Header Ads

FBI argues keep its Tor hacking tool secret be classified

Defense teams across the US have been trying to get access to a piece of malware the FBI used to hack visitors of a child pornography site. None have been successful at obtaining all of the malware's code, and the government appears to have no intention of handing it over.

Now, the FBI is classifying the Tor Browser exploit for reasons of national security, despite the exploit already being used in normal criminal investigations well over a year ago. Experts say it indicates a lack of organization or technical capabilities within the FBI.



In the legal back-and-forth surrounding the FBI's hack and subsequent arrest of 1,500 users of a dark web child pornography site called Playpen, the FBI has now moved to classify the Tor Browser exploit they used, Motherboard reports, citing reasons of national security. 

Last month, Mozilla -- whose code much of the Tor Browser is based on -- asked the FBI to identify the exploit the agency used to install location-tracking malware on users' computers. That request was approved and then quickly thrown out by a judge in Washington state, who reversed his decision when the Justice Department also convinced him that the exploit was a matter of national security.

"The FBI has derivatively classified portions of the tool, the exploits used in connection with the tool, and some of the operational aspects of the tool in accordance with the FBI's National Security Information Classification Guide," the government's attorneys wrote in a filing made in response to one of the defendants earlier this month. As Motherboard points out, the FBI originally wanted to classify their reasons for not handing over the exploit, rather than the exploit itself. That filing has been amended and is simply waiting on a signature from the FBI Original Classification Authority to confirm it will be hidden from public view. While experts believe the national security excuse is tenuous, the Department of Justice does have a recorded history of classifying inappropriate information. A 2013 report from the DOJ's own office of the Inspector General revealed several documents in which "unclassified information was inappropriately identified as being classified."

If the FBI is successful in classifying their exploit tool, it would make it difficult to verify that their evidence, which affects over 1,500 related cases, was obtained through legal means. On the other hand, a legal loophole set in place by the Classified Information Procedures Act could allow the defense teams in these cases to review certain classified materials, although that's not guaranteed.

As for the Tor Project, the problems here are clear: how can an open, yet unknown, security flaw endanger the lives or human rights of those around the world who legitimately rely on a browser built for privacy and security?


WHAT IS DARK WEB/DEEP WEB?

 The “dark web” is a part of the world wide web that requires special software to access. One these, the most popular is Tor (originally called The Onion Router), partly because it is one of the easiest software packages to use. Tor downloads as a bundle of software that includes a version of Firefox configured specifically to use Tor.

Example Dark Web onion without Tor you can NOT access



Where can I find more .onion sites?

.onion site list

Other external resources:
 
Once inside, web sites and other services can be accessed through a browser in much the same way as the normal web.

However, some sites are effectively “hidden”, in that they have not been indexed by a search engine and can only be accessed if you know the address of the site. Special markets also operate within the dark web called, “darknet markets”, which mainly sell illegal products like drugs and firearms, paid for in the cryptocurrency Bitcoin.

Now Dark Web is not Dark anymore because of FBI and NSA




Source: Motherboard


No comments

blogmytuts. Powered by Blogger.