|
tdubz



Registered: 02/26/12
Posts: 5,586
|
The FBI Is Classifying Its Tor Browser Exploit Because 'National Security'
#23379130 - 06/24/16 11:46 PM (7 years, 7 months ago) |
|
|
http://motherboard.vice.com/read/the-fbi-is-classifying-its-tor-browser-exploit
Quote:
Defense teams across the US have been trying to get access to a piece of malware the FBI used to hack visitors of a child pornography site. None have been successful at obtaining all of the malware's code, and the government appears to have no intention of handing it over.
Now, the FBI is classifying the Tor Browser exploit for reasons of national security, despite the exploit already being used in normal criminal investigations well over a year ago. Experts say it indicates a lack of organization or technical capabilities within the FBI.
“The FBI has derivatively classified portions of the tool, the exploits used in connection with the tool, and some of the operational aspects of the tool in accordance with the FBI's National Security Information Classification Guide,” government attorneys wrote in a filing earlier this month. It came in response to the defense of Gerald Andrew Darby, who is charged with child pornography offenses.
The case is one of many brought forward from the FBI's investigation of dark web child pornography site Playpen. In February 2015, the FBI took over Playpen and deployed a network investigative technique—the agency's term for a hacking tool—in an attempt to identify visitors of the site. That tool used a vulnerability to circumvent the protections of the Tor Browser Bundle, and then grabbed the suspect's IP address and system information. (Mozilla, the maintainers of the Firefox browser that may also been affected, have tried—unsuccessfully—to get access to the vulnerability).
Court documents had previously showed that, bizarrely, it was only the FBI's reason for not wanting to hand over the exploit that was classified. But according to this recent filing, the government is now waiting on a formal, signed document from an FBI Original Classification Authority to confirm that the exploit is itself classified.
“The FBI is arguing that the tool and exploit are not simply sensitive law enforcement information, but that they actually constitute information which must be classified in the interests of national security,” Steven Aftergood from the Federation of American Scientists told Motherboard in an email. To be successfully classified, the exploit must fall into one of several categories listed in Executive Order 13526.
“Which of these categories would apply here? Intelligence sources and methods? Technological activities related to the national security?” Aftergood added. “At first glance, all of them seem like a stretch. It will be interesting to see how FBI defends the move—and whether the court is persuaded.”
According to the Department of Justice, the government has a record of mistakenly and inappropriately invoking classification controls. Aftergood pointed to the DOJ's Office of the Inspector General’s 2013 report, which read “we found several documents in which unclassified information was inappropriately identified as being classified.”
Mark Rumold, senior staff attorney at the Electronic Frontier Foundation told Motherboard in a phone call, “The government is never shy about asserting its classification authority as broadly as it wants to.”
So, why now? Why classify the exploit and other information when myriad cases have already made their way through the courts?
“Either the classified information was originally designated by another agency and the FBI only just found out, or the FBI was the original classification authority, and the designation was overlooked in error at some point down the information supply chain. This could have been due to a lack of organization, technical capabilities, or both,” Ahmed Ghappour, visiting assistant professor at UC Hastings, College of the Law told Motherboard in an email.
In other court documents, the government has vaguely said it doesn’t want to disclose the exploit because it could diminish the future value of investigative techniques; allow individuals to devise counter-measures (or perhaps patch it); and discourage cooperation from third parties and other agencies that rely on these techniques. It also held a closed-off, and apparently convincing, meeting with a judge to explain its reasoning in more detail.
Although classifying material may seem like a surefire way to stop it being disclosed, the FBI's move could open up new legal avenues for defense teams to gain access to it.
The Classified Information Procedures Act (CIPA) is a statute followed when classified information enters a court. It's traditionally used in things like espionage cases, and allows the defense to potentially review classified material.
An FBI spokesperson declined to expand on the information in the recent court filing, or explain the agency's motivations.
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23379135 - 06/24/16 11:47 PM (7 years, 7 months ago) |
|
|
NSA.
|
Konyap

Registered: 06/30/07
Posts: 33,945
Loc: Planet Piss
Last seen: 4 years, 2 months
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23379173 - 06/24/16 11:56 PM (7 years, 7 months ago) |
|
|
 because they couldn't just set up a fake porn site with all the photo's they have
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Konyap] 3
#23379190 - 06/25/16 12:05 AM (7 years, 7 months ago) |
|
|
I've said it before an I will again Tor was a social experiment to trick people into falling for bait. Some people got busted some people didn't but I'm sure if you raised enough attention on the dark net you got a visit. Security on the internet is an illusion when you have the NSA sucking data right out of the ISP backbone.
Edited by tdubz (06/25/16 12:11 AM)
|
Konyap

Registered: 06/30/07
Posts: 33,945
Loc: Planet Piss
Last seen: 4 years, 2 months
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23379207 - 06/25/16 12:11 AM (7 years, 7 months ago) |
|
|
Right? Everyone talks.
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Konyap]
#23379216 - 06/25/16 12:15 AM (7 years, 7 months ago) |
|
|
Who watches over the NSA though and the FBI? Apparently no one....where is Congress where is the Judicial system on these issues? The Senate blocked the FBIs surveillance expansion by 2 votes in which the wording was craftily slipped into another bill. The executive branch seems to think they don't need warrants anymore for anything cyber related, which is starting to become everything.
Edited by tdubz (06/25/16 12:26 AM)
|
durian_2008
Cornucopian Eating an Elephant


Registered: 04/02/08
Posts: 16,693
Loc: Raccoon City
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23380320 - 06/25/16 10:25 AM (7 years, 7 months ago) |
|
|
Does it not occur to you, that you know nothing about the people providing this service.
Most people's use of the internet is akin to their unflinching trust of mysterious, research chemicals.

I didn't say that the sky is falling.
I said what is this, and who are these people.
How can you know the outcome of this uncalculated risk.
|
Alan Rockefeller
Mycologist

Registered: 03/10/07
Posts: 48,276
Last seen: 5 hours, 26 minutes
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23380335 - 06/25/16 10:29 AM (7 years, 7 months ago) |
|
|
Quote:
Konyap said:
 because they couldn't just set up a fake porn site with all the photo's they have
No, because when you connect to a site via tor, they don't get your IP address.
Quote:
tdubz said: I've said it before an I will again Tor was a social experiment to trick people into falling for bait. Some people got busted some people didn't but I'm sure if you raised enough attention on the dark net you got a visit. Security on the internet is an illusion when you have the NSA sucking data right out of the ISP backbone.
You obviously have no idea who is running tor. Look it up - they are very trustworthy.
Quote:
tdubz said: Who watches over the NSA though and the FBI? Apparently no one....
Actually a lot of people do. Ever heard of the IG?
https://en.wikipedia.org/wiki/Inspector_general
Quote:
The executive branch seems to think they don't need warrants anymore for anything cyber related, which is starting to become everything.
They still need warrants for almost everything cyber related.
|
durian_2008
Cornucopian Eating an Elephant


Registered: 04/02/08
Posts: 16,693
Loc: Raccoon City
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Alan Rockefeller]
#23380348 - 06/25/16 10:33 AM (7 years, 7 months ago) |
|
|
Quote:
Alan Rockefeller said: You obviously have no idea who is running tor.
I admit it.
|
durian_2008
Cornucopian Eating an Elephant


Registered: 04/02/08
Posts: 16,693
Loc: Raccoon City
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: durian_2008]
#23380399 - 06/25/16 10:46 AM (7 years, 7 months ago) |
|
|
They say that privacy is a threat, when the most culpable people post on Facebook and Twitter (social media). They drop their ID's, here-and-there, and make a speech at the site of their atrocities.
|
Morel Guy
Stranger


Registered: 01/23/13
Posts: 15,577
Last seen: 4 years, 1 month
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Alan Rockefeller]
#23380508 - 06/25/16 11:29 AM (7 years, 7 months ago) |
|
|
They can do anything in the name of national security. It's frighteningly so. I knew a guy pretty damn well who's been in the White House and CIA buildings. They do all sorts of things for all sorts of interests. I think politicians like the favors they get knowing bad dogs. Power runs deep.
|
Camwritesgonzo
The Unflushable Stool



Registered: 06/09/12
Posts: 2,333
Loc: On Uranus
Last seen: 5 months, 24 days
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Morel Guy]
#23380803 - 06/25/16 01:05 PM (7 years, 7 months ago) |
|
|
So deep, in fact, that it might behoove the public to carry lube so that power doesn't hurt their collective rectum quite so much.
-------------------- "I've always maintained that reality is for those who can't face drugs."-Tom Waits "I feel the same way about disco as I feel about herpes."-Hunter S. Thompson A squid eating dough in a polyethylene bag is fast and bulbous, got me?
 
|
Morel Guy
Stranger


Registered: 01/23/13
Posts: 15,577
Last seen: 4 years, 1 month
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Camwritesgonzo]
#23380862 - 06/25/16 01:27 PM (7 years, 7 months ago) |
|
|
Collective reach around?
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Alan Rockefeller]
#23382000 - 06/25/16 08:00 PM (7 years, 7 months ago) |
|
|
That is false, the NSA is overseen by yes the inspector general (which is a part of the NSA an as such would only punish an individuals actions not something that threatens the security of the nation or the agency). The FISA court also has oversight of the NSA but from what I have read they have allowed almost every single request from the agency.
If tor is so trustworthy why are programmers fleeing the United States to avoid possible persecution and or interrogation by the FBI.
The federal courts have ruled that GPS location from your phone is not considered to be protected by the 4th amendment. Had the FBI passed what they wanted in this recent Senate bill neither would emails and browser history. That would equate to pretty much the entire internet history of an individual.
Also it's obvious that the agency they are referring to in the article is the NSA, only now with cyber law legalities raised due to the FBIs latest sting does it force the FBI to use the "National Security" cover in order to protect their behind. Which is the same excuse the government uses anytime it's actions are facing potential legal accountability from the public.
I mean you can't break laws, create laws, and catch criminals at the same time can you? That's not the way agencies should be allowed to function.
Edited by tdubz (06/25/16 08:11 PM)
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: durian_2008]
#23382209 - 06/25/16 09:07 PM (7 years, 7 months ago) |
|
|
I understand that the internet is not your house, but you have at least some partial expectation of privacy on a public road in your car, should you not on the internet from your computer as well?
|
Alan Rockefeller
Mycologist

Registered: 03/10/07
Posts: 48,276
Last seen: 5 hours, 26 minutes
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23382235 - 06/25/16 09:16 PM (7 years, 7 months ago) |
|
|
Quote:
tdubz said: If tor is so trustworthy why are programmers fleeing the United States to avoid possible persecution and or interrogation by the FBI.
Who did that?
Quote:
The federal courts have ruled that GPS location from your phone is not considered to be protected by the 4th amendment. Had the FBI passed what they wanted in this recent Senate bill neither would emails and browser history. That would equate to pretty much the entire internet history of an individual.
Third parties are not bound by the 4th amendment.
|
Konyap

Registered: 06/30/07
Posts: 33,945
Loc: Planet Piss
Last seen: 4 years, 2 months
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Alan Rockefeller]
#23382273 - 06/25/16 09:27 PM (7 years, 7 months ago) |
|
|
Quote:
Alan Rockefeller said:
Quote:
Konyap said:
 because they couldn't just set up a fake porn site with all the photo's they have
No, because when you connect to a site via tor, they don't get your IP address.
that's the point of their "mal-ware" they probably had stacks and stacks of IP's before tor have you heard of all the stuff win10 does? you have no privacy anymore
if they want something they can just send a email and have the website do whatever they want they just need to write the law first
child porn no we should be as lucky to see anything else in broad daylight that they want to "cover up" it works for china and japan
Edited by Konyap (06/25/16 09:30 PM)
|
tdubz



Registered: 02/26/12
Posts: 5,586
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: Konyap]
#23382306 - 06/25/16 09:36 PM (7 years, 7 months ago) |
|
|
Unlike China and Japan who just block it outright it seems that America want's to trick it's citizens into committing crimes that otherwise would be much more difficult to commit. A genocide if you will to weed out the criminals. That is what I believe Tor is an continues to be. You don't hear anything like this from other federal agencies around the world doing it to it's citizenry just the FBI...an I'm quite sure they are breaking international laws by targeting individuals or even just acquiring meta data from individuals located in other countries.
Edited by tdubz (06/25/16 09:48 PM)
|
5150
phantom

Registered: 09/01/06
Posts: 5,437
Last seen: 4 years, 2 months
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23382411 - 06/25/16 10:15 PM (7 years, 7 months ago) |
|
|
Imagine some idiot going on a cp site from his home computer,didn't the guy from the who do that ,townsend,gotta b crazy
-------------------- "the way of the warrior is the resolute acceptance of death" Miyamoto Musashi
|
Alan Rockefeller
Mycologist

Registered: 03/10/07
Posts: 48,276
Last seen: 5 hours, 26 minutes
|
Re: The FBI Is Classifying Its Tor Browser Exploit Because 'National Security' [Re: tdubz]
#23382442 - 06/25/16 10:25 PM (7 years, 7 months ago) |
|
|
I don't think they fail to censor the internet in the USA just to catch people doing stuff. The internet is made to resist censorship and routes around it. People wouldn't stand for content filters here.
Tor does seem to be pretty secure - look at how hard it was to catch the silk road - they had to use other means to find it other than cracking tor, and it took them a long time.
If people are paranoid about tor they can always use public wifi to connect, but I haven't seen any evidence that is necessary or improves security.
|
|