Category Archives: Tor Browser

The developers of privacy-protecting Linux distribution Tails have decided to get closer to Debian with the project's 3.0 release.

Tails - aka The Amnesic Incognito Live System - is designed to boot and run from removable storage and not to leave any trace of what you did while running it.

Users booting into version 3.0 will first see a more polished UI based on the GNOME default black theme. Next, Tails' developers hope, they'll notice fixes to the startup (quicker and easier to configure) and shutdown routine (to kill some persistent crashes).

At shutdown, Tails 3.0 also uses the Linux freed memory poisoning to overwrite system RAM, so an attacker or spook can't get at user data.

As first advised in January, old processors are farewelled, for security reasons, 32 bit machines are no longer supported. This lets the developers make NX bit support compulsory (this marks memory as non-executable, making it harder to exploit attacks like buffer overruns).

Getting rid of 32 bit support also lets Tails take advantage of address space layout randomisation (ASLR).

Tails 3.0 includes the Firefox 52 ESR-based Tor Browser 7.0, and the latest versions of other key bundled packages like KeePassX, LibreOffice, Inkscape, Audacity, Enigmail, MAT, Dasher and Git.

Other changes are listed at the changelog, and Tails 3.0 is available for download here.

Read the original here:
Tails OS hits version 3.0, matches Debian's pace but bins 32-bit systems - The Register

The Tor Browser Team is proud to announce the first stable release in the 7.0 series. This release is available from the Tor Browser Project page and also from our distribution directory.

This release brings us up to date with Firefox 52 ESR which contains progress in a number of areas:

Most notably we hope having Mozilla's multiprocess mode (e10s) and content sandbox enabled will be one of the major new features in the Tor Browser 7.0 series, both security- and performance-wise. While we are still working on the sandboxing part for Windows (the e10s part is ready), both Linux and macOS have e10s and content sandboxing enabled by default in Tor Browser 7.0. In addition to that, Linux and macOS users have the option to further harden their Tor Browser setup by using only Unix Domain sockets for communication with tor. Update (June 8, 8:00 UTC): As the last point caused some confusion: enabling Unix Domain sockets alone does not harden Tor Browser. One needs that *and* additional sandboxing mechanisms that prevent communication over TCP/IP.

The highlights in our tracking and fingerprinting resistance improvements are: cookies, view-source requests and the Permissions API are isolated to the first party URL bar domain now to enhance our tracking related defenses. On the fingerprinting side we disabled and/or patched several new features, among them WebGL2, the WebAudio, Social, SpeechSynthesis, and Touch APIs, and the MediaError.message property.

WIth the switch to ESR 52 come new system requirements for Windows and macOS users: On Windows Tor Browser 7.0 won't run on non-SSE2 capable machines anymore. On Apple computers OS X 10.9 is now the minimum system requirement.

Besides new system requirements for Windows and macOS users, there are some known issues with Tor Browser 7.0 as well:

Apart from switching to the new Firefox ESR and dealing with related issues we included a new Tor stable version (0.3.0.7) and updated our NoScript (5.0.5) and HTTPS-Everywhere versions (5.2.17).

We updated our toolchains during the ESR transition as well. In particular we retired the old GCC-based one for our macOS cross-compilation and rely solely on clang/cctools now.

The full changelog since Tor Browser 6.5.2 is:

Today is 7th of July but I still cannot see new tor version in official tor repository for Debian. Issue with ALSA is very sad, too sad. Pulseaudio, like systemd, are the things which were always avoided on system-critical OSes.

When I open youtube popup says me that I must install pulseaudio to het sound working, button with help redirects me on the page: link. However, there is no this page. You should fix the link.

P.S. Preview in commenting in tor-blog with enabled JS is not working. It doesn't show formatted text, only its source.

Thank guys, great job!

Quite often when I opened Tor Browser, there was a warning sign of a yellow triangle with an exclamation mark in the "Open Settings" button on the connecting dialog box. When clicking on that, it showed a "Copy to clipboard" button.

May anyone tell me a little bit about this warning? I'm wondering if my connection was compromised and no longer anonymous in these cases. This time, for example, the content I got from the "Copy to clipboard" was:

06/07/2017 12:58:58.500 [NOTICE] Bootstrapped 5%: Connecting to directory server 06/07/2017 12:58:58.500 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 06/07/2017 12:58:59.200 [WARN] Proxy Client: unable to connect to 68.45.52.117:40365 ("general SOCKS server failure") 06/07/2017 12:59:00.100 [NOTICE] Bootstrapped 15%: Establishing an encrypted directory connection 06/07/2017 12:59:00.100 [WARN] Proxy Client: unable to connect to 68.45.52.117:40365 ("general SOCKS server failure") 06/07/2017 12:59:00.300 [NOTICE] Bootstrapped 20%: Asking for networkstatus consensus 06/07/2017 12:59:01.200 [NOTICE] Bootstrapped 25%: Loading networkstatus consensus 06/07/2017 12:59:08.900 [NOTICE] Bootstrapped 80%: Connecting to the Tor network 06/07/2017 12:59:08.900 [NOTICE] Bootstrapped 90%: Establishing a Tor circuit 06/07/2017 12:59:10.100 [NOTICE] Tor has successfully opened a circuit. Looks like client functionality is working. 06/07/2017 12:59:10.100 [NOTICE] Bootstrapped 100%: Done 06/07/2017 12:59:11.600 [NOTICE] New control connection opened from 127.0.0.1. 06/07/2017 12:59:11.700 [NOTICE] New control connection opened from 127.0.0.1. 06/07/2017 13:00:18.400 [WARN] Proxy Client: unable to connect to 178.62.29.226:9443 ("general SOCKS server failure") 06/07/2017 13:00:19.700 [WARN] Proxy Client: unable to connect to 178.62.29.226:9443 ("general SOCKS server failure") 06/07/2017 13:00:19.800 [NOTICE] new bridge descriptor 'Unnamed' (fresh): $958ACD25DACDDE1CF6FE463FBFA28BFEB8BFF82B~Unnamed at 194.132.209.61 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 108.61.191.37:9443 ("general SOCKS server failure") 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 5.35.86.79:39563 ("general SOCKS server failure") 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 35.185.60.254:9443 ("general SOCKS server failure") 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 139.59.147.112:36715 ("general SOCKS server failure") 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 104.153.209.217:25447 ("general SOCKS server failure") 06/07/2017 13:01:06.100 [WARN] Proxy Client: unable to connect to 185.163.45.19:57339 ("general SOCKS server failure")

If you are using Add-ons with filter lists in Tor Browser 7.0, for example uBlock Origin, Adblock Plus etc. ,it takes extremely long to start the browser In Tor Browser 6.5 and previous this was not really an issue. It was only a small delay barely noticeable. This problem is new to version 7.0. I hope you can look into that.

How to reproduce: - Use a newely installed Tor Browser v. 7.0 - Install uBlock Origin - See how the browser will freeze for some seconds. - Restart the Browser and see how it will take extremely long to startup

I'm still hoping for 64-bit versions of Tor and the Tor Browser for Windows; maybe they'll show up alongside the ESR59-based Tor Browser, because Firefox 53+ no longer supports Vista, and most installations of Windows 7+ are 64-bit, so they will be able to benefit from 64-bit software.

my system is not supported.. meanwhile what can I do? updating only TOR instead of tor browser, but how do it? help please 😀

See original here:
Tor Browser 7.0 is released | The Tor Blog

The college philosophy class you barely remember aside, what the sandbox does is hides your files, your real IP address and your MAC address from the browser. Therefore, "the amount of information Tor Browser will learn about your computer, and thereby you, will be limited," Angel said.

At the time of that interview last October, the sandbox was still unstable and very much in testing, but the recent update has brought the digital safe-zone online for Linux and macOS, and by default. Next up? Sandbox protection for Windows users.

The update also imposes a few new requirements for users on Windows and macOS: Tor apparently won't work on non-SSE2-capable Windows hardware and you need to be running OSX 10.9 or higher on Apple machines.

Considering that last year a federal judge said that the FBI no longer needs warrants to hack a computer connected to the internet, this is an important update. "Even an internet user who employs the Tor network in an attempt to mask his or her IP address lacks a reasonable expectation of privacy in his or her IP address," judge Henry Coke Morgan, Jr commented at the time. For the full rundown of what's changed with the browser, hit the source links below.

Read the original:
Tor Browser 7.0 works harder to protect your anonymity on its own - Engadget

A new version of Tor Browser, a Firefox-based web browser with Tor functionality added to it, has been released on June 7, 2017.

Tor Browser 7.0 introduces support for Firefox's multi-process architecture e10s and content sandboxing as the major new features of the release.

The browser itself is now based on Firefox 52 ESR, the most recent Extended Support Release version of the Firefox web browser. You can check out what is new in Firefox 52 here. Note that Firefox 52 ESR ships with improvements made in previous versions of the browser as well.

The multi-process implementation is available across all supported operating systems. The same is not true for content sandboxing however, as only Linux and Mac OS X versions of Tor Browser 7.0 may make use of that.

The Windows content sandboxing is still in the works, and can be tracked on the official bug tracker.

The switch to Firefox 52 ESR as the code base of Tor Browser brought changes to the system requirements. Tor Browser 7 on Windows for instance does not run on devices that don't support SSE2 (Streaming SIMD Extensions 2).

AMD and Intel added support for SSE2 back in 2001 and 2003, and most processors sold in the past decade support the functionality. Still, it may mean that the new Tor Browser version won't run on systems that are older than 15 or so years.

On Apple systems, Mac OS X 10.9 is now the minimum requirement for Tor Browser 7.0.

As far as tracking and fingerprinting protection or resistance is concerned, multiple changes and improvements were made in the new version.

The highlights in our tracking and fingerprinting resistance improvements are: cookies, view-source requests and the Permissions API are isolated to the first party URL bar domain now to enhance our tracking related defenses. On the fingerprinting side we disabled and/or patched several new features, among them WebGL2, the WebAudio, Social, SpeechSynthesis, and Touch APIs, and the MediaError.message property.

The team that developers the Tor Browser hardens the base version of the Firefox web browser in many different ways to improve privacy of its users.

The new version of the Tor Browser has a couple of known issues that users need to be aware of before making the upgrade to the new version:

The full changelog has been posted on the Tor project website.

Now You: Do you use Tor or the Tor Browser?

Author Rating

Software Name

Tor Browser

Software Category

Browser

Landing Page

You are here: Home > Software > Tor Browser 7.0 released

Please Support Us

You can support us in many ways, for instance by disabling adblockers. Alternatively, you may support us with a PayPal donation.

Please check out our other support options here.

Advertisement

Recent Updates:

Firefox multi-process information Windows Backup Software overview Anti-Ransomware Software overview Firefox 53.0.3 Pale Moon 27.3 The Best Windows Software Firefox Roadmap 2017 Free CD Burning Software Firefox privacy and security preferences Windows 10 Privacy Software The best Chrome extensions The best Firefox addons

Advertisement

Topics

Apple Development Facebook Games Ghacks Hardware Internet Internet Explorer Linux Microsoft Mobile Computing Music And Video Networks Opera Security Tutorials

Advertisement

More here:
Tor Browser 7.0 released - gHacks Tech News - Ghacks Technology News

The Tor Project today released the first stable release of Tor Browser 7.0 (the previous version was 6.5.2). You can download the latest version, which includes many security and performance improvements, from the project page and the distribution directory.

Tor offers anonymous communication by directing internet traffic through a free, worldwide, volunteer network consisting of more than 7,000 relays. The goal is to conceal users location and usage from anyone conducting network surveillance or traffic analysis.

The Tor Browser, which automatically starts Tor background processes and routes traffic through the Tor network, is built on top of Mozillas Firefox Extended Support Release (ESR), a version designed for schools, universities, businesses, and others who need help with mass deployments. Firefox ESR releases are maintained for one year. In addition to the Tor proxy, Tor Browser includes the TorButton, TorLauncher, NoScript, and HTTPS Everywhere Firefox extensions.

The 7.0 release brings Tor Browser up to date with Firefox 52 ESR. This brings two major features: multiprocess mode and content sandbox. Both are enabled by default on macOS and Linux, while the Tor team is still working on the sandboxing part for Windows. Mac and Linux users also have the option to further harden their Tor Browser setup by using only Unix domain sockets for communication with Tor.

Switching to ESR 52 also brings new system requirements for Windows and macOS users. On Windows, Tor Browser 7.0 will not run on non-SSE2 capable machines, while for Macs, Tor Browser 7.0 requires OS X 10.9 or higher.

There are also tracking and fingerprinting resistance improvements. Cookies, view-source requests, and the Permissions API are now isolated to the first party URL bar domain to enhance tracking-related defenses. On the fingerprinting side, several new features were disabled or patched, including WebGL2; the WebAudio, Social, SpeechSynthesis, and Touch APIs; and the MediaError.message property. Other changes include updating HTTPS-Everywhere to version 5.2.17 and NoScript to version 5.0.5.

Go here to see the original:
Tor Browser 7.0 arrives with multiprocess mode, content sandbox, and Unix domain sockets - VentureBeat

Wikipedians want to give users the ability to access the world's most popular encyclopedia in the most secure way possible: On the dark web.

Cristian Consonni, Former Vice President of Wikimedia Italy, proposed Monday that Wikipedians should create a dark web version of the site accessible only via the Tor Browser.

It's possible now to access Wikipedia via the Tor Browserwhich is popular with activists and among people living in countries with censored web traffic because it encrypts web traffic and routes it through a series of different IP addresses called "nodes"but the connection is less secure than it would be if the site was accessible as a "hidden service" on the dark web.

As a hidden service (also called an onion site), Wikipedia would not need to direct its traffic through an exit node, a point where internet traffic "emerges" from the Tor network and connects to sites on the regular web. Exit nodes are known to be a seriously vulnerable portion of Tor's security.

Consonni shared the proposal on Wikimedia-L, a listserv where prominent Wikipedians discuss the future and internal politics of the site.

There, several editors, like David Cuenca Tudela, endorsed the idea, but many disagreed with Consonni on one major point. Consonni believes Tor users should have the ability to edit Wikipedia articles, which is currently not allowed, except under special circumstances.

A number of Wikipedians don't want Tor users to have the ability to edit, "due to high volume of known abuse from that vector," as one user put it.

Abusive editors have been known to use Tor to circumvent being banned. Wikipedia blocks problematic users based on their IP address, but the encrypted browser can be used to quickly obtain a new one.

Creating a dark web version of Wikipedia would make the encyclopedia available securely in the many places where it's censored. Countries like China, Iran, and Russia, have chosen to block their citizens ability to view a significant portion of the site's entries, or sometimes even the entire encyclopedia altogether.

Even seemingly liberal countries like the United Kingdom and France have attempted to censor portions of the site in the past.

It would be far more difficult for governments to censor or monitor Wikipedia's dark web version. But Consonni and like minded editors aren't just concerned with surveillance.

He hopes bringing Wikipedia to the dark web will also help improve Tor's reputation. The browser is often thought of as a tool for drug dealers and other criminals, instead of say, encyclopedia readers trying to avoid government surveillance.

"...providing Wikipedia over Tor would promote awareness of Tor itself as a technology for protecting user privacy," Consonni wrote in his proposal.

Wikipedia wouldn't be the first mainstream website to move towards the dark web. In 2014, Facebook launched a version that runs on Tor. ProPublica, a nonprofit investigative journalism outlet, followed suit last year.

"It can be argued that the privacy gain of having an onion service over visiting Wikipedia with HTTPS over Tor is minimal, but I think it is worth having this option," Consonni told me via Twitter DM.

"I think that all major websites should serve a version over Tor," he went on.

If Wikipedia were to build a Tor version, Consonni hopes the project would be organized through the Wikimedia Foundation, the nonprofit that operates Wikipedia, instead of through a third party that could potentially "be evil and snoop on users."

Building a darknet version of any site isn't terribly difficult. Easy-to-use tools even exist to help streamline the process, if you want to get your own open source encyclopedia on Tor while Wikipedians continue to debate the idea.

The Tor Project had no comment.

Follow this link:
Wikipedians Want to Put Wikipedia on the Dark Web - Motherboard

Caution: Have you heard about the Dark Web? Kim Komando has been warning listeners and Komando.com readers for years about this not-well-understood part of the internet.

It's where criminals sell illegal drugs, launder money and commit other crimes, often with little or no repercussions. It's a place where hackers buy your stolen credit card credentials and IDs. The Dark Web is not a place you want to visit without a solid understanding of what it is and what you're getting yourself into. So, proceed with caution.

Despite the Dark Web's sinister side, listeners ask Kim all the time for instructions how to get into the Dark Web. So, for informational purposes only, here is how to get in.

To be fair, you may have a valid reason for going to the Dark Web. You may want to see if your stolen items are being sold there. You may want to see if hackers are selling your ID, your credit card numbers or bank account information. You may want to see if your children or grandkids are up to no good online.

If you want to check on those things, we recommend you hire a skilled professional or reputable company to do the snooping for you. But, if that's not an option for you, anyone can get into the Dark Web.

Keep reading for step-by-step instructions to get on the Dark Web.

Note: Don't confuse the Dark Web with the Deep Web.

Simply, the Dark Web is the internet. It's sites and pages on the internet that are hidden from public view.

It's accessible with a bit of know-how. You have to know how to get in and, with enough motivation, you'll find you're there in no time.

The Dark Web is part of the internet that you don't see every day. It's part of the Deep Web, which is simply sites and pages that aren't made publicly available. That's a huge part of the internet.

There's nothing inherently bad about the Deep Web. For example, does your company have private pages where you access information that is only for employees? If those pages aren't registered with sites like Google, they're hidden from view. That's the DEEP web.

The DARK Web, which is part of the Deep Web, is seedier. These are sites that run on an encrypted browser.

Encryption is an extremely secure way of protecting your information. You can't easily get in without passwords or biometric access, such as your fingerprint.

You might remember that Apple got into hot water with the U.S. government after the 2015 San Bernardino terrorist attacks. The killed attackers had an encrypted iPhone that Apple wouldn't help the government unlock.

Encryption, when used for good, protects your location and privacy from hackers and criminals. When used for bad, as on the Dark Web, encryption can prevent the police and government from spotting illegal online activities, such as child pornography, prostitution, drug sales and more.

Despite its well-deserved reputation for being hard to find, the Dark Web is easy to access if you follow these three steps.

1. Most sites on the Dark Web run on an encrypted tool called Tor. There are other Dark Web tools, such as I2P, but it's believed that most sites use Tor. Go to: TorProject.org.

Bonus: If you want to protect your privacy, including your location, you can use Tor. It's a donation-based web service that you can use for everyday web surfing. Read more about Tor here.

2. Know the sites you're looking for. The Dark Web isn't accessible by Google and other search engines. You need to know the name of a site to visit it.

Tip in a Tip: You can remain anonymous online using encrypted virtual private networks (VPN) like DuckDuckGo.

3. Use a VPN to remain anonymous on Tor.

Warning: Before you visit the Dark Web, listen to Kim talk about it in this two-part podcast (links below).

Take an intimate tour of a disturbing place

Take an intimate tour of a disturbing place - The Dark Web Pt 2

Remember, we are providing instructions to access the Dark Web for information purposes only. We do NOT recommend that you visit the Dark Web.

What is Tor browser, and is it safe?

How to use free Wi-Fi for banking, shopping and safe browsing

How to erase everything you ever searched for on Google

Please share this information with everyone. Just click on any of these social media buttons.

Previous Tips

Random Tips

See the rest here:
What The Dark Web Is And How To Access It - Komando

Often used interchangeably, deep web and dark web arent actually the same things, rather, the dark web makes for a small part of the deep web.

People often confuse both the terms and at other times think they both mean the same thing, but thats not it.

Mostly, the deep web hasbeen related to something awful on the internet like the notorious SilkRoad black market but not everything on the deep web is illegal or bad.

Now before you go on jumping to conclusions about the deep web and how dangerous it can be, let me just explain it in simpler words.

The deep web is the part of the internet which is inaccessible using search engines like Google and Bing per se, the search engines can not index them, so they do not turn up when searched for.

Its not something out of this world, on the contrary, you are probably accessing the deep web on a regular basis your emails, online banking transactions, direct messages on Twitter, Instagram and much more.

None of these things turn up on the internet via a search engine, rather are protected behind a paywall or via a password.

Anything that can not be found on the surface of the web using a search engine is part of the deep web.

Given that the billions of internet users in all probability have thousands of billions of online accounts in all, which are either password protected or hold content behind a paywall all of this comprises the deep web, which many believe makes up for a majority of content on the internet.

The deep web is alternatively also called the Invisible or Hidden web and can be accessed via the normal Chrome or Safari browsers.

Dark web isnt an altogether different part of the internet but a part of the Deep web itself but can not be accessed via the standard browsers.

Given that amajority of the Dark web comprises of websites selling illegal products such as drugs or hacked credentials, and also houses websites dealing with weapons and child pornography, it is often referred to as the underbelly of the internet.

The Dark web is also used by internet activists and journalists to stay anonymous while passing or gathering information, especially in countries where the internet is heavily censored.

The search engine for those concerned about their privacy DuckDuckGo runs their service on the dark web too.

Websites on the Dark web, which are suffixed with .onion domain, can be accessed using the Tor browser or a similar service.

Note, while its not illegal to access the Dark web, beware that a lot many of the websites offer illegal services and accessing them might not sit right with the lawmakers in your native place.

The Dark web isnt as fancy and interactive as the rest of the surface web or the Internet as we know and use it and the websites are mundane and will take you back in time.

In order to access a website on the Dark web, youll either need the exact (.onion) URL of the site or can try your luck with the limited search engines for the Dark web such as The Hidden Wiki.

Even though a majority of the websites on the Dark web deal with illegal activities, websites such as Facebook, The Intercept, ProPublica have a version with .onion URL nothing illegal happening here.

Journalists, whistleblowers and internet activists use the Dark web to circumvent restrictions as well as to maintain anonymity and privacy while exchanging information.

No tool on the internet is bad in essence, but its the reason its being used for that makes it so. Similarly, the Dark web isnt completely a thing of evil.

Originally posted here:
What is Deep Web and How is it Different from Dark Web - Guiding Tech (blog)

Giridhara Raam is a Product Analyst for ManageEngine.

While the world was responding to the WannaCry attack which only utilized the EternalBlue exploit and the DoublePulsar backdoor researchers discovered another piece of malware, EternalRocks, which actually exploits seven different Windows vulnerabilities.

Miroslav Stampar, a security researcher at the Croatian Government CERT, first discovered EternalRocks. This new malware is far more dangerous than WannaCry. Unlike WannaCry, EternalRocks has no kill switch and is designed in such a way that its nearly undetectable on afflicted systems.

Stampar found this worm after it hit his Server Message Block (SMB) honeypot. After doing some digging, Stampar discovered that EternalRocks disguises itself as WannaCry to fool researchers, but instead of locking files and asking for ransom, EternalRocks gains unauthorized control on the infected computer to launch future cyberattacks.

When EternalRocks hits a computer, it downloads a Tor browser and connects that computer to its command and control (C&C) server located in an unidentified location on the web. To avoid detection, EternalRocks stays dormant in the infected computer for 24 hours before activating and communicating with its C&C server.

In the early stages of the attack, EternalRocks shares an archive containing all seven exploits with its C&C sever, then downloads a component called svchost.exe to execute all other actions and take over the infected system. Once thats done, EternalRocks searches for open SMB ports to infect other vulnerable computers.

One of the main features of EternalRocks is that it can turn into any major cyber weapon after successfully hijacking a system. For instance, it can be converted into either ransomware or a Trojan to cause more damage.

EternalRocks exploits seven vulnerabilities, including:

EternalBlue, EternalChampion, EternalSynergy and EternalRomance are designed to exploit vulnerable computers, while DoublePulsar is used to spread the worm across networks. EternalRocks is far deadlier than WannaCry. Security professionals have even named it the Doomsday Worm.

With new malware being unleashed every day since WannaCry, enterprises are looking for security solutions that can help them stay secure in spite of all these attacks. Experts suggest employing proper patch management procedures can keep your network and devices safe from any unwanted security breaches.

First WannaCry, then Adylkuzz, and now EternalRocks all due to a single leak of NSA hacking tools. The whole world witnessed WannaCrys impact when it used just two SMB vulnerabilities; imagine what EternalRocks can do with seven. Security researchers are still investigating EternalRocks. Until they neutralize the threat, you can stay safe and secure by staying on top of patch management.

Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Penton.

See the article here:
If You Think WannaCry is Huge, Wait for EternalRocks - Data Center Knowledge

The FBI decision to briefly run a large dark web child pornography site was done in close consultation with the Department of Justice, and was approved by executives from both agencies, according to a court transcript reviewed by Motherboard.

Defense lawyers have claimed that in operating a child porn website, the FBI itself distributed illegal material, and critics have pointed to the ethical issues around running such an operation. That higher levels of the FBI and Department of Justice were involved in the decision to proceed with the sting may not be surprising, but the transcript shows that the FBI's move was deliberate and ultimately seen as appropriate by the agencies.

Image: A section of Alfin's testimony.

"It was done with the approval of executives in both the FBI and the Department of Justice," FBI Special Agent Daniel Alfin, who worked on the investigation dubbed Operation Pacifier, said during an evidentiary hearing late last year, according to the transcript.

The transcript relates to the FBI's investigation of Playpen, which was at one point the largest child pornography site on the dark web. In February 2015, the FBI seized the site, but instead of shutting it down, decided to run it from a government facility for 13 days.

During this time, the FBI deployed a network investigative technique (NIT)the agency's term for a hacking toolin an attempt to identify Playpen's users. Specifically, the NIT was comprised of a Tor Browser exploit based on a "non-public" vulnerability, and malware designed to identify a user's real IP address and grab some basic system information. In all, the FBI hacked over 8,000 computers in 120 countries, including Austria, Norway, Greece, Chile, and the UK.

Read More: The FBI Hacked Over 8,000 Computers In 120 Countries Based on One Warrant

When reached for comment, Department of Justice spokesperson Peter Carr pointed to the quantitative effectiveness of Operation Pacifier.

"In the U.S., over 350 arrests, 25 child pornography producers and 51 hands-on abusers prosecuted, and 55 American children who were subjected to sexual abuse successfully identified or rescued; overseas, 870 arrests and at least 259 sexually abused children identified or rescued," Carr wrote in an email to Motherboard.

Aside from legal issues concerning hacking suspects across the United States and elsewhere on a legally dubious warrant, many are unsettled by the FBI running a child porn site in the first place.

One defense lawyer has made a "conservative estimate" that the FBI distributed around one million images of child abuse while the agency ran Playpen. (According to Alfin's testimony, much of the material linked to on Playpen was actually hosted on other websites.)

Corey Rayburn Yung, a professor at the University of Kansas School of Law, previously wrote that the FBI "actively participated in the revictimization of those depicted in child pornography with no possibility of controlling distribution. Such conduct is immoral and inexcusable."

The deliberations on whether to keep Playpen running involved "several individuals and levels of management from both organizations," Alfin said. The FBI General Counsel James Baker was also aware of the operation, Alfin said.

"Without going forward with this operation, we would have had no capability to identify anyone other than the creator of the Playpen website," Alfin added.

The rest is here:
DOJ, FBI Executives Approved Running a Child Porn Site - Motherboard