To keep Tor hack source code secret, DOJ dismisses child porn case - Polidicks - Facepunch Forum

To keep Tor hack source code secret, DOJ dismisses child porn case

29 replies, posted
In This Thread

[QUOTE][B]Rather than share the now-classified technological means that investigators used to locate a child porn suspect, federal prosecutors in Washington state have dropped all charges against a man accused of accessing Playpen, a notorious and now-shuttered website.[/B] The case, United States v. Jay Michaud, is one of nearly 200 cases nationwide that have raised new questions about the appropriate limitations on the government’s ability to hack criminal suspects. Michaud marks just the second time that prosecutors have asked that case be dismissed.[/QUOTE] [URL]https://arstechnica.com/tech-policy/2017/03/doj-drops-case-against-child-porn-suspect-rather-than-disclose-fbi-hack/[/URL]

And the more savvy pedophiles, if they haven't already, will start using VMs and VPNs and then there will be almost no conceivable way to find them.

[QUOTE=Adelle Zhu;51919777]And the more savvy pedophiles, if they haven't already, will start using VMs and VPNs and then there will be almost no conceivable way to find them.[/QUOTE] ... TOR is about as anonymous as you can get, this is them refusing to prosecute because they don't want to have to explain the software exploits they're using to find people using anonymization services. They CAN find them, they just don't want to prosecute them if it means exposing their software capabilities, which they would have to do in order to prove the case. Though honestly it seems totally fucked to me that they're letting people get away with this shit because of that.

[QUOTE=soulharvester;51919800]... TOR is about as anonymous as you can get, this is them refusing to prosecute because they don't want to have to explain the software exploits they're using to find people using anonymization services. They CAN find them, they just don't want to prosecute them if it means exposing their software capabilities, which they would have to do in order to prove the case. Though honestly it seems totally fucked to me that they're letting people get away with this shit because of that.[/QUOTE] This sounds to me like the police fucked up. They didn't, or couldn't, gather any other evidence but the TOR tracking to convict the offender, which makes me wonder why they jumped the gun and pressed charges immediately instead of tracking them until they, say, downloaded that porn to their hard drives.

[QUOTE=archangel125;51919809]This sounds to me like the police fucked up. They didn't, or couldn't, gather any other evidence but the TOR tracking to convict the offender, which makes me wonder why they jumped the gun and pressed charges immediately instead of tracking them until they, say, downloaded that porn to their hard drives.[/QUOTE] [quote=]However, in order to find those people, federal authorities seized and operated the site for 13 days before closing it down. During that period, the FBI deployed a Tor exploit that allowed them to find out those users’ real IP addresses. The use of Tor, which obscures and anonymizes IP addresses and browser user agents, makes it significantly more difficult for individuals to be tracked online. With the exploit, it became extremely easy for suspects to be identified and located. The DOJ has called this exploit a "network investigative technique," (NIT) while many security experts have dubbed it as "malware." Defense attorneys have attempted to gain access to some, if not all, of the NIT’s source code as part of the criminal discovery process. In a related case prosecuted in New York, an FBI search warrant affidavit described both the types of child pornography available to Playpen’s 150,000 members and the NIT’s capabilities.[/quote] Sounds like they infected their computers, which means they could've probably remotely taken control of microphone or webcams that were either built in or connected to them, given the kind of shit we're known for doing with software, it doesn't even seem far fetched since capturing a picture of the culprit using the computer at the time of the crime would be about the most damning evidence you could collect. However, I highly doubt the legality of such methods, which is why they wouldn't want to bring it in court. Honestly it seems mostly like one of the judges totally fucked up by demanding source code for the software they used, which they obviously don't want being public, both because they don't seem to want to be transparent with what exactly they're doing, and because it would allow users to patch the security flaws that they're using.

[QUOTE=soulharvester;51919862]Sounds like they infected their computers, which means they could've probably remotely taken control of microphone or webcams that were either built in or connected to them, given the kind of shit we're known for doing with software, it doesn't even seem far fetched since capturing a picture of the culprit using the computer at the time of the crime would be about the most damning evidence you could collect. However, I highly doubt the legality of such methods, which is why they wouldn't want to bring it in court. Honestly it seems mostly like one of the judges totally fucked up by demanding source code for the software they used, which they obviously don't want being public, both because they don't seem to want to be transparent with what exactly they're doing, and because it would allow users to patch the security flaws that they're using.[/QUOTE] One of the known tor exploits is running a load of nodes and dossing the other nodes. So someone comes in using your node, exits using your node and you can do correlation 'attacks'. I think that just says what ip address is visiting what website though. If you saw then getting lots of big responses then you can assume it's images or videos - probably enough to get them

[QUOTE=mdeceiver79;51920193]One of the known tor exploits is running a load of nodes and dossing the other nodes. So someone comes in using your node, exits using your node and you can do correlation 'attacks'. I think that just says what ip address is visiting what website though. If you saw then getting lots of big responses then you can assume it's images or videos - probably enough to get them[/QUOTE] Yeah but I very much doubt they would drop charges over that specific methodology, Because it simply relies on rerouting traffic, basically just a man-in-the-middle attack, nothing that special about it, and as you said, is well known. IP addresses also don't really serve as definitive evidence by themselves, I don't think. It seems like they're specifically using something else that's either too much of a security risk to release, or too controversial for them to even discuss what it is they're doing in the background in gathering evidence for cases like these because it would cause a political shit-storm. But hell I just speculate, so idk.

Why the fuck would you even use this method to catch criminals if you're unwilling to even do anything with it?

[QUOTE=geel9;51922084]Why the fuck would you even use this method to catch criminals if you're unwilling to even do anything with it?[/QUOTE] They're probably hoping to catch a higher profile offender.

[QUOTE=Big Dumb American;51922107]They're probably hoping to catch a higher profile offender.[/QUOTE] But why press charges in the first place? I'm uncomfortable with our government essentially raiding a man's home, searching through all his belongings (and likely destroying his house in the process) and then going "haha just kidding" and leaving it. Now this man is left with a destroyed home, and the public assumes him to be a child molester with absolutely no proof given whatsoever. His life is ruined. They should be forced to reveal this information [b]before[/b] they're allowed to destroy someone's life.

[QUOTE=geel9;51922132]But why press charges in the first place? I'm uncomfortable with our government essentially raiding a man's home, searching through all his belongings (and likely destroying his house in the process) and then going "haha just kidding" and leaving it. Now this man is left with a destroyed home, and the public assumes him to be a child molester with absolutely no proof given whatsoever. His life is ruined. They should be forced to reveal this information [b]before[/b] they're allowed to destroy someone's life.[/QUOTE] Do you know how the legal system works? They dont have to disclose a damn thing before charging someone. They dont want to disclose their effective hack on these losers and want the bigger fish. Tough shit for the pedo. Maybe next time dont go dicking around with minors. Nothing illegal happened.

[QUOTE=Code3Response;51922229]Do you know how the legal system works? They dont have to disclose a damn thing before charging someone. They dont want to disclose their effective hack on these losers and want the bigger fish. Tough shit for the pedo. Maybe next time dont go dicking around with minors. Nothing illegal happened.[/QUOTE] You're comfortable with the government being able to destroy someone's life with absolutely no evidence or due process? The very fact that you call him a "pedo" is the fucking problem. There has been absolutely no evidence given by the government that he committed the crime they accused him of, and yet, they've absolutely ruined his life. Great job.

[QUOTE=geel9;51922244]You're comfortable with the government being able to destroy someone's life with absolutely no evidence or due process? [/quote] You mean [URL="https://www.documentcloud.org/documents/2166606-ferrell-warrant-1.html"]the warrant[/URL] doesnt count as due process? Please. [quote]The very fact that you call him a "pedo" is the fucking problem. There has been absolutely no evidence given by the government that he committed the crime they accused him of, and yet, they've absolutely ruined his life. Great job.[/QUOTE] No, they obviously did have stuff that show he comitted a crime since [U]they charged them with it[/U] and only backed down when weighing if they should disclose their NIT

It only makes me comfortable knowing that the authorities cannot simply arrest you in secrecy. Whether or not they should then go for it is debatable.

[QUOTE=Code3Response;51922229]Do you know how the legal system works? They dont have to disclose a damn thing before charging someone. They dont want to disclose their effective hack on these losers and want the bigger fish. Tough shit for the pedo. Maybe next time dont go dicking around with minors. Nothing illegal happened.[/QUOTE] Well I understand were you are coming from, people who run nodes and use it for other uses have been caught in the crossfire. Before destroying someones life they should at least be able to prove this person is doing it.

DOJ is shooting itself in the foot by not publishing exploits that exist in Tor. The reason Tor was made public and open source is that the anonymous network has as much users as possible to make it difficult to differentiate it's users from people who wear tinfoil hats and people who are undercover US spies. Leaving exploits undisclosed they are going to be used by others that they might not want them to use, such as Russia for example. Tor was created with the full understanding that it is going to be used for criminal activities.

[QUOTE=Winded;51922381]DOJ is shooting itself in the foot by not publishing exploits that exist in Tor. The reason Tor was made public and open source is that the anonymous network has as much users as possible to make it difficult to differentiate it's users from people who wear tinfoil hats and people who are undercover US spies. Leaving exploits undisclosed they are going to be used by others that they might not want them to use, such as Russia for example. Tor was created with the full understanding that it is going to be used for criminal activities.[/QUOTE] How do we now there is a US Gov Branch they are using with all the exploits fixed?

[QUOTE=Winded;51922381]DOJ is shooting itself in the foot by not publishing exploits that exist in Tor. The reason Tor was made public and open source is that the anonymous network has as much users as possible to make it difficult to differentiate it's users from people who wear tinfoil hats and people who are undercover US spies. Leaving exploits undisclosed they are going to be used by others that they might not want them to use, such as Russia for example. Tor was created with the full understanding that it is going to be used for criminal activities.[/QUOTE] What can Russia do with these exploits that can harm US? Catch pedos?

[QUOTE=Code3Response;51922276]You mean [URL="https://www.documentcloud.org/documents/2166606-ferrell-warrant-1.html"]the warrant[/URL] doesnt count as due process? Please. No, they obviously did have stuff that show he comitted a crime since [U]they charged them with it[/U] and only backed down when weighing if they should disclose their NIT[/QUOTE] "Just trust us. We have totally great evidence, guys. Don't worry about it."

[QUOTE=geel9;51923813]"Just trust us. We have totally great evidence, guys. Don't worry about it."[/QUOTE] "This is how the legal system works. They don't have to present their evidence until court begins" "However, that isn't going to happen because we've decided it's better to save our secret than to expose the exploit for these low level people"

It would be fucking stupid to reveal their TOR exploit. There are countless billions of dollars tied to darknet drug trade and other illicit services that depend on it. By releasing the info now, it would lead to a new system being developed / TOR patched so that they would have to spend a shit ton more resources to find exploits in the new system.

[QUOTE=Code3Response;51923896]"This is how the legal system works. They don't have to present their evidence until court begins" "However, that isn't going to happen because we've decided it's better to save our secret than to expose the exploit for these low level people"[/QUOTE] If they don't want to expose their exploit, they shouldn't be able to ruin the lives of people who, with all the evidence we have (read: none) are not guilty of anything.

[QUOTE=geel9;51924031]If they don't want to expose their exploit, they shouldn't be able to ruin the lives of people who, with all the evidence we have (read: none) are not guilty of anything.[/QUOTE] I dont even have a response to this. You lack an understanding of the timeline of things and how the legal system works in practice.

[QUOTE=Code3Response;51923896]"This is how the legal system works. They don't have to present their evidence until court begins" "However, that isn't going to happen because we've decided it's better to save our secret than to expose the exploit for these low level people"[/QUOTE] "This guy has child porn." "Alright, how do you know this?" "... nevermind."

[QUOTE=Wealth + Taste;51923934]It would be fucking stupid to reveal their TOR exploit. There are countless billions of dollars tied to darknet drug trade and other illicit services that depend on it. By releasing the info now, it would lead to a new system being developed / TOR patched so that they would have to spend a shit ton more resources to find exploits in the new system.[/QUOTE] The whole premise of TOR is to be able to provide the highest level of anonymity available. By withholding that information, you are hindering every positive use the system has. Which, I am going to assume is contrary to someone like you's beliefs (who has likely never used TOR for any legitimate purposes outside of just trying it out), is pretty important and widespread.

Computer forensics is a bit of a bitch in terms of the legal stuff, but there is a reason this stuff is done and it's frustrating when you can't catch based on a technicality like this. The first thing is barring the argument of whether or not divulging this information is moral or not, it's likely that they are still using this method of attack to take out a larger group or more high profile case and divulging this information could fuck that entire ongoing case up. When a case of pedophilia (or weapons, drugs, etc) is found, the goal of the investigators is they want to find if they are related to a larger group and just how large it is because you can save a lot more people if you get the "head of the monster" rather than the individual. If they just jump at single people when found, then if they are associated with a large group, they'll figure out the method they are getting attacked with very easily and attempt to evade it and we don't want that. This is why you see the "500 pedophiles arrested in large sting" in headlines is because that is the process in action. Personally, I don't believe in the "they just want to do this so they can continue spying on the average joe" argument because the government asked to dismiss without prejudice, likely so they can bring the charges back up once they finish the larger case and can divulge their exploit. If the government wanted the police state angle, then it would make no sense to drop without prejudice as they would just say "well, we're the government" and disregard prejudice or not. In regards to the morality of divulging the exploit or not, what we know is that there is an exploit within Tor and that the FBI knows about it. We do not know if other governments know about it nor if bad entities know about it (keep in mind, the more people who know about it, the less of a chance it remains a "0-day"). If a few bad guys do know about it, it would be very little and would have to be a targeted attack (simply due to the nature of this). The US Government would be left with the decision of do we release this information and possibly notify every criminal to this information so they can protect themselves and continue doing harm to others, or do we continue our investigation of catching these higher profile criminals and possibly risk a few lives and the process of anonymity based on the fact that not many people know how to perform the exploit. It's a damned if you do, damned if you don't kind of situation and I sure as hell would not want to be left with that decision. Either way, they will have to release this information once they finish the bigger case.

[QUOTE=Blind Lulu;51924083]I agree that this guy is probably guilty, but holy shit lol use your head and realize how bad a precedent this sets. Literally anybody can be charged with a crime. That's why it's called being charged with a crime and not being guilty of a crime. Generally you need to actually show proof that someone is guilty in order for them to be declared guilty.[/QUOTE] He wasn't declared guilty, though. They dropped the charges. Code3 and I have butted heads on law enforcement practices quite a few times, but he's right on this. They found enough info with the unrevealed exploit to get a warrant, bit didn't find enough damning evidence with the warrant to reach a conviction without publicly revealing the exploit. Being unwilling to share the details of the exploit, on the grounds that it would eliminate their ability to use it again for a more prolific offender, they were forced to drop their charges. The justice system worked as intended here. They were not able to procure sufficient evidence to prove guilt, and were unwilling to reveal what info they did have. So, they had to let him go for now.

[QUOTE=Revenge282;51924082]The whole premise of TOR is to be able to provide the highest level of anonymity available. By withholding that information, you are hindering every positive use the system has. Which, I am going to assume is contrary to someone like you's beliefs (who has likely never used TOR for any legitimate purposes outside of just trying it out), is pretty important and widespread.[/QUOTE] I use TOR all the time for, uh, research.

[QUOTE=Wealth + Taste;51925010]I use TOR all the time for, uh, research.[/QUOTE] Most of my communications go through tor, it's a legitimate system for people that want some anonymity.

Sorry, you need to Log In to post a reply to this thread.