If this doesn't define what TOR really is, what does?

Steve Kinney admin at pilobilus.net
Tue Mar 7 09:24:29 PST 2017 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 03/06/2017 08:40 PM, juan wrote:
> On Mon, 6 Mar 2017 20:20:12 -0500 bbrewer
> <bbrewer at littledystopia.net> wrote:
> 
> 
>> Re: If this doesn't define what TOR really is, what does?
> 
> 
> What do you mean?
> 
> At any rate, it's hard to believe that no one has a copy of the 
> alleged malware...

So whatever they are hiding is probably not this:

http://resources.infosecinstitute.com/fbi-tor-exploit/

"The FBI used a vulnerability in Firefox 17, on which the Tor browser
is based, to turn Freedom Hosting sites into malware spreading tracker
tools. It all works on the Firefox 17 JavaScript Zero Day Exploit;
this malicious script is a tiny Windows executable hidden variable
named “Magneto” which looks for victim’s MAC address and its hostname
and sends it back as a HTTP web request to the Virginia server to
expose the user’s real IP address. The FBI successfully gained access
to the Freedom Hosting server and injected malicious HTML code, which
checks whether the user’s browser is Firefox 17 or not."

Which raises the question, what ARE they hiding?  Some options, in no
particular order...

1)  An as-yet undetected and unpatched vulnerability affecting Firefox
and/or the TOR router was used - and the defense team knows it.

2)  The defendant may have traded some information or cooperation, or
may have an "insurance file" with enough evidence to convict someone
at FBI or DOJ of his same charges or worse.

3)  The FBI decided to pick one suspect to kick loose with a bogus
story indicating an as-yet undetected and unpatched vulnerability, for
propaganda purposes.

The fog of physical war is hard enough to see through, but with
network warfare that fog is hiding... more fog.

:o/








-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJYvuzMAAoJEECU6c5XzmuqqdYH+wQAyPNymKAPOaIkXF/Y3A7V
Ri1rA6XXvxNx6aISrc8yG3xKfqRocGRKmXprRUE7nLrXt92soLSZB5x2Zze3epCn
4wrOFA+Cno3Ig+S1cgmlwf8c59TfYHXRU2S5iUnO7PyRKoG/6VQzMo2PZeglcmQ3
8P31AMl9Za6Hct/rlc84pLBvEHwLQX4Zy2dyrpoLJMKM2jAV4Rwrr4pIXtNjobY/
KxsX3MLyau/BbDNPI/Ev8v5en3lgzYjhu2OUMrsH8cAwmyooZCxnSvyZETQmAm5F
CPcOHuRPUK/8TnEROMny6NDaUC+eRbPQJEWhpgJ41DsSy3S3Qf01lsJ0wM52zC4=
=2Nz6
-----END PGP SIGNATURE-----

More information about the cypherpunks mailing list