HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Anonymous Web Host 'Freed...

Sun Aug 4, 2013, 04:28 PM

 

Anonymous Web Host 'Freedom Hosting' Owner Arrested, TorMail Compromised

Owner arrested in Ireland, FBI makes extradition request, malicious JavaScript discovered on a number of important hidden services.

What happened?
Eric Eoin Marques, the 28 year old owner and operator of the Tor-based internet host 'Freedom Hosting' has been arrested in Ireland and charged with distributing and promoting child pornography on the internet, reports the Independent.

Since the arrest, internet users have reported noticing malicious JavaScript designed to compromise their identities inserted into pages hosted by Freedom Hosting, including the 'Tormail' service, as well as a number of pedophile messageboards.

Why?
'Freedom Hosting' provides hosting for anonymous 'hidden services' on the Tor network. These services can range from everything from anonymous email and library services, to online marketplaces for drug distribution and the production and exchange of child pornography.

As this is part of an ongoing FBI investigation, there is no conclusive evidence that the injection of this JavaScript is the result of a government operation, however, this does fall under a known pattern of FBI behavior related to child porn sting operations. It is possible that the attack, which delivers a weaponized exploit to Firefox users running Windows systems, is the work of non-government cyber criminals, although the timing of the arrest and the appearance of this code on a number of hidden services hosted by Freedom Hosting does seem to imply a government operation.

https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arrested

The Tor Blog: Hidden Services, Current Events, and Freedom Hosting

Posted August 4th, 2013 by phobos in facts freedom hosting hidden services hidservs tor network
Around midnight on August 4th we were notified by a few people that a large number of hidden service addresses have disappeared from the Tor Network. There are a variety of rumors about a hosting company for hidden services: that it is suddenly offline, has been breached, or attackers have placed a javascript exploit on their web site.

A Hidden service is a server – often delivering web pages – that is reachable only through the Tor network. While most people know that the Tor network with its thousands of volunteer-run nodes provides anonymity for users who don´t want to be tracked and identified on the internet, the lesser-known hidden service feature of Tor provides anonymity also for the server operator.

Anyone can run hidden services, and many do. We use them internally at The Tor Project to offer our developers anonymous access to services such as SSH, IRC, HTTP, and our bug tracker. Other organizations run hidden services to protect dissidents, activists, and protect the anonymity of users trying to find help for suicide prevention, domestic violence, and abuse-recovery. Whistleblowers and journalists use hidden services to exchange information in a secure and anonymous way and publish critical information in a way that is not easily traced back to them. The New Yorker's Strongbox is one public example.

Hidden service addresses, aka the dot onion domain, are cryptographically and automatically generated by the tor software. They look like this http://idnxcnkne4qt76tg.onion/, which is our torproject.org website as a hidden service.

There is no central repository nor registry of addresses. The dot onion address is both the name and routing address for the services hosted at the dot onion. The Tor network uses the .onion-address to direct requests to the hidden server and route back the data from the hidden server to the anonymous user. The design of the Tor network ensures that the user can not know where the server is located and the server can not find out the IP-address of the user, except by intentional malicious means like hidden tracking code embedded in the web pages delivered by the server. Additionally, the design of the Tor network, which is run by thousands of volunteers, ensures that it is impossible to censor or block certain .onion-addresses.

The person, or persons, who run Freedom Hosting are in no way affiliated or connected to The Tor Project, Inc., the organization coordinating the development of the Tor software and research. In the past, adversarial organizations have skipped trying to break Tor hidden services and instead attacked the software running at the server behind the dot onion address. Exploits for PHP, Apache, MySQL, and other software are far more common than exploits for Tor. The current news indicates that someone has exploited the software behind Freedom Hosting. From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the web pages delivered to users. This exploit is used to load a malware payload to infect user's computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We're investigating these bugs and will fix
them if we can.

As for now, one of multiple hidden service hosting companies appears to be down. There are lots of rumors and speculation as to what's happened. We're reading the same news and threads you are and don't have any insider information. We'll keep you updated as details become available.

https://blog.torproject.org/blog/hidden-services-current-events-and-freedom-hosting

37 replies, 6186 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 37 replies Author Time Post
Reply Anonymous Web Host 'Freedom Hosting' Owner Arrested, TorMail Compromised (Original post)
dkf Aug 2013 OP
msanthrope Aug 2013 #1
dkf Aug 2013 #2
msanthrope Aug 2013 #3
dkf Aug 2013 #4
malaise Aug 2013 #5
msanthrope Aug 2013 #11
msanthrope Aug 2013 #7
dkf Aug 2013 #13
msanthrope Aug 2013 #18
NoOneMan Aug 2013 #22
GoneFishin Aug 2013 #30
NoOneMan Aug 2013 #20
msanthrope Aug 2013 #24
NoOneMan Aug 2013 #25
msanthrope Aug 2013 #26
NoOneMan Aug 2013 #27
Ruby the Liberal Aug 2013 #33
Ruby the Liberal Aug 2013 #6
msanthrope Aug 2013 #8
Ruby the Liberal Aug 2013 #16
enlightenment Aug 2013 #12
NoOneMan Aug 2013 #21
Ruby the Liberal Aug 2013 #31
enlightenment Aug 2013 #9
msanthrope Aug 2013 #10
enlightenment Aug 2013 #14
Ruby the Liberal Aug 2013 #15
msanthrope Aug 2013 #17
Rex Aug 2013 #32
Electric Monk Aug 2013 #19
NoOneMan Aug 2013 #23
wandy Aug 2013 #28
kestrel91316 Aug 2013 #29
Warpy Aug 2013 #34
sigmasix Aug 2013 #35
Recursion Aug 2013 #36
yodermon Aug 2013 #37

Response to dkf (Original post)

Sun Aug 4, 2013, 04:35 PM

1. Excellent. The child porn king was trying to get to Russia....

 

The court also heard that a search of Mr Marques's computer revealed he had made inquires about how to get a visa and entry into Russia.

http://www.independent.ie/irish-news/courts/fbi-bids-to-extradite-largest-childporn-dealer-on-planet-29469402.html

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #1)

Sun Aug 4, 2013, 04:43 PM

2. They are accusing him of being a facilitator not being a distributor or creator or user.

 

They are accusing him of participating in a Tor network.

That's like accusing your provider of being a facilitator if you looked up child porn.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #2)

Sun Aug 4, 2013, 04:45 PM

3. When he's doing his 30 years in the slammer, he can parse that out to his fellow inmates. nt

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #3)

Sun Aug 4, 2013, 04:48 PM

4. That's the US Government making sure they have access to all communications.

 

Big brother is here and he demands to know everything.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #4)

Sun Aug 4, 2013, 04:51 PM

5. I'm all for freedom and privacy but I welcome any government agency that exposes

child porn...anywhere.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to malaise (Reply #5)

Sun Aug 4, 2013, 05:04 PM

11. Don't derail a perfectly good anti-Obama, the NSA-is-coming-to-get-you thread with facts. nt

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #4)

Sun Aug 4, 2013, 05:00 PM

7. Yes--where will the pedophiles go to retain their privacy?

 



The US authorities are seeking his extradition on four charges. He is charged with distributing, conspiring to distribute, and advertising child pornography.


It was also alleged he aided and abetted a conspiracy to advertise child pornography and the court heard that if convicted he faces sentences of up to 30 years in prison.



http://www.independent.ie/irish-news/courts/fbi-name-irishman-as-largest-facilitator-of-child-porn-on-net-29468433.html

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #7)

Sun Aug 4, 2013, 05:07 PM

13. Well this is probably why the telecoms gave up all that info. They would be charged similarly I bet

 

Privacy on a network extends to all, including some bad uses obviously. Otherwise it wouldn't be private would it?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #13)

Sun Aug 4, 2013, 05:11 PM

18. What? Are you suggesting this guy is falsely charged with advertising child porn? nt

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #18)

Sun Aug 4, 2013, 05:33 PM

22. The charges may be false. Thats what the show trial will be for

 

I don't know really. Do you *know*? You are already calling for him to be thrown in jail for 30 years so you must know, right?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NoOneMan (Reply #22)

Sun Aug 4, 2013, 06:06 PM

30. Why waste money on a trial when we can just have a few internet authoritarians decree him guilty

until proven ...... well .... just guilty.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #3)

Sun Aug 4, 2013, 05:29 PM

20. Do you understand the technologies in question here or just straight shooting from the hip

 

Like Bush used to?

These allegations are based on technicalities and designed to punish those that allow others to communicate with privacy. There is nothing good about this

BTW, if he really was involved directly with knowledge in purposefully promoting child porn, then yes, he should be arrested. In the meantime it seems a bit like a smear to me

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NoOneMan (Reply #20)

Sun Aug 4, 2013, 05:36 PM

24. Bush? Heck--Anonymous, more like. They called out Freedom Hosting last year--

 




He can argue the technicalities when he faces these four charges....


The US authorities are seeking his extradition on four charges. He is charged with distributing, conspiring to distribute, and advertising child pornography.


It was also alleged he aided and abetted a conspiracy to advertise child pornography and the court heard that if convicted he faces sentences of up to 30 years in prison.



http://www.independent.ie/irish-news/courts/fbi-name-irishman-as-largest-facilitator-of-child-porn-on-net-29468433.html



Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #24)

Sun Aug 4, 2013, 05:42 PM

25. That Anonymous story is anything but clear

 

I mean, there is an individual arrested who may not have actively participated in any of that (but rather volunteer "admins" interacting with his hosting platform) beyond ensuring his services stayed up for everyone. Its entirely possible that his role could be more negligent or blind allegiance to their TOS/Philosophy than to anything regarding internet child porn. The lines in the internet run in strange ways.

But yes, thats what a trial is for. Calling for him to work it out with prison inmates is a bit premature, though if he is guilty he should definitely be punished according to law.

Honestly, its such a strange thing to think that in this digital age though, child porn can basically be used to shut anyone down (by association or implanting such). Everyone is subject to silence from this. And who is to believe the child pornographer? I think its a bit scary personally

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NoOneMan (Reply #25)

Sun Aug 4, 2013, 05:51 PM

26. Your first sentence describes a crime. Let me give you a like example---

 

If I maintain a property where I know, or I reasonably should know, that drug parties are going on, and I continue to provide the property, collect the rent, and otherwise take no action to prevent that crime on my property, I, as property-owner am guilty of a crime.

Let me guess--he did this for free?


Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #26)

Sun Aug 4, 2013, 05:57 PM

27. Which is the same for the owners of every ISP today

 

Why are they not also being prosecuted when they know their backbones are being actively used to distribute child porn, pirated software and terrorist communications?

Yes, the hosting was probably free for the end users. Maybe he profitted by inserting banners up top. I am not familiar enough with this service to know or call for him to serve 30 years in jail yet.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NoOneMan (Reply #27)

Sun Aug 4, 2013, 06:20 PM

33. It was certainly not free

Freedom Hosting is a company notorious for hosting sites that would violate the TOS of your standard host provider.

When I volunteered with the SPLC, they were the go-to for skinheads whose sites were so radical they couldn't get retain providers to host them.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #2)

Sun Aug 4, 2013, 04:53 PM

6. Oh well, if he is only FACILITATING child porn...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ruby the Liberal (Reply #6)

Sun Aug 4, 2013, 05:01 PM

8. You've got to love that, right? Note how the OP simply forgets to mention the child porn? nt

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #8)

Sun Aug 4, 2013, 05:09 PM

16. Yeppers.

An inconvenient side-story, apparently.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ruby the Liberal (Reply #6)

Sun Aug 4, 2013, 05:04 PM

12. I just finished wading through a Reddit thread

on this (because it popped up when I googled Marques looking for more information about this).

The rapidity with which it devolved into "I don't understand why just looking at child porn is a problem" was stomach-churning. There were a few posters attempting to explain why it's a problem, and why it is important to try and shut down the distribution (should I say "facilitation" since that seems to be the word of the day?) of child pornography - but they were fish swimming upstream in a flash flood.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ruby the Liberal (Reply #6)

Sun Aug 4, 2013, 05:30 PM

21. The internet facilitates child porn. Arrest all ISP workers?

 

So do cameras and cellphones.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NoOneMan (Reply #21)

Sun Aug 4, 2013, 06:12 PM

31. Ever looked at the TOS of a web host?

If you look the other way, and that shit is housed on your servers, be prepared to do the time.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #2)

Sun Aug 4, 2013, 05:01 PM

9. The first paragraph of your first link

says:

. . . arrested in Ireland and charged with distributing and promoting child pornography on the internet


emphasis mine

Reply to this post

Back to top Alert abuse Link here Permalink


Response to enlightenment (Reply #9)

Sun Aug 4, 2013, 05:03 PM

10. Notice it doesn't make the OP, but is buried in the link? Seems a bit germane to the discussion,

 

right?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to msanthrope (Reply #10)

Sun Aug 4, 2013, 05:07 PM

14. One would think.

But I think that shortly we may be in for a brand new definition of "distribution". . .

Reply to this post

Back to top Alert abuse Link here Permalink


Response to enlightenment (Reply #9)

Sun Aug 4, 2013, 05:08 PM

15. OP must have found that inconvenient to the narrative

You know - an afterthought to the true attack on our freedums.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ruby the Liberal (Reply #15)

Sun Aug 4, 2013, 05:10 PM

17. We are spoiling a perfectly good anti-Obama/the NSA-is-going-to-get-you thread by mentioning

 

the child porn.

Bad us.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Reply #2)

Sun Aug 4, 2013, 06:14 PM

32. Uh, ya he is a distributor of child porn!

 

What do you think a facilitator does on a 'hidden network'? If he didn't provide service, there would be no child porn to distribute.

Glad they got the perv...why would you be looking at child porn in the first place?

Hope he rots in prison.

Reply to this post

Back to top Alert abuse Link here Permalink



Response to Electric Monk (Reply #19)

Sun Aug 4, 2013, 05:35 PM

23. The technology illiterate think they "distribute" pirated software

 

But who am I to stand in the way of a good hate fest with truth

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 06:03 PM

28. I think I'm just going to ignore this one for a few days........

At least until it gets by pornographic pressure cookers, or trying to smuggle Zimmerman into Russia.
I'll read up on this after the charges of selling spiders of mass destruction get dropped.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 06:05 PM

29. How sad. There doesn't appear to be a way to spin this into an attack on

 

Democratic Party principles.



You're losing your edge.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 06:31 PM

34. Scum like him is why I cautioned people to be very careful

when they installed and ran Tor on their computers. I did for a while when the uprising in Iran was using it before switching to Haystack, it was convenient slacktivism on my part and I have nothing to hide on my own puter should the Feds come snooping.

Well, unless they think knitting patterns are encrypted terrorism.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 06:51 PM

35. Obama's coming to git us with his NSA goons!

Can't you people learn a new tune? This one is getting old and obvious.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 06:58 PM

36. Anonymous has a history of going after child porn rings, too

I'd guess the javascript was theirs.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to dkf (Original post)

Sun Aug 4, 2013, 11:58 PM

37. Here's the problem folks: 1) Truly anonymous services like Tor/Freenet/etc will *always* attract

the child pornographers. ALWAYS.

2) The government will (eventually) leverage this fact to shut down said services.

3) Yeah, I know they can't be "shut down". But child porn has the ability to motivate public opinion in the direction of "yeah, let's go ahead and change the fundamental structure of the internet such that true anonymity isn't possible any more". Might take years or decades but that's the trajectory IMO.

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread