Tor is totally safe guys

2011-2012 Operation Torpedo: took down 3 sites ran by Aaron McGrath (Pedobook, Pedoboard, and TB2) It was the first FBI operation against Tor Hidden Services.

Other urls found in this thread:

dvidshub.net/image/1189046/operation-roundtable-screengrab-3
mozilla.org/en-US/security/advisories/mfsa2013-53/)
en.wikipedia.org/wiki/Richard_Huckle
mozilla.org/en-US/security/advisories/mfsa2016-92/
lists.torproject.org/pipermail/tor-consensus-health/2014-January/004134.html
blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack/
motherboard.vice.com/read/facebook-says-1-million-people-accessed-the-site-over-tor-this-month
dvidshub.net/image/1189045/operation-roundtable-screengrab-2
thehackernews.com/2016/04/tor-unmask-malware.html
dailydot.com/layer8/government-contractor-tor-malware/
news.softpedia.com/news/former-tor-developer-helped-the-fbi-by-creating-malware-to-go-after-tor-users-503504.shtml
trac.torproject.org/projects/tor/wiki/doc/ImportantGoogleChromeBugs
lists.torproject.org/pipermail/tor-dev/2016-December/011753.html
en.wikipedia.org/wiki/Lolita_City
blog.torproject.org/blog/hidden-services-need-some-love
gnunet.org/concepts
gnunet.org/compare
grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks
lists.torproject.org/pipermail/tor-relays/2017-January/011565.html
twitter.com/NSFWRedditImage

June 2013 Operation Roundtable: The DHS shut down a hidden service dedicated to webcam captures of juvenile boys. The admin Jonathan Johnson was caught when he tried send a piece of mail to a child through the U.S. Postal Service


dvidshub.net/image/1189046/operation-roundtable-screengrab-3

August 2013 Feedom Hosting bust: A free no rules onion hosting service started in 2008. It hosted thousands of onions, notoriously Lolita City and 23 other CP sites. Owner Eric Eoin Marques was arrested in July 2013. The FBI embedded an 0lday firefox exploit on every site hosted by Freedom Hosting (mozilla.org/en-US/security/advisories/mfsa2013-53/)

It was never revealed how the actual Freedom Hosting server was located but it hosted thousands of onions from 1 IP, probably a lucky correlation attack.

October 2013 Silkroad Bust: Ross William Ulbricht arrested, well known case, made many OPSEC mistakes

2014 The Love Zone (TLZ) bust: Australian's Task Force Argos was able to track down TLZ hidden service admin Shannon McCoole (skee) on google through his odd word misspellings and unusual greeting 'hiyas'. They arrested McCoole and ran the site for 6 months. Caught many users by embedded exploits in video files, including en.wikipedia.org/wiki/Richard_Huckle

2014 PedoEmpire, Hurt2TheCore bust: admin Matthew David Graham aka Lux arrested. Had ties with Peter Scully. Matthew David Graham bought and leaked the Daisy's Destruction video to boost traffic to his websites.

2014 Operation Onymous (Silkroad 2, Doxbin, etc): Carnegie Mellon University used a sybil attack*, a confirmation attack and a bug in Tor's relay_early cell to uniquely tag lookups on malicous HSDirs. The particular confirmation attack they used was an active attack where the relay on one end injects a signal into the Tor protocol headers, and then the relay on the other end reads the signal. The FBI subpoeneda their research and deanonymised many hidden services, including Silkroad 2, Doxbin, and Pinkmeth. Most of the busted sites were clone/scam sites ran by 1 server.

2015 Playpen bust: Steven Chase misconfigured his hidden server and anyone was able to connect via direct IP (192.198.81.106) for 2 weeks. A foregin law enforcement agency found the IP while doing full IPv4 scans and notified the FBI. Steven Chase uses his personal paypal account to pay for the server and SSHed from his home IP over 10 times.

2016 Giftbox bust: SVG+JS exploit found on CP site giftbox, was quickly found and patched mozilla.org/en-US/security/advisories/mfsa2016-92/

Does anyone who's not a pedoshit even use tor?

Only about 4% of all Tor traffic is Hidden Services which is where the pedoshit is.

Tor actually detected this sybil attack lists.torproject.org/pipermail/tor-consensus-health/2014-January/004134.html but they "considered the set of new relays at the time, and made a decision that it wasn't that large a fraction of the network." wtf tor?

blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack/

I don't know why, but over a million people use facebook's hidden service every month.

motherboard.vice.com/read/facebook-says-1-million-people-accessed-the-site-over-tor-this-month

fortune.com/2016/04/22/facebook-tor-increase/

Pedos are unbelievably retarded

government agents shilling on FB?

Why would anyone want to associate their FB account with tor.

You left out this part:

After FBI took over the playpen server, they embedded a Tor Browser exploit and deanonymized over 5,000 users.

How do you know all these stuff anyway

Holy shit that's some dedication

The fuck's that?

The site had hundreds of members, they created fake profiles and looked for boys on omegle, skype, facebook, chatroulette, etc all day

Horny boys thinking they are talking to girls, most seemed to have come from skype

dvidshub.net/image/1189045/operation-roundtable-screengrab-2

Why hide the tags and md5 hash?

Those are law enforcement released screen caps, so it probably included the victims skype username.

And I think you can search for files by md5 hashes on p2p networks.

The moral of the story is: It's hard to properly anonymise & secure a web server. Police rarely attack the anonymity networks themselves, but look for hosting mistakes and OPSEC failures. It doesn't matter what anonymity tool you use, the server will eventually be found.

And people who run illegal sites are dumb.

This is why people shoot cops.

Fun Fact: former tor project member and developer of the now discontinued tor Vidalia program, Matt Edman, wrote the Tor Browser exploit used in the 2012 Pedobook, Pedoboard, and TB2 case.

thehackernews.com/2016/04/tor-unmask-malware.html

dailydot.com/layer8/government-contractor-tor-malware/

news.softpedia.com/news/former-tor-developer-helped-the-fbi-by-creating-malware-to-go-after-tor-users-503504.shtml

...

...

The majority of nodes with high exit probability are run by non-profits and organization known by Tor. A global adversary like the NSA or GCHQ doesn't need to run nodes. Assuming they are a global adversary, they can simply monitor all internet activity and see the same information without personally running relays.

fuck off

...

fuck off you pathetic faggot

The Carnegie Mellon University attack was actually against the Tor network itself.

If a hidden service wasn't manually selecting semi-trustworthy entry guards. they could have been deanonymised if they were unlucky and selected a CMU controlled entry guard + CMU HSDIr

Correlation attacks in the real world don't work well because of false positives, but because of the relay early exploit, it was 100% certain.

...

Fair enough, that attack is the only one of any note.

Go home schlomo.

...

How are firefox exploits not of note?

99% of Tor users will be using Firefox/Tor Browser. Less than 1% will have mitigations like qubes, whonix or physically isolated tor-enforced firewalls.

What is it?

I use `torify qutebrowser`.

No, my point is that Tor isn't broken. If Firefox had chrome-like sandboxing this wouldn't be an issue, I don't know why TBB wasn't chromium-based in the first place.

kek he is on the first page if you search 'hiyas' on google

Network Investigative Technique, it's malware/browser exploits, they use NIT in warrants to deceive judges into signing offing without understanding what the word means.

isn't that's a bad idea? You stand out from most users. The point of using of Tor Browser is so that everyone has the same fingerprint.

Blake Benthall is a fucking idiot.

He gave an IN-PERSON interview to a journalist, while his Silkoad 2 site was still operational.

Not really, people know I'm using qutebrowser but for it to matter I'd have to assume I'm the only one doing that and that I'm some how traceable through not posting on anything

Oh my god... This has been done to my friend when he was like 12. Man, I didn't want to break him by telling him he was baited by a pedo.

I count one actual exploit against Tor's network in OP's list and the way CMU went about it was potentially illegal. That's a pretty good track record for the 10 years Tor's been running. Very few other projects can claim the same.
Also, OP is a shill.


Tor Browser wasn't Chromium based from the beginning due to the near impossibility of de-pozzing Google from it.
trac.torproject.org/projects/tor/wiki/doc/ImportantGoogleChromeBugs

Next version of Tor Browser will come with application level sandboxing. It's still early alpha right now.
lists.torproject.org/pipermail/tor-dev/2016-December/011753.html

They actually have sophisticated loops of prerecorded women.

the videos are a seamless idle loop that constantly repeats. They can give commands like a thumbs up or or a wave and it reverts back to the idle loop.

I'm sure the pedoshits were arrested, your 'friend' can take solace in that

Have you been on any mobile app used primarily used been teens?

There are thousands of predators on there. It would be impossible to arrest them all. It's a huge problem.

Dude, I have been to shady apps and discords that were mainly used by underaged people. Mostly gay or bi, since that's what I looked for in a chat app, I wanted to talk to other fags. There are people who can be asked for pics or anything and there are no logs of it ever happening and people don't speak about it, so it likely never gets out. Like, they were always way too open about everything, not understanding how the internet works. If a predator would use an app like that, it would be as easy as a few PMs

I would bet my last penny that the guy who did that to him is still rolling out face accounts instead of rotting in jail.

...

...

With some basic fingerprinting they can link your torified qutebrowser to your regular qutebrowser, just from visiting pages. Same browser, same window size, same fonts installed, same plugin details, same operating system - all those things add up.

And that's assuming you use a separate browser profile for Tor. Do you? If you run just "qutebrowser" and just "torify qutebrowser" you share cookies and local storage, which makes de-anonymizing you easy for even the dumbest tracker. A solution to that is running qutebrowser with a different basedir ("qutebrowser --basedir /path/to/alternate/basedir" or "qutebrowser --temp-basedir" for a completely clean slate every time), but you shouldn't use qutebrowser for this in any case. It destroy most of what you gain from using Tor.

Using qutebrowser with Tor might be okay if you have a weak requirement for anonymity (definitely nothing illegal, for a start), use a different basedir and tweak the settings a bit. They will link your different Tor sessions together but they might not link it to your regular qutebrowser.
:set content allow-javascript false:set content cookies-store false:adblock-update

I only use qutebrowser for tor, no cookies, and it doesn't have plugins anyway.

Know where I can find one?

There's some information panopticlick scrapes that it calls "plugins". Didn't know what else to call it.

Why don't you use it for normal browsing? Do you just do everything over Tor, or do you use another browser for that?

...

Yes goy, keep using tor, there is nothing we can do!

If you claim they can, let's see some proof then, shill.

/thread

TOR had a browser exploit 3 years ago lol, network is fine. TOR isn't responsible for dumb pedos.

So in none of these cases Tor was actually compromised. Nice fearmongering, OP. Go back to reddit.

I browse normally through a pimped-out Icecat, obviously

That gentleman sounds like a very bitter person. What's that video?

Steven Chase is next level stupid

...

Tor Browser is based on firefox, and firefox is complex software with insane attack surface.

Pretty much any agency with a budget can buy an 0day for firefox. If your only defense is the the browser then you'll be fucked if you're a significant target.

I have my Tor browser VM on a isolated PVLAN port, and a second VM with two interfaces, one to the internet, and the second as a promiscuous PVLAN port, with the second VM doing NAT. Pretty sure i'm immune to browser exploits so long as I dont do something retarded like log in to my gmail account.


lol no

Eric Eoin Marques


Does the Asperger defense work?

I wonder how many years he will get? All he did was host Tormail and Freedom Hosting. FH allowed anyone to sign up for free PHP+MYSQL hosting. The problem was he never moderated content so it was sometimes used for CP.

I ran a few legitimate sites on freedom hosting myself.

He let sites like en.wikipedia.org/wiki/Lolita_City run for over 3 years on his hosting service.

He was a stupid libertraian that had a disclaimer "I"m not responisble for any of the content hosted"

That really should be enough though. Or do you think the post office should be legally responsible for any and all illegal crap that gets sent via mail?

If he deleted sites after he was made aware of illegal content, he would be protected under safe harbor, but he continued to let them run.

I'm more surprised by the fact it's real. is it that bad?

...

Well what is it fag

...

Prosecutors told the court that Scully allegedly directed a video called ‘Daisy’s Destruction’ where a baby girl was tortured by a masked and naked woman.

It allegedly showed the baby girl being tied upside down by her feet, sexually assaulted and beaten.

In the series of videos, she is whipped and assaulted with sex toys by Peter Scully’s girlfriend – who he met when she herself was a child prostitute.

According to the Sydney Morning Herald, the footage was so horrific police called it ‘the worst we have encountered in our years campaigning against child pornography.’

Reports that the video feature ‘Daisy’ being killed are inaccurate – while human remains were discovered at one of Peter Scully’s homes, the girl from the film was rescued alive.

The videos were streamed via a paedophile website which hosted torture videos, called Hurt 2 The Core – which boasted 15,000 videos downloads daily.

The worst paedophiles – those who uploaded their own material – gained access to a Producer’s Lounge, with the most offensive material.

Among those was Peter Scully.

ewwwwww didn't need to know that

...

Anyone know what happenend to Hoarder's Hell and OPVA2?

to disassociate their physical location?

There, summed up the thread for you.
Jacob Appelbaum dindu nuffin, he a good boy. Maybe if Tor went back to fixing their shit instead of cultivating the next generation of celebrity tech activists, they'd actually get shit done. Thanks, women in tech!

You forgot
Agree they got more stuff done more quickly before the SJW invasion but they are still making progress. The application sandboxing in the next version for example will help mitigate many of the browser attacks.

OPVA2 shut down a a month or 2 after the Freedom Hosting bust, the admin felt it wasn't worth the risk.

The admin of Hoarder's Hell was friends with co-admin Skee (Shannon McCoole), Task Force Argos shut it down.

Probably because removing the botnet from chromium is a nigh-impossible task, and it's the sort of think that sort of has to be done if you're trying to create an anonymous browser.

I don't think anyone thinks TOR is perfect but the D&C levels are ridiculous. It's almost trivial to point out flaws in a system and convince people that it's not worth using at all. That's fine if there's a superior solution but there isn't one.

As pointed out, very few attacks are directed at the service itself because it's insanely difficult. It's easier to use the methods that people ignore whenever TOR comes up: Attack the browser, attack your target's shitty opsec/comsec/etc., attack the open development methods by inserting in sneaky backdoors and hoping nobody notices (Vidalia), attack the development team by siccing SJWs on them (Appelbaum), and spread D&C in communities with low technical knowledge but a great desire for opsec (Holla Forums).

has it right for the most part. The door analogy is good; the metaphor only fails when discussing the CMU sybil attack. Even then, the argument still stands - "one locksmith managed to pick a lock once so locks are worthless." The metaphor only fails because software can be updated but locks can't. (At least I think the TOR team had a solution for this.)

The CMU sybil/tagging exploit attack was so successful because Tor's hidden service design is shitty. Every onion address advertises to 5 new HSDir replays a day. HSDir relays are the cheapest servers to run and get a stable flag

Tor is pretty good as a clearnet IP obfuscater, but I'd stick with eepsites for 'darknet' sites. I wouldn't use Tor hidden services until their revamped hidden services come out.

blog.torproject.org/blog/hidden-services-need-some-love

Vidalia was never backdoored/attacked, the FBI just used a former Vidalia developer as a contractor to write the Firefox/Tor Browser exploit. This was in 2012, the 3 sites ran by Aaron McGrath (Pedobook, Pedoboard, and TB2)

He basically just used metasploit's "Decloaking Engine" module.

lol, the acting director of cyber security at the state deperatment has shitty OPSEC

RIP ptasseater

gnunet.org/concepts
gnunet.org/compare

...

...

This is the best part, they had to pry him from his laptop.

Looked like a MTG/Yu-gi-oh card folder in the thumbnail.

What did this guy do at his job?

Because Facebook isn't allow in a long list of countries.

The I2P don't works better than Tor in point of hidden services?

i2p eepsites are better than hidden services.

Hidden Services are a tacked on feature. Tor Project has been saying a HS revamp is coming soon.

...

What about this guide:
grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks

the absolute madman

Didn't TOR get a lot of members with jewish surnames and a rabbi last year?

if tor isn't safe, what are we supposed to use?

Tor. Don't care for the retarded scare tactics spouted by retards who don't know what they're talking about. Tor has rules and guidelines which you should follow, such as not enabling Javascript, and all these arrests and captures have nothing to do with Tor itself, but with retards not caring to follow instructions.

Imagine someone claiming that seatbelts in cars never saves lives. The retard would bring up many cases where people died in a car with seatbelts, but fails to mention that the people didn't use them at the time of the accident. The idiot would claim the seatbelts didn't do their job because they existed in the car while the person who didn't use them died.

Or imagine if someone claiming that locks on doors don't help to prevent keeping intruders out by stating that many people with locks on their doors have had their homes broken in to. Once again the idiot would leave out the fact that the homes with locks which were broken in to, didn't actually ever follow instructions and turn the lock which would then actually lock the door.

People are unbelievably retarded, pedo or otherwise, but most people are not being hunted down for what they get off to.

It's better than nothing and will work in most cases, but it's a trivial thing for the US gov to control more than half of exit points, allowing them to trace at least some traffic. I wouldn't trust TOR for anything high-profile.

/this

People are overwhelmingly mentally retarded. Sad!


Its good for nothing actually, I wouldn't trust something shilled by CNN ten years ago. Anderson Cooper interned at the CIA. What else do you need to know?

That's not the right word. If 3000 nodes suddenly appeared all named totally-not-cia, it would be pretty suspicious. There's a relatively good discussion in this thread.
lists.torproject.org/pipermail/tor-relays/2017-January/011565.html
Tor is a good defense for most threat models. If you have extraordinary requirements you may want to layer it or get off the interwebs entirely. If you're at that point you should also start sweeping for hidden cameras/bugs.

Thanks OP

Thanks OP