If you’ve been following this blog for any length of time you know that I’m a huge fan of location hidden services. While a huge chunk of the security community was busy at Defcon the feds made their move against the largest hidden service provider, Freedom Hosting. Most media outlets have simply indicated that the Federal Bureau of Investigations (FBI) made a major strike against the world’s “largest child pornography dealer”:
US authorities are seeking the extradition of a 28-year-old Irishman described in the High Court by an FBI special agent as “the largest facilitator of child porn on the planet.”
Eric Eoin Marques appeared before Mr Justice Paul Gilligan on foot of an extradition request by the FBI, which alleges he is involved in the distribution of online child pornography.
The High Court yesterday put Mr Marques back in custody until next Thursday.
Attackers exploited a recently patched vulnerability in the Firefox browser to uncloak users of the Tor anonymity service, and the attack code is now publicly circulating online. While the exploit was most likely designed to identify people alleged to have frequented a child porn forum recently targeted by the FBI, anonymity advocates say the code could be used against almost any Tor user.
From a technical standpoint this is an intriguing case. The FBI are beginning to adapt to hidden services. It has found a weak point, known providers of location hidden service hosting, and is using exploits to an attempt to locate anonymous users. It will be interesting to see what comes of this case.