I knew I wasn’t just being paranoid:
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors.
Freedom Hosting’s operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It’s not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control.
The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale. He was denied bail today for the second time since his arrest in July.
Freedom Hosting was a provider of turnkey “Tor hidden service” sites — special sites, with addresses ending in .onion, that hide their geographic location behind layers of routing, and can be reached only over the Tor anonymity network. Tor hidden services are used by sites that need to evade surveillance or protect users’ privacy to an extraordinary degree – including human rights groups and journalists. But they also appeal to serious criminal elements, child-pornography traders among them.
On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn’t respond to inquiries from WIRED today.
If you start shopping for a hitman to kill your spouse it’s 99% certain that the guy you end up talking to has a badge and a microphone hidden on him somewhere. If you start surfing the internet for child porn or information on how to make meth or bombs you will attract the attention of law enforcement toot sweet.
Some people think they are safe from getting caught because they use some kind of masking software or service to make their activities untraceable. That’s like thinking the cops can’t trace cell phones.
I have always assumed that Big Brother was watching the internet. It’s practically designed to allow the government to snoop on you. Even before the internet was more than a toy for computer nerds the FBI was the biggest “dealer” of child porn via mail order. But if you ordered any it would get delivered by a SWAT team and you would go off to the Graybar Hotel for an extended visit.
Now they don’t have to worry about claims of entrapment. All they have to do is have some people spend their time looking for certain things posted on the internet and when they find it set up an electronic stakeout to see who comes by to visit. When someone shows up, the cops trace them back to the computer they are using.
Didja know that if you use caller ID blocking when you call 9-1-1 your number shows up anyway?
But wait! There’s more!
In the northeast U.S., most of the tolls people encounter when driving make use of a system called E-ZPass to let them pay the tolls electronically. Drivers are given small RFID transponders that are scanned in tollbooths, at which point the toll is automatically deducted from a pre-paid account. One hacker got curious whether the RFID tags were being scanned elsewhere, so he tweaked his E-ZPass to blink a light and make a noise every time it was read. He tested the streets of New York City, and wasn’t surprised to see it light up in plenty of places where there were no tollbooths to be found.
Automatic license plate readers are the most widespread location tracking technology you’ve probably never heard of. Mounted on patrol cars or stationary objects like bridges, they snap photos of every passing car, recording their plate numbers, times, and locations. At first the captured plate data was used just to check against lists of cars law enforcement hoped to locate for various reasons (to act on arrest warrants, find stolen cars, etc.). But increasingly, all of this data is being fed into massive databases that contain the location information of many millions of innocent Americans stretching back for months or even years.
The good news is that The Fuzz are gathering so much data they can’t possibly look at all of it. But when their attention gets focused on one person then that person has no privacy left. They even have toys (thermal imaging) that see through walls. That’s why I go au naturale inside my domain.
If they wanna watch me, I’ll gross ’em out.