Become a fan of Slashdot on Facebook


Forgot your password?
Security Crime Privacy

FBI Is Classifying Its Tor Browser Exploit Because 'National Security' ( 81

Joseph Cox, reporting for Motherboard:Defense teams across the US have been trying to get access to a piece of malware the FBI used to hack visitors of a child pornography site. None have been successful at obtaining all of the malware's code, and the government appears to have no intention of handing it over. Now, the FBI is classifying the Tor Browser exploit for reasons of national security, despite the exploit already being used in normal criminal investigations well over a year ago. Experts say it indicates a lack of organization or technical capabilities within the FBI. "The FBI has derivatively classified portions of the tool, the exploits used in connection with the tool, and some of the operational aspects of the tool in accordance with the FBI's National Security Information Classification Guide," government attorneys wrote in a filing earlier this month. It came in response to the defense of Gerald Andrew Darby, who is charged with child pornography offenses.
This discussion has been archived. No new comments can be posted.

FBI Is Classifying Its Tor Browser Exploit Because 'National Security'

Comments Filter:
  • Javascript exploit (Score:2, Insightful)

    by Anonymous Coward

    This a JS exploit, not a Tor problem. It really doesn't matter what this exploit does or how it works. If you have JS enabled in Tor, you're already pwn3d.

    • Re: (Score:2, Troll)

      by Cafe Alpha ( 891670 )

      How would you know that?

      • by tnk1 ( 899206 ) on Friday June 24, 2016 @01:19PM (#52382857)

        Tor can only protect you if your machine can't be made to report back information about it. It doesn't help you very much to have an anonymous end point if the server on the other end can simply ask your browser to fetch the actual IP address of your host and other information about it.

        Javascript allows calls like that to make your browser turn over that information. The reliable only way to prevent those calls is to turn JS off totally in your browser that is being used for Tor.

        And the way you know that is by installing Tor and running tests against a site created to test those vulnerabilities. Or you could simply heed all of the giant warnings that Tor tends to have about turning off Javascript and just trusting them on that.

        • by Kjella ( 173770 )

          Tor can only protect you if your machine can't be made to report back information about it. It doesn't help you very much to have an anonymous end point if the server on the other end can simply ask your browser to fetch the actual IP address of your host and other information about it. Javascript allows calls like that to make your browser turn over that information.

          No it doesn't. If you use a proxy there's no supported way to get your real IP via Javascript. But Javascript is a huge scripting engine, it has a much bigger exploit potential than a rendering engine. That happens too, I think a while back there was a bug in a font handling library but much less often.

          • If you use a proxy there's no supported way to get your real IP via Javascript.

            This is all pointless. I bet I can guess the first three numbers of your home computer's IP: 192...168....0...

          • Then how does this WebRTC know your intranet IP even when you are behind a firewall?


        • by evolutionary ( 933064 ) on Friday June 24, 2016 @02:25PM (#52383507)
          Problem is, many websites are designed to not function/give content without it. I've always been against this, but in attempt to sell to marketers, JS is all the rage. At the expensive of security, which most people don't seem to pay much mind anyway at least until they become a victim.
      • I'm a software/web developer architect. I get into discussions about how to implement things on websites a lot and it's a lot scarier than many might think. Just a few weeks ago I was looking at anti-fraud solutions which use something called "digital fingerprinting" which basically means tagging you in semi permanent fashion to verify you are actually "you". These solutions all rely on Javascript which my client couldn't use because they managed other external sites as well so it was too big a hassle. But
  • Funded originally be DARPA, as I recall. Because how could you not trust DARPA?

    • It was funded by the DOD and CIA as a method for spies to reliably communicate with their handlers without any way for the hosting state to intercept or read the communications.It was opened to the public so that the use of this network wouldn't be justification in itself to investigate.

  • The CIA classified my grocery list. Never mind that the information on the grocery list came from the weekly flyer that came in the mail. Never mind that the neighbors up and down the street may have a similar grocery list. Never mind that the CIA has no business classifying my grocery list in the first place.
  • by gatfirls ( 1315141 ) on Friday June 24, 2016 @01:04PM (#52382715)

    ....It's a laughably silly exploit that anyone can do and they paid 10 million dollars to get.

  • by Anonymous Coward

    I was LinuxFest Northwest earlier this year and had in interesting conversation with a lawyer from ACLU of Washington who gave a talk on cryptography and fearmongering. It was interesting because he advocated a position that the law should compel the government to publicly reveal any exploit gained or utilized by the government. I pointed out that this would be difficult to support for many people who believe in strong national defense (and foreign intelligence as a key aspect of that). The suggestion I m

    • by Ormy ( 1430821 )

      if an exploit is developed (or purchased) by the US government for foreign intelligence purposes, then the government can decide to withhold the exploit on national security grounds, but as soon as it is employed for any domestic law enforcement purpose (surveillance, intelligence gathering, criminal investigation/prosecution) then the release would be compelled.

      Sounds ideal in principle, but whats to stop them just 'saying' they only use the exploit for foreign intelligence. All laws should expect and account for human greed and the 'power corrupts' factor.

      • but whats to stop them just 'saying' they only use the exploit for foreign intelligence

        That's simple, if the law is written properly.

        When it's used for law enforcement purposes, it must be disclosed during that case---whenever the law dictates. E.g., when it is developed, after the investigation concludes, during the trial, after any appeals relevant to the exploit are decided, etc.

        If they totally swear that the intelligence community is using some other exploit, they don't have to talk about that supposed exploit. We don't care at that point.

        Either a particular exploit is unique to the intel

  • J.Edgar Hoover is alive and well. Why stop here? Who needs evidence anymore? For fucks sake just plant what you need and come in guns blazing. But yet police officers can have relationships with high school students and prosecutors turn a blind eye. What scum.
    • Re:So nice to see (Score:5, Insightful)

      by bluefoxlucid ( 723572 ) on Friday June 24, 2016 @01:27PM (#52382911) Homepage Journal

      The best bit is he's definitely guilty, and trying to get off on a technicality. The argument is the entire body of evidence collected since this whole thing started is tainted, and they have no valid reason to search him (knowing that his house is still full of child pornography because they already did an *illegal* search isn't a justifiable cause), so he gets away scot free because the authorities fucked up.

      This is *exactly* what we want. We want the authorities to follow the rules, and we want people who can hide in the rules to get away with it. We don't need the FBI searching you because they feel like it, finding evidence for an unpredicted crime, then charging you for it based on an illegal search. That leads to all kinds of vindictive political control, turning political opponents and other undesirables into targets to be ground away at by government overreach.

      The biggest danger is the public realizing what just happened and crying out against a child porn hoarder getting off free, and then demanding the repeal of the fourth and fifth amendments immediately. The second biggest danger is the FBI succeeding with their bluff, either having no evidence to present ("we used a thing that got us information, but we won't show you that thing, so just trust us about the evidence chain") or being forced to present and being called on performing an illegal search (hacked your computer) and then *not* penalized for it ("this is all technically inadmissible, but we'll allow it anyway").

      The neutral state is the FBI being forced to present and arguing (successfully and correctly) the defendant was *not* subject to an illegal search because the FBI had ample reason to believe the target site *was* doing illegal things and that its visitors were engaging in illegal activities (similar to a sting on a whore house). The outcome of being forced to present is the public can examine the code used to break Tor, then counteract it (technical arms race); Darby goes to jail; and the case sets no legal precedents weakening constitutional law.

    • by Anonymous Coward

      Who needs evidence anymore?


      But how does our government get away with it? Because the People let it. Why do they let it? Because they have a steady diet of mindless cop porn where the cops are all honest hardworking and never take shortcuts or make mistakes; while the "bad guys" who get away do so because the saintly cops are shackled by these ridiculous Civil Rights that do nothing but keep really bad people from paying for their crimes.

  • national security: you can use that reason to justify just about anything. there seems to be no limit, including ignoring/undermining the constitution in the name of national security. Of course B.J. Franklin said it best.
  • One can guarantee if anyone attempts to secure or harden TOR or any other onion product enough to ensue the TLAs can't gain access they will be visited by some "Men in Black" with some NSLs to hand out. Never to be seen again! The TOR site need to have a Warrant canary "" specific to this situation, unless they already have been issued NSL or other mandates, then all bets are off, probably the latter! It's a shame the Gov. thinks it's the boss, the people are the
  • I know the US Government computers and websites have already been hacked but they think they are gods... Well for gods it was funny that in Ottawa, Ontario the US embassy tried to tap the local cell phone of all the visiting diplomats to Parliament hill but they were caught and the cell phone sniffers they used were blocks to not to interfere with the cell phone in the Elgin Hotel

The other line moves faster.