Freedom Hosting arrest and takedown linked to Tor privacy compromise

Freedom Hosting arrest and takedown linked to Tor privacy compromise

Tor logoThe anonymising service Tor and the secretive web underworld operating under its shadowy cloak were rocked over the weekend by the arrest of a major hosting provider, and suggestions that malicious JavaScript may have been planted on a number of sites, aimed at revealing the identities of those using Tor.

Eric Eoin Marques, a 28-year-old Irish citizen, is being held without bail in Ireland after a preliminary extradition hearing on Saturday aimed at sending him to the US, where he would face charges of distributing child pornography online.

Marques owned and operated the “Freedom Hosting” service inside the Tor network, thought to be one of the largest operators within Tor having provided a number of popular privacy tools including TorMail.

The service has a history of issues with child pornography, with Anonymous collective apparently warning the service to clean up its act in 2011.

Coinciding with his arrest, reports began to emerge of suspect JavaScript being spotted on sites served by Freedom Hosting. The code is believed to be designed to reveal the identity of those visiting the sites, reporting back to a site hosted on the open web in the Washington DC area.

The script exploits a known vulnerability in Firefox, in a way which should only compromise older, unpatched versions of the browser.

Given the timing, of course most people have speculated that the script was inserted by investigators with the FBI, aiming to round up users of illegal child abuse sites believed to be hosted by Freedom Hosting.

This seems to be something of a trend for FBI investigations lately, leaving known paedophile sites up and running for a while after discovering them so the feds can track down their users.

The revelations will prove worrying for many legitimate Tor users, who rely on the service to protect them from snooping by government agencies. While it may sometimes be used for criminal purposes, Tor also often allows access to freedom of speech which might otherwise be denied to people in certain parts of the world.

The operators of the Tor Project have publicly distanced themselves from Freedom Hosting, in a blog post which also describes how the private networks they facilitate work.

The ‘deep web’ operating inside the Tor cloud has been hit by internal issues of late too, with a major criminal message board being hijacked and defrauded by one of its own trusted admins.

We’ve also seen that merely using Tor can flag you as a person of interest to government snoops, as one might well expect.

It seems that there’s no such thing as 100% reliable privacy and anonymity on the web.