In case it isn't obvious to everyone, the government runs or has tapped most or all TOR exit nodes. This has been going on forever.
Nobody knows exactly what the attack is...but if they're willing to drop cases to cover it up, its probably something that either:
1) completely breaks TOR permanently
2) is easy to bypass/block
Since TOR has withstood a lot of scrutiny I'm betting on option #2. They found a total break but it's really brittle. Either an exploit in software, or more likely, some protocol hiccup that allows them to de-anonymize users running certain popular software or OS.
I was under the impression from reporting on the sting that Playpen was an onion site, not a clearnet site. If that's the case, traffic wouldn't be going through an exit node to get there, right?
Do you have any evidence for the claim that TOR is so badly compromised? My understanding of the article is not that TOR was hacked, but rather that a tor user was tricked into opening a non-tor site and thus giving away his/her IP address.
Also if just the exit node is compromised, encrypted connections are still safe (TTBOMK).
Not the FBI per se, but it shows that someone is clearly attempting to compromise TOR users.
Also there's been whispers about it forever. Much like the "black rooms" at datacentres before all the NSA leaks.
The FBI has a long history of tracking down and compromising CC theft and CP rings, along with silk road and the hoards of clones. Most of these sites are primarily or only accessible over TOR.
Running compromised TOR nodes would be an extremely cheap way to monitor a large portion of illicit Internet traffic. The frequent busts are usually attributed to other reasons to shift attention away from TOR, but this is classic parallel construction.
The feds will nearly always get you on secondary evidence when the primary means is too sensitive... See stingrays. The sheer number of TOR based site busts however is telling.
Anyone relying on TOR for security is a fool. It's more heavily monitored than the regular net.
While a compromised exit node is bad, isn't the situation improved if your TOR session is encrypted? With an encrypted session over tor, and a trusted endpoint, what is your risk profile beyond your exposure to the endpoint?
I believe that Tor Project ought to encourage bulk data transfer through and among onion services. That would add chaff to protect other users. There's resistance because it would increase network load. However, there's considerable excess capacity for middle relays, because they attract so little attention. There's even excess capacity for entry guards, and policy could be changed to increase that. It's exit relays that are rate-limiting, and onion sites don't use them.
Using multiple Tor instances with MPTCP, I've managed 50 Mbps between onion sites with gigabit uplinks.
Here's how it could have worked. User logs into Playpen onion site, which the FBI is running (and still serving child porn, I note). Then malware gets downloaded. Maybe it was a classic dropper, or maybe part of an image file or whatever. OK, so Tor browser doesn't affect Internet connectivity for other apps. So the FBI malware just phones home, pwning the user.
Nobody knows exactly what the attack is...but if they're willing to drop cases to cover it up, its probably something that either: 1) completely breaks TOR permanently 2) is easy to bypass/block
Since TOR has withstood a lot of scrutiny I'm betting on option #2. They found a total break but it's really brittle. Either an exploit in software, or more likely, some protocol hiccup that allows them to de-anonymize users running certain popular software or OS.