Tor

With 'Operation Torpedo,' FBI Malware Infiltrates Dark Web

|

Zach Dorland/Flickr

Just when you thought it was safe to surf the Silk Road-replacement sites… Wired's Kevin Poulsen reported this week on the FBI using hacker-like techniques to track Tor users, in an effort the agency calls "Operation Torpedo." So far the agency says it has only tracked computers accessing underground child pornography sites. But some privacy advocates worry that the FBI's antics could easily be expanded—or already have. 

Tor is the software and open network that allows for anonymous web browsing and accessing the so-called "dark net" or "deep web". It works by bouncing your communications around a distributed network to effectively keep your IP address from being linked to your web activity.

Tor Project/Facebook

In 2012, the FBI busted a Nebraska man, Aaron McGrath, who was hosting three dark-net child porn sites via three separate servers. A federal magistrate gave the FBI permission to modify the code on these servers to deliver a malware program to any computers accessing those sites. The "network investigative technique" (NIT), as the FBI calls it, allowed the agency to identify IP addresses for these computers and eventually led to 14 arrests.

While it's hard to disagree with busting kiddie-porn proponents, American Civil Liberties Union (ACLU) technologist Chris Soghoian said there needs to be "a public debate about the use of this technology … and whether the criminal statutes that the government relies on" even permits it.

It's one thing to say we're going to search a particular computer. It's another thing to say we're going to search every computer that visits this website.

Soghoian noted that "the mere act of looking at child pornography is a crime," but "you could easily imagine (the FBI) using this same technology on everyone who visits a jihadi forum, for example. And there are lots of legitimate reasons for someone to visit a jihadi forum: research, journalism, lawyers defending a case."

Let's note that these "legitimate reasons" could all apply to child porn sites, too, even if it may be less likely. In terms of Jihadi sites: why should anyone need a 'legitimate reason' to visit? Maybe you're just curious. Maybe you're thinking of joining al Qaeda. Until you start engaging in criminal activity or the planning of it, then the FBI has no right to just up and install secret spyware on your computer.

Soghoian's worries over the FBI spying on non-criminal Tor users may have sounded paranoid until not too long ago. Post Edward Snowden, they seem not just plausible but likely. 

The National Security Agency (NSA) is admittedly monitoring servers running TOR—though this week a Department of Defense (DOD) spokeswoman said neither the NSA or the DOD had received personal data on Tor users during this monitoring. "This particular project was focused on identifying vulnerabilities in Tor, not to collect data that would reveal personal identities of users," she told Reuters. This particular project…

Reuters also notes that "she did not rule out the FBI or other agencies obtaining the data." The FBI declined to comment to the news agency. The U.S. State Department, meanwhile, has been funding Tor, while the Russian govenrment is offering a prize for cracking the Tor code.