” list?
It is getting hard to keep up.
I highly recommend that everyone block the IP range that hosts the target address of the malware:
Did you see this?
13:50Tor Browser Bundle users who installed or manually updated after June 26 are safe from the exploit, according to the Tor Projects new security advisory on the hack.
The government is surely working on the latest version as well. They’re always going to be a few steps ahead.
Two of my guitar sites were down on Sunday too. They use the same server. But they always do maintenance ops on Sundays, so no connection to this, I’m sure.
The Feds do NOT like it when free people use their resources against them. We’re seeing it more and more as of late. With the NSA outed and more likely to come, you can bet your bottom dollar that the government is frantically trying to close any “holes” they deem as problematic. That includes TOR.
I was port scanned last night by 126.96.36.199...
OrgName: Level 3 Communications, Inc.
Address: 1025 Eldorado Blvd.
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Per Wikipedia: “In July 2013 Level 3 was accused of wiretapping large parts of data on the German Internet Exchange Point DE-CIX for the NSA”
I've always assumed it's because they're a bunch of liberals who hate our guts, and who've complained about us posting excerpts of their articles on this site.
Shame, because there are occasionally some very good articles on their site.
How does one go about doing that?
In IE you go to your Internet Settings > Security and add it to the restricted sites list.
I use Firefox. Looking through the 'tools' area, I can't find where or how to block certain sites.
Inbound/Outbound filter on your router.
Bump for later
Update: According to Baneki Privacy Labs research, the IP address 188.8.131.52 hardcoded into the exploit belongs to Virginia is actually owned by Science Applications International Corporation (SAIC), a major intelligence, military, aerospace, engineering and systems contractor involved with the Federal Bureau of Investigation (FBI), Defense Advanced Research Projects Agency (DARPA) , Central Intelligence Agency (CIA) and National Security Agency (NSA).
They believe that the hardcoded IP address is directly allocated to the NSA's Autonomous Systems (AS), so its probably not the FBI, its NSA who used Firefox Zero-Day exploit to compromise Freedom Hosting and TOR network.
Author: Mohit Kumar
News that PC contractor employees would want to distract from. And yeah—that Oxford, the one with the University and the mosques.
The Oxford sex ring and the preachers who teach young Muslim men that white girls are cheap