
An Anonymous group has taken down a major dark web hosting service - Spydar007
http://www.theverge.com/2017/2/3/14497992/freedom-hosting-ii-hacked-anonymous-dark-web-tor
======
godmodus
Fills me with 1990 nostalgia of IRC being ddosed and no one being able to
trade ccs or dcc them 0daywarez. Ah the sweet chaos and drama.

Fun times, glad to see people are still having fun :0)

The part about childporn though... That's pretty abhorrent. Nearly half. I
just don't understand child porn. Why? I wonder if there are child porn
"Hunters" that go after these scum. (by Hunters I mean White hats)

~~~
microcolonel
Because of the specific way that child porn is, you are basically admitting to
breaking the law by reporting it. If you want to go after child abusers then
you have to do it anonymously. And of course, in the U.S. you can't even use
synthetic images to lure child abusers, because they can _count_ as child porn
in some cases.

The system discourages everyone from the public to law enforcement from doing
anything productive about child sexual abuse.

~~~
ZoFreX
> The system discourages everyone from the public to law enforcement from
> doing anything productive about child sexual abuse.

It does? Last I heard, law enforcement shut down this stuff regularly, and
even have teams dedicated to it.

~~~
microcolonel
Law enforcement agencies often seem to rely on tools developed by private
businesses to investigate certain types of crime. Developing useful niche
tools for this task is not legally viable (unless, I suspect, if ordered by a
court), so I wonder if LEAs are getting the tools they need.

~~~
DanBC
Could you give some examples?

One thing that forensic teams need is to identify locations. Things that help
are databases of coca cola (etc) labels, and computer vision recognition of
those product labels. (Or carpet patterns).

This works by programmers making a general purpose tool, and then law
enforcement approach them with censored images to train the software.

------
falcolas
So, using their numbers, over 5,000 legitimate tor sites are being held
hostage. That's not justice (vigilante or otherwise), that's just greed.

~~~
dogma1138
Not hosting child pornography doesn't mean legitimate :)

~~~
throwaway2016a
It doesn't mean illegitimate either.

For example, sites to reach people in places where there is state sponsored
censorship. Sure it's not legitimate as far as the country do the censorship
is concerned but people/governments outside that country it may be considered
defensible.

Security researchers (white hat and pen testers) often have onion sites to
provide some street cred.

If you want to blog but want to stay anonymous for personal reasons.

Although with several of those I see no reason not to use a legitimate web
host or VPS providers.

~~~
dogma1138
No but you can bet your money on that at least half of those sites are trading
sites of one sort or another trading in illegal goods and services.

As for blogs out of 150 researchers/security professionals I know including
myself no one is running an onion site for street cred if it's not anonymized
there is no point having an onion address is not the same as running a hidden
service.

~~~
throwaway2016a
> As for blogs out of 150 researchers/security professionals I know including
> myself no one is running an onion site for street cred if it's not
> anonymized there is no point having an onion address is not the same as
> running a hidden service.

I may know one or two but yeah, it's a stretch. I was trying too hard to think
of examples.

~~~
dogma1138
There aren't many "legitimate" sites that operate as pure hidden service out
there, out of all the studies I've been involved in I can't actually remember
any of note.

With most hidden services mapping projects you'll see 50-60% being pure CP and
the rest are various forums and trading sites that are about as far from being
legitimate as possible while not hosting CP. Buying drugs, zero-days, guns and
w/e isn't a legitimate site, neither is any of the "hacking" boards that
require you to submit a good data dump and a few defacements before being
allowed in.

Same goes for exit nodes, I've been running traffic analysis on 2 nodes I have
access too for the past 3 years, the vast majority of it isn't really
legitimate. People don't access their bank account, facebook, or their email,
from my own personal research the vast majority of the traffic an exit node
operator is going to see is going to be from automated tools primarily web
vulnerability scanners, nearly half the traffic I see comes from SQLmap, Vega
and pirated versions of Acunetix also make a large part of the bulk traffic.

Even traffic which is end to end encrypted I can more or less estimate that it
is some sort of a vulnerability scan or an exploit, while I can't peek into
SSL nor do I wish to attempt at time based demasking attacks against the TOR
network when I have like 100-1000 sites being accessed randomly within a short
time window on my exit node I can pretty much guarantee you that some one is
running some sort of a vulnerability scan or an exploit.

I know that we would like to think that TOR is being used primarily for good
but it doesn't, it doesn't mean that we should ban it for that anymore that we
should ban email because 90% of email traffic is spam. But we do need to admit
that the percentage of legitimate traffic going over TOR and the percentage of
legitimate hidden services at this time is more or less a rounding error.

------
MikeTLive
reading these comments has me convinced that more than one commenter is a
consumer of child porn.

~~~
ue_
Refusing to defend what one regards as an odious law is not the same as
consuming the material yourself. I am also against such laws, yet I do not
consume the content myself.

Please do not misrepresent or mischaracterise people in order to dismiss their
point, it is used to silence debate (such as by calling people 'perverts'
because the watch porn to discredit them). If you have an argument, post it -
but please do not silence debate. I'm sorry if it wasn't your intention to do
this, but it's a recurring theme to call people certain words or names in
order to silence them nowadays.

------
mkj
If a sufficient number of tor nodes decide that a particular onion site is
undesirable, could it become filtered and basically unreachable?

~~~
jlgaddis
I hope not. One of the use cases for Tor is _bypassing_ exactly that type of
censorship.

~~~
ZoFreX
It is not "censorship" if people decide they don't want to give you free
bandwidth.

~~~
ycmbntrthrwaway
What we are talking about is a "sufficient number of tor nodes" blocking
access to a service for everyone. If a majority can block some content by
vote, it is a censorship.

