Hacker News new | past | comments | ask | show | jobs | submit login

It's on a CP site (giftbox). The exploit got loaded on the confirmation page after logging in.

Eh, with that being the case, I don't personally have too much sympathy.

+1 to FBI on this being pretty well targeted; you had to have had a successful login for them to be attempting this in the first place. It's about as precise as they can get; you're only going after users that are active members of the service. They are at least being reasonable in who they are targeting. I can't really think of how they can be more targeted in attempting to deanonymize people in the network.

I don't like this whole NIT garbage because I'm afraid this will lead to fishing expeditions, where you just root everyone on an .onion that happens to visit it, and then clean up with a multitude of search warrants later and hope you get something. I also don't believe it's the FBI's (or America's) job to play world police.

-1 to the FBI, at least: they were (once again) actively serving CP on a compromised server again, which seems like something you shouldn't be doing as an LEA fighting the distribution of the content. Illegal actions shouldn't be taken to fight crime. Distributing the thing you are fighting is the definition of the abyss having gazed into you.

> Illegal actions shouldn't be taken to fight crime.

I disagree with that and I am on favor of illegal actions against criminal actions.

I just think that this is not FBI's role. Illegal organizations should assume the illegal work. If FBI commits crimes to fight crimes, then to me they're as criminal as the folks they're hunting, and therefore I would treat them the same way I treat the "regular" criminal people.

Hey! Motherboard reporter here. Can you provide some evidence of this? You can contact me (anonymously) via OTR lorenzofb@jabber.ccc.de or ricochet:p5mbxsckf3qbmobc Also via email (PGP: https://keybase.io/lorenzofb/key.asc)

I found the following note in a pastebin-similar website on TOR (Deep Paste): http://pastebin.com/iNRasUFT

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact