Hacking it FBI; Security experts call this a “drive-by download”: a hacker gains access to a high-traffic website and then diverts visitors to deliver malware. It is one of the most powerful tools in their arsenal Black Hat, capable of driving thousands of new victims to hackers within minutes.
But as it seems the technique has been adopted by a different kind of hacker, one kind after another signal. For the past two years, the FBI has been quietly experimenting with drive-by hacks as a solution to its serious problems Internet: πώς να εντοπίζει και να διώκει users of banned websites hidden behind the powerful (?) Tor anonymity system.
This approach has paid off, with several users of child pornography sites hidden behind Tor being taken to court. But there is a controversy, because the Ministry of Justice "forgets" to describe the hacking technique to judges, and hides its use by the accused. Critics worry that similar techniques weaken security, and human rights defenders and activists say there is a chance that someone innocent could be infected with government malware just because they visited the wrong website. "We need to hear from Congress about this," said ACLU technologist Chris Soghoian, an expert on the use of hacking tools by law enforcement. "If Congress decides that the technique is perfectly appropriate, that's fine. But let's talk about it first. "
Malware malware by the FBI is not new, he says Wired. The service calls the NIT method, from the "network investigative technique," or "investigative technique network," and has been using it since at least 2002, in cases of child pornography, blackmail, or who knows what else. Depending on the development, a NIT can be a full-featured backdoor program that gives the government access to your files, location, webcam browsing history, your computer name and your address.
But let's recall what Tor is and see his relationship with the FBI.
Tor is a free, open source program that lets you surf the web anonymously. This can happen by accepting public Internet connections that use traffic encryption. So if you connect to the internet with Tor, you will bounce through a spiral of computers before pushing you back into the internet through any of the more than 1.100 "output nodes" it uses.
The system also supports so-called hidden services with special websites, with .onion addresses. Access to these is only through the Tor network, and they are usually hidden services used by people who want to avoid surveillance. Some users of these services have legitimate and noble purposes - including human rights groups and journalists. Of course there are also hidden services for illegal activities, see Dark Net: for drugs, child pornography, murderers for rent, and more
Law enforcement and intelligence services have a love and hate relationship with Tor. They can use it themselves, but when others do, they hunt them. Last month, the Russian government offered 111.000 dollars to anyone who could break Tor.
