tor Confused Judge Says You Have No Expectation of Privacy When Using Tor

[Reefa]

It's no secret that many US courts don't have great track records when it comes to understanding technology. But last week, a federal judge in Washington state issued a truly baffling opinion suggesting that you don't have a reasonable expectation of privacy when using Tor, the widely-used anonymity software literally designed to give its users privacy.

 

The statement comes from the case of Jay Michaud, a public school administration employee in Vancouver, WA caught by the controversial FBI hacking tool known as a Network Investigative Technique (NIT), which the Bureau deployed en-masse to determine the true IP addresses of 1,300 users accessing images of child abuse on a hidden website called Play Pen.

 

The FBI was able to distribute the malware after it took over and controversially continued to operate the website for 13 days from a server in Virginia. Once it had control, the Bureau injected malicious scripts onto pages hosting images of child abuse, which downloaded the NIT to the visitors’ computers and returned machine information, including their true IP addresses, to the FBI.

 

Michaud tried to suppress the evidence against him, arguing that because the server was located in Virginia and he was in Washington, the warrant for the NIT had violated Rule 41(b), which prevents judges from authorizing searches and seizures outside of their district.

 

But US district judge Robert J. Bryan denied the motion, noting that while the warrant technically violated the rule, a higher court's interpretation provides an exception for when the information sought could have been discovered by “other lawful means."

 

To prove this, the judge bizarrely argued that Tor doesn't give its users complete anonymity because a user has to give their IP address to their Internet Service Provider to connect to the Tor network. Therefore, he concluded, Michaud's IP address was “public information, like an unlisted telephone number” that “eventually could have been discovered.”

 

This makes no sense to anyone with a basic understanding of how Tor works. Just like with any website or service, Tor users do reveal their IP address to an ISP when initially connecting to the Tor network, through an entry point called a guard node. But since Tor bounces data between random nodes located around the world, neither the ISP nor anyone intercepting traffic can correlate which IPs are accessing which sites.

 

Nevertheless, the judge ruled that Michaud had “no reasonable expectation of privacy” in his IP address because it was technically revealed at some point before entering the Tor network—even though there was no way for the FBI to discover that IP by looking at those connecting to the hidden site.

 

Chris Soghoian, a top privacy technologist at the ACLU who provided testimony in the case, was equally confused by the argument.

 

“As far as I can understand, [the judge] is saying that the gov violated Rule 41 by hacking Tor users outside the state of VA, but no harm no foul because it only got IP addresses, and that isn't a big deal, because the government would have found another way to learn those IP addresses. And then he doesn't explain how that would happen,” he said in an email to Motherboard.

 

In the past, researchers have shown it is technically possible to identify Tor users with advanced traffic correlation techniques. But doing so requires an attacker to control both the entry and exit nodes the user is connected to, which is practically impossible unless they control a large number of nodes in the network. Even the NSA has expressed frustration with this method, saying in a leaked document titled “Tor Stinks” that it can only de-anonymize “a very small fraction of Tor users.”

 

That makes it very strange for the judge to suggest there were other ways the FBI could have discovered Michaud's “public” IP address. In fact, the entire reason the FBI deployed the NIT in the first place was because it couldn't find “another way” to determine the hidden site users' true IP addresses.

 

“While I have complete respect for the judge, it appears that he still does not understand how Tor works, even after I testified in the case,” said Soghoian.

 

Judge Bryan has also struggled to grasp the technical details of how the FBI's NIT works. A court transcript from the hearing authorizing the use of the hacking tool shows several exchanges where he didn't seem to understand that it was a hacking tool at all, at one point even appearing confused by the concept of remotely accessing information on a computer. When asked for comment, the judge's office said he doesn't comment on pending cases.

http://motherboard.vice.com/en_uk/read/confused-judge-says-you-have-no-expectation-of-privacy-when-using-tor-playpen-fbi-michaud

 

[jamesDDI]

LOL 

[flash48]

A lesson learned, everyone should use TOR over a VPN then you should be safe.

[straycat19]

2 hours ago, flash48 said:

A lesson learned, everyone should use TOR over a VPN then you should be safe.

 

If you do something illegal and come up on their radar, I don't care what you use they will track you down.  I stated several months ago that VPN and TOR was not safe either, that there were ways to track through both, but believe what you want.

[Reefa]

2 minutes ago, straycat19 said:

If you do something illegal and come up on their radar, I don't care what you use they will track you down

 

There is a thin line here how exactly do you mean..?

[steven36]

1 hour ago, straycat19 said:

 

If you do something illegal and come up on their radar, I don't care what you use they will track you down.  I stated several months ago that VPN and TOR was not safe either, that there were ways to track through both, but believe what you want.

 

1 hour ago, F3dupsk1Nup said:

 

There is a thin line here how exactly do you mean..?

 Not true at all .  most people do stuff  illegal all the time and dont  know they committed  a crime even on the internet  ..If it were not for snitches  that work for Hollywood  etc people would not need  vpns.  If  many people were caught who use them they  would not sale  as good as they do ... its one of the few shareware  software's that earns a lot of money still   they have millions  and millions of users .

 

most people  get caught  from dumb shit like leaving a trail  around the internet with there real info . The  guy  that ran silkroad was caught  by a taxman who Google  his real info.

 

Same with most they are caught thorough  PayPal  or Facebook  or other social networking  ..people get caught because  of carelessness and being dumb. 

 

I been on Internet since 2001 and  i never got in trouble once  and didn't start hiding my ip  tell 10 years latter

 

The way this tool works it intercepts  the persons  real ip from a man in the middle attack on tor  if the person  is not using his real ip too begin with  they just get the vpns ip  lol.

 

I posted long ago  on here a study were tor could be broke  like this in 2014.

 

The FBI  paid these researchers  a million dollars to show them how to exploit tor even  this tool was built by paid researchers if you dont believe me ask the people who run the tor  project they will tell you. 

 

 

 

 

[Reefa]

37 minutes ago, steven36 said:

Not true at all .

 

What is not true i have not assumed that anything is ..?

[steven36]

2 hours ago, F3dupsk1Nup said:

 

What is not true i have not assumed that anything is ..?

Im talking about  what @ straycat19  posted not what you posted . Its not that easy  for  you to be attacked  ..The reason these people were caught because they were on the Darknet  doing things they should be caught for the NSA  and the FBI have tools that  can get you're  real ip just using TOR .  I read  just saying you use Tails  is enough to get the NSA  to watch you .  Only i use TOR with a vpn  very little when i dont trust a site  on the open net i have no reason to visit the darknet lol.

 

 

This tech the fbi  has called NIT is nothing new they had it since 2002 lol

 

Quote

The FBI’s use of malware is not new. The bureau calls the method an NIT, for “network investigative technique,” and the FBI has been using it since at least 2002 in cases ranging from computer hacking to bomb threats, child porn to extortion. Depending on the deployment, an NIT can be a bulky full-featured backdoor program that gives the government access to your files, location, web history and webcam for a month at a time, or a slim, fleeting wisp of code that sends the FBI your computer’s name and address, and then evaporates.

interesting read  from 2014... Visit the Wrong Website, and the FBI Could End Up in Your Computer

http://www.wired.com/2014/08/operation_torpedo/

 

The FBi used this very same attack in 2012 Operation Torpedo. They use Metasploit

http://www.metasploit.com/

 

Quote

 

The FBI used a powerful app called Metasploit in “Operation Torpedo,” a 2012 sting against the users of three dark net child porn websites.

Metasploit is one of the world’s most popular penetration testing software. A community of over 200,000 users and contributors back Metasploit, giving information security professionals and criminals alike a powerful tool to test for security holes.

The operation began after the FBI arrested Aaron McGrath, a Nebraska man responsible for hosting the three websites.

 

 

http://www.tripwire.com/state-of-security/latest-security-news/fbi-used-metasploit-hacking-tool-in-operation-torpedo/

 

So  the people who writing  these articles have not fully investigated  the methods of  the FBI 

 

Also another developer  makes one called the backdoor  factory that's open source  that looks for holes in software .

 

I can tell you how it was likely done they sent  them embedded  Payload into those pictures /videos most likely  the files they sent them were backdoored .

 

After all they were accepting  files from the fbi  and that's how malware  has been spread forever all they had is open them up and  they were no longer protected  by tor and they were infected.

http://www.bleepingcomputer.com/forums/t/574487/is-it-possible-for-a-virus-to-be-embedded-in-a-image/

 

[Reefa]

15 hours ago, steven36 said:

interesting read  from 2014... Visit the Wrong Website, and the FBI Could End Up in Your Computer

http://www.wired.com/2014/08/operation_torpedo/

 

The FBi used this very same attack in 2012 Operation Torpedo. They use Metasploit

http://www.metasploit.com/

 

Very interesting read cheers..And an interesting thing to point out is it's by far from just the FBI the GCHQ has got and had there fingers in just as many pies..http://www.gchq.gov.uk/pages/homepage.aspx

 

http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa

 

http://www.ispreview.co.uk/index.php/2013/08/bt-and-vodafone-helped-ghcq-snoop-on-transatlantic-fibre-optic-cables.html

 

http://www.cubeitz.com/uk-government-authorized-ghcq-to-hack-any-device/