-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/06/2017 08:40 PM, juan wrote:
On Mon, 6 Mar 2017 20:20:12 -0500 bbrewer <bbrewer@littledystopia.net> wrote:
Re: If this doesn't define what TOR really is, what does?
What do you mean?
At any rate, it's hard to believe that no one has a copy of the alleged malware...
So whatever they are hiding is probably not this: http://resources.infosecinstitute.com/fbi-tor-exploit/ "The FBI used a vulnerability in Firefox 17, on which the Tor browser is based, to turn Freedom Hosting sites into malware spreading tracker tools. It all works on the Firefox 17 JavaScript Zero Day Exploit; this malicious script is a tiny Windows executable hidden variable named “Magneto” which looks for victim’s MAC address and its hostname and sends it back as a HTTP web request to the Virginia server to expose the user’s real IP address. The FBI successfully gained access to the Freedom Hosting server and injected malicious HTML code, which checks whether the user’s browser is Firefox 17 or not." Which raises the question, what ARE they hiding? Some options, in no particular order... 1) An as-yet undetected and unpatched vulnerability affecting Firefox and/or the TOR router was used - and the defense team knows it. 2) The defendant may have traded some information or cooperation, or may have an "insurance file" with enough evidence to convict someone at FBI or DOJ of his same charges or worse. 3) The FBI decided to pick one suspect to kick loose with a bogus story indicating an as-yet undetected and unpatched vulnerability, for propaganda purposes. The fog of physical war is hard enough to see through, but with network warfare that fog is hiding... more fog. :o/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJYvuzMAAoJEECU6c5XzmuqqdYH+wQAyPNymKAPOaIkXF/Y3A7V Ri1rA6XXvxNx6aISrc8yG3xKfqRocGRKmXprRUE7nLrXt92soLSZB5x2Zze3epCn 4wrOFA+Cno3Ig+S1cgmlwf8c59TfYHXRU2S5iUnO7PyRKoG/6VQzMo2PZeglcmQ3 8P31AMl9Za6Hct/rlc84pLBvEHwLQX4Zy2dyrpoLJMKM2jAV4Rwrr4pIXtNjobY/ KxsX3MLyau/BbDNPI/Ev8v5en3lgzYjhu2OUMrsH8cAwmyooZCxnSvyZETQmAm5F CPcOHuRPUK/8TnEROMny6NDaUC+eRbPQJEWhpgJ41DsSy3S3Qf01lsJ0wM52zC4= =2Nz6 -----END PGP SIGNATURE-----