The Onion Router, better known as the Tor Network, is often thought of as being the dark-side of the web. Not least as the anonymity provided by Tor meant that sites hosted on so-called hidden service servers were free to trade in just about anything from drugs and guns through to child pornography. In amongst the depravity and illegal excess, of course, were political activists and dissidents looking for an online safe haven in order to escape persecution, prosecution and potentially death. Revelations that the FBI would appear to have been behind the takedown of Freedom Hosting, apparently responsible for a bunch of hidden services which included alleged child pornography image servers, could be very bad news indeed. Not just for drug dealers, arms dealers and paedophiles but for anyone who has relied upon the multi-layered and encrypted onion network to retain their anonymity.
Reports as to the extent of the FBI operation fallout on the Tor Network vary, with some claiming as many as half of all Tor sites could have been compromised as a result. And that includes The Silk Road. This infamous site, only accessible through a Tor connection using the Tor browser, has been the online underground drugs marketplace of choice for some years now. Indeed, IT security investigative journalist Brian Krebs recently documented how cybercriminals had used The Silk Road to purchase heroin and have it sent to his home address in a failed attempt to frame him and have him jailed.
Although I have great sympathy for those groups using Tor for much needed privacy and protection, such as domestic abuse groups as well as the political dissidents for example, as someone who has used Tor myself, and accessed The Silk Road for that matter (I exposed what happens there for a news story in the UK a year or two ago), as well as being a father of eight and grandfather of five, I can't say I am sorry to see those supposedly responsible for distributing child pornography get arrested nor their sites taken down. I am concerned, in the aftermath of the Edward Snowden revelations, as to how much data is collected and what it is being used for here though. That said, I have no sympathy for those selling drugs, guns, stolen credit card details and the like on The Silk Road. Those doing the latter, so it has been suggested to me by a number of people on both sides of the IT security industry fence this week, could find themselves getting a call from the men in black soon enough. The (unsubstantiated) rumour out there is that malware was also potentially injected into The Silk Road, thought to have been hosted by Freedom Hosting, effectively turning it into a honeypot.
A Tor Project statement reads:
And the latest update, posted yesterday, says:
2.3.25-10 (released June 26 2013)
2.4.15-alpha-1 (released June 26 2013)
2.4.15-beta-1 (released July 8 2013)
3.0alpha2 (released June 30 2013)
Tor Browser Bundle users should ensure they're running a recent enough bundle version, and consider taking further security precautions.
The founder of Freedom Hosting, named as Eric Eoin Marques, has been arrested in Ireland and is now awaiting extradition to the USA.