The FBI’s largest ever blow to child porn and the Deep Web, and its possible ripple effects

• By Graham Templeton on August 5, 2013
• http://www.extremetech.com/extreme/163067-the-fbis-largest-ever-blow-to-child-porn-and-the-deep-web-and-its-possible-ripple-effects/2

inShare

Probably the most successful illegal onion site is the Silk Road, a sort of anonymous Ebay for illegal materials. Though it once even allowed the sale of firearms, the Silk Road is primarily a seller of substances — at present, the most popular single substance is LSD, which is offered by hundreds of sellers around the world. Buyers pay with the anonymous BitCoin crypto-currency and access the storefront exclusively though the Tor Browser and its network of onion-routing computers. The site has spent years thumbing its nose at US national security.
As with all onion sites, the servers are hosted anonymously, the users access it through the onion protocol, and any money involved is functionally laundered the instant BitCoins change digital hands. Every day, hundreds of packages full of illicit drugs are sent through national and international postal systems and there doesn’t seem to be anything governments can do to stop it. This gubernatorial helplessness may excite the web’s many and enthusiastic libertarians, but such power is often put to far more nefarious purposes. As noted, there are a smattering of (questionably legitimate) hitmen on the Tor Network, but by far the biggest problem is the Deep Web’s enormous databases of illegal pornography.

A screen capture showing the Silk Road onion site.

Virtually all child pornography and otherwise illegal images and videos are distributed on the Deep Web. The powerful anonymity offered by the Tor Network empowers the consumers of this content such that they are shockingly open about their activities: Tor-protected chat rooms have names like PedoBoard and Lolita Network, and database sites voluntarily flag themselves with warnings of “pedo content” or “loli porn.”
When reporters refer to child porn rings that operate online, they are speaking about these places. Government intervention and corporate self-regulation have driven child pornography (as distinct from the worrying trend of underage selfies) off the conventional internet and onto the Deep Web. Like the Silk Road, they operate with utter impunity and flaunt their actions with little worry of legal retribution. The hacktivist group Anonymous has maintained a campaign of electronic attacks on these sites under the name Operation Darknet, but all this can achieve is the occasional and very temporary shutdown.

Anonymous has long been waging war on the Deep Web’s child porn rings, but with limited success.

However, onion sites must be hosted just the same as those on the regular old World Wide Web. Though there have been several propositions to develop distributed hosting, a cloud based solution that would use BitTorrent-like code to eliminate the need for any single, centralized server, that has yet to materialize. So, those who ran onion sites were forced to seek out a hosting service which would both accept payment in anonymous currency and willfully turn a blind eye to their activities. Up until this week, the largest such service was Freedom Hosting.
The alleged founder and operator of Freedom Hosting is one Eric Eoin Marques, who was arrested in Ireland this week and is awaiting extradition to the United States. Marques also owns the company Host Ultra Unlimited — and if you’re really interested, check out his forum profile on the website WebHostingTalk.com. Tor itself has already released a statement clarifying the nature of its service and its (lack of) relationship with Marques or Freedom Hosting.
The FBI has described Marques as the “largest facilitator of child porn on the planet,” which (if he is guilty) is certainly true — the word “facilitator” is key, though. Marques will doubtless defend himself on the basis that all he did was offer anonymous, no-questions-asked web hosting. The defense will state that it was not his responsibility to filter the content that was hosted, nor was he obligated to be concerned about reaping the financial benefits of being the go-to host for the creators and distributors of illegal pornography.
That argument is, of course, unlikely to get him very far with either the courts or the public. In all likelihood, Marques will be spending the next several decades of his life in an American federal correctional facility, and could very plausibly remain there until he dies.
Next page: The FBI used hacker tactics to trap peddlers of child porn

The secondary story here, and potentially the one which will be paying dividends for years to come, is what happened directly after the raid. Before the arrest had even been announced, observant users began noticing some odd new code running on certain sites — in particular, sites that were hosted by Freedom Hosting. The code seems to exploit a loophole in JavaScript to do… something. At present nobody is quite sure what the exploit is designed to achieve, nor has the FBI confessed to being its source, but its appearance in conjunction with the raid cannot be a coincidence. The FBI has a track record of using viruses to fight online crime, and the assumption at present is that the JavaScript code is intended to at least try to identify Freedom Hosting’s customers, or even the users of its hosted content.

The “Hidden Wiki” is the main index of the Deep Web. It hosts links to child porn sites — but most of those links are dead, now.

Remember that since even payment is anonymous, mostly via Bitcoin, seizing the servers won’t reveal any direct information about those who have purchased its services. Though the Tor Network should theoretically make it impossible for the exploit to provide specific information about users, the assumed virus is still creating widespread panic — and that might even be the point. According to one Reddit user, the following message was recently posted on the chat room 4pedo:

UNKNOWN JAVASCRIPT IN THE BOARD PAGES POINTING TO IFRAME TO A VERIZON SERVER ON THE OPEN WEB!!!!!!! THEY ARE INSERTED BY FH [Freedom Hosting]! I WOULD CONSIDER FH COMPROMISED!!!! THEY ARE ALSO IN TLZ AND OTHER SITES PAGES!! STAY AWAY FROM ALL FH HOSTED SITES, including TLZ [The Love Zone], LC [Lolita City], TORMAIL, ALL OF THESE ARE HOSTED ON FH!!!!!!!!!!!!!! ALL BOARDS HAVE BEEN DELETED TO PROTECT YOU!! IF THE BOARDS COME BACK UP, IT IS NOT ME RUNNING THE SITE ANYMORE, ALL ADMIN/MOD ACCOUNTS HAVE BEEN DELETED!!

One thing to remember in all of this is that child porn is not the only use for the Tor Network, nor for the Deep Web. Some people have expressed fears about what this event might mean for the legitimate users of the anonymity service, such as government whistleblowers or journalists working to maintain the privacy of sources. The most worrying aspect from this perspective is that the anonymous communications service Tor Mail seems to have been compromised, which truly is relied upon by non-criminal users of all stripes.
And, in case you were wondering: the Silk Road does not seem to have been hosted on Freedom Network, and appears unaffected by this whole event.
Whatever your views on government oversight or the right of citizens to privacy, one thing cannot be denied: this week the FBI made the world a vastly better place. They have struck a significant blow to the world’s purveyors of child porn, and made a truly powerful example of one of its greatest alleged facilitators. Though the pedophile “community” is notoriously committed and will doubtless rebuild, their networks have been largely destroyed in the short term. If the FBI’s presumed Trojan returns private information about those who use these sites, we may be about to see an unprecedented rash of arrests. At the very least, their sense of invincibility has been irreparably damaged.
The only possible way to spoil this achievement would be if it turned out that, however far down the line, some information gleaned in this operation was used improperly. Whether a journalist’s source is persecuted or an activist outed to a foreign government, such a revelation would turn arguably the greatest ever win against cyber-crime into just another anecdote driving moral citizens into the arms of anonymity.
Now read: XKeyscore: The NSA program that collects ‘nearly everything’ that you do on the internet