The arrest of the Freedom Hosting CEO has set in motion a crisis for TOR and unleashed a java exploit designed to expose Freedom Hosting users.
What started as an arrest in Ireland pertaining to a case of child pornography took an international twist this past weekend, and brought doubts on the security and privacy of Tor, the popular anonymizing network. It all started with Eric Marques, the CEO of Freedom Hosting, a small hosting company that provides accounts to anyone who wants one. Eric became infamous in the underground of the web because of his willingness to turn a blind eye on any activity that went on inside the network of Freedom Hosting. This included potential child pornography sites, along with other illicit activities. In October of 2011, the activist group Anonymous had learned about this company and launched a denial of service attack against its servers, claiming that those servers hosted the vast majority of child pornography sites on the web, many of them being provided as Tor hidden services.
That last point, the fact that many sites on Freedom Hosting were provided as Tor hidden services, is where things become more complicated. Most people know of Tor as a simple software package that you can download and then use to anonymize your Internet connection, which I've written about recently. Your browser connects to various hops along the way before going to your destination, providing privacy against spies, either governmental or criminal, who would want to track you down.
But Tor also introduced the concept of a hidden service. This is a website which uses the same technology in order to be completely anonymous. That means if you go to a special web URL, such as http://tnysbtbxsf356hiy.onion or one of thousands of other sites, then you can connect to a website, which remains anonymous. This particular address is StrongBox, a legitimate privacy service from The New Yorker. There is also TOR Mail, which is a popular anonymous email system, but also a lot of potentially illegal sites, such as the famous Silk Road which provides drugs and weapons for sale, child pornography sites, crime gangs, and so on. These make up part of the Deep Web, available only through Tor.
It's interesting to note that just this past week, General Alexander, the head of the NSA, was speaking at Black Hat trying to reassure the tech crowd on how lawful the spying operation is, and how no abuse is being done. Meanwhile, leaks keep coming out, like the recent Reuters report about how the DEA uses data to target suspects, before agents are directed to cover up where the information came from. Meanwhile, this #torsploit story, as it's been nicknamed on social networks, is still being heavily looked into. There seems to be little doubt in some people's minds that the IP address in question is owned by the NSA, which would hint at yet another instance of data spillage going on. One thing seems certain, we're far from done hearing about these secret Internet spying programs.