https://pay.reddit.com/r/TOR/comments/2b8oq3/please_read_if_you_usedepend_on... Please read if you use/depend on Tor. Never before seen FH information. (self.TOR) submitted 16 hours ago * by Deepthroat2 [+1] Hello everyone, I have some information that I have been dying to share for months, but due to the circumstances, and to avoid detection, I had to wait for some time before I was able to safely make this post. My goal here is to provide information that I know is credible and for the Tor community to use it as they see fit, due to the nature of my work, and the severe penalties associated with breaking the rules and giving out information you aren't supposed too, I have no way of verifying or proving anything to you that I say here, I understand if find me less than credible, however, this is essentially a PSA, and you can take it for what it's worth to you. Just about one year ago, the Tor community was shaken by a Firefox exploit which utilized a javascript exploit and an old vulnerbility in the Tor Browser Bundle to unmask some users of Freedom Hosting. There has been rampant misinformation, and speculation to the point that I felt like pulling my hair out, or just simply bursting out into laughter when reading some of the outlandish claims made by people who have little to no idea what they are talking about. Today, I will set the record straight. The FH exploit was a government engineered, and deployed exploit that was designed in response to former Director Mueller's fustration at an earlier child pornography case in which the FBI was ridiculed for being unable to ascertain the source of child pornography, for those who aren't familiar with this case, it involved a man who had accessed child pornography by accident on a Tor hidden service, and then brought his desktop computer to the office, explaining what had happened and that he subsequently preformed a "Full wipe" on the disk. The agent who took the report had limited knowledge about Tor, however, at the time he knew that any directed effort to identify a specific Tor user was hopeless, and in the report he indicated that "There is currently no known way to ascertain the location of a Tor user, thus, no investigative leads exsist." This got leaked to the press, and they had a field day, hinting at the incompetency of the Bureau. Needless to say, the FBI had it's ego hurt quite badly by this public display of incompetency. Then Director Mueller directed the CEOS (Child exploitation and obscenity section) to find a way to penetrate the layers of protection provided by Tor, and to come up with a fesible way to conduct a sting operation in order to bring these people to justice. The FBI had previously conducted a sting on viewers of child pornography in a case out of Nebraska, that resulted in the arrest of about 25 people. This was the first successful take down of CP consumers that were utilizing a Tor hidden service. One of the errors that I see alot on these forums and others was that the Nebraska take down was done in a similar fashion to the FH exploit, with the code being deployed onto the pages of the boards, however, this is not the case. From my understanding, the Nebraska field office was able to find the actual server, take it over covertly, then upload a series of files that purported to be child pornography, but actually contained nothing but encrypted gibberish. They were video files that were embedded with code that called back to a computer that recorded the IP address of the requestor, date and time similar to the way windows media player attempts to recall album information and cover art for music cds and such. These were files that the user actually had to download and attempt to open. This is why the service was run for weeks, and only 25 people were identified as users. This method was described by the techs who deployed it as a "NIT" or "Network Investigational Tool". Now for Freedom Hosting.... The javascript exploit could not be deployed directly on the servers which Mr. Marques was using due to either technical reasons, or legal requirements by the AUSA in Maryland. So the decision was made to clone the services exactly, and transport then to the home of the FBI CEOS in the Greenbelt division of Maryland. This location was picked specifically because sentencing in this district for Child Pornography crimes is more severe. It was July 31st of 2013 when the exploit actually went live, and tried to identify criminals. It was installed previously, however, there were technical problems early on and the code had to be revised 3 times before it was running as intended, it ran for about 11 days before being shut down. The amount of people identified by this exploit is still a closely gaurded secret, with only agents having a direct "Need to know" being privy to this information. Howver, the victory dance was short lived as news started flowing around that the evidence may not be admissible in court, due to the manner in which it was collected, among other reasons. Although proper warrants were issued, it would take atleast 4-7 years to comb through the list of suspects, and question, arrest each one. The major problem is that after about 12 months, the courts start to presume your evidence is prejudicial to the defendant because you're supposed to have an indictment and serve it on the defendant within 30 days, and that just wasn't possible. You can request an extension of this time, however you must present a new, fresh reason for doing so..."We still aren't ready" doesn't cut it. There is no statue of limitations for the crime of "Accessing with intent to view child pornography" so barring any other limitations, the FBI can come after someone 10-15 years later. The AUSA became uncomfortable with the prospects of his legal case against the exploitees of FH and went to the US Attorney. There was disagreement as to whether or not the evidence would be viable, however, the operation went on anyways. One of the victims of the FH exploit was a man by the name of Grant Klein from Vermont. The Bureau had made arrangements with the local police for assistance with the raid (This is pretty much standard operation procedure, and is done for the saftey of the agents, as well as to maintain professional courtesy. Local cops get butt hurt when you arrest people on their turf without them knowing). The FBI had provided the local police with court documents and the affidavit of arrest regarding the cirsumstances of Mr. Klein's warrant, which they promptly posted onto their press release against the wishes of the FBI. This resulted in the termination of atleast one employee from local PD. He was raided and before even being asked a question ,he began spewing a confession. His home was searched, and a desktop computer with no hard disk was found, as well a laptop computer belonging to his wife Susan. There was no illegal materials found on these, however, he had a smartphone in the drawer of a nightstand which contained illegal images of minors. He was arrested and charged with 3 seperate crimes. To make a long story short, the FH related charges were dropped because the FBI had crossed a legal line by offering up child pornography de novo, by shutting down the server, then bringing it back online hosting real CP. They were uncomfortable with the prospects of this case, and were able to use a leon good faith exception to admit the evidence they found on his phone to make a single possession charge stick, however, he agreed to plead guilty. The rest of the leads which lead to foreign nationals were then distributed accordingly to the various LEA's. Also, earlier this wekk, the UK police arrested 660 people as part of Operation Notarise. The operation name of the FBI takedown in Nebraska was "Operation Torpedo" This was a cute poke at both the method they used, and the users they targeted Torpedo - Navy missile Tor Pedo - Tor Pedophile. -DT moar comments on Reddit