Pedophiles connecting to a concealed child pornography site got
an unwelcome surprise last week, courtesy of the hacktivist group Anonymous.has been taken down by Anonymous members, and account details
of 1,589 users from the site’s database were posted as evidence.
The takedown is part of Anonymous’ Operation Darknet,
an anti-child-pornography effort aimed at thwarting child pornographers
operating on on the Tor network.
Anonymous’ attack was focused on a hosting service called Freedom Hosting,
which the group claims was the largest host of child pornography on
Tor’s anonymized network. “By taking down Freedom Hosting,
we are eliminating 40+ child pornography websites,” Anonymous
claimed in its statement.
“Among these is Lolita City, one of the largest child pornography websites
to date, containing more than 100GB of child pornography.”
an anti-child-pornography effort aimed at thwarting child pornographers
operating on on the Tor network.
Anonymous’ attack was focused on a hosting service called Freedom Hosting,
which the group claims was the largest host of child pornography on
Tor’s anonymized network. “By taking down Freedom Hosting,
we are eliminating 40+ child pornography websites,” Anonymous
claimed in its statement.
“Among these is Lolita City, one of the largest child pornography websites
to date, containing more than 100GB of child pornography.”
Based on a secure networking technology originally developed by the US Navy,
Tor routes traffic through a collection of volunteer servers scattered across
the Internet, making monitoring of what is being viewed or where
communications are coming from difficult.
The Tor network also hosts a private “dark” top-level domain, .
onion (which is not an official TLD), via its Hidden Service Protocol;
these sites are visible only to Tor users or those using a Tor gateway
such as tor2web.org.
Tor routes traffic through a collection of volunteer servers scattered across
the Internet, making monitoring of what is being viewed or where
communications are coming from difficult.
The Tor network also hosts a private “dark” top-level domain, .
onion (which is not an official TLD), via its Hidden Service Protocol;
these sites are visible only to Tor users or those using a Tor gateway
such as tor2web.org.
Because of its anonymity, Tor is widely used by individuals and groups
seeking to communicate without being surveilled by authorities, employers,
or eavesdroppers watching packets on public WiFi networks,
as well as those wishing to visit websites anonymously without having
their IP address recorded. According to the Tor Project’s own metrics,
the service has recently been averaging over 400,000 users per day.
seeking to communicate without being surveilled by authorities, employers,
or eavesdroppers watching packets on public WiFi networks,
as well as those wishing to visit websites anonymously without having
their IP address recorded. According to the Tor Project’s own metrics,
the service has recently been averaging over 400,000 users per day.
The Tor network was heavily used in Egypt earlier this year by dissidents
to get around the Mubarak regime’s Internet shut-down, and is used
by bloggers in Syria to communicate with the outside world.
The network is also used by some
who want to publish other sorts of material and conceal themselves from
prying eyes, including pirated movie and software torrent publishers
(which has made some Tor server providers the target of
DMCA takedown notices). It's also attracted child pornographers and
the pedophiles who are their customers.
to get around the Mubarak regime’s Internet shut-down, and is used
by bloggers in Syria to communicate with the outside world.
The network is also used by some
who want to publish other sorts of material and conceal themselves from
prying eyes, including pirated movie and software torrent publishers
(which has made some Tor server providers the target of
DMCA takedown notices). It's also attracted child pornographers and
the pedophiles who are their customers.
However, as revealed last December, the anonymity offered
by Tor isn’t foolproof. While the IP addresses of sites on the Tor network
are concealed, they have a digital fingerprint that can be used to identify
services hosted from a single location, and track visits to that site.
And while it blocks some services that are typically used for denial
of service attacks and other hacks within the Tor networks,
such as UDP, .onion sites remain just as vulnerable to hacking as sites
on the open Internet.
by Tor isn’t foolproof. While the IP addresses of sites on the Tor network
are concealed, they have a digital fingerprint that can be used to identify
services hosted from a single location, and track visits to that site.
And while it blocks some services that are typically used for denial
of service attacks and other hacks within the Tor networks,
such as UDP, .onion sites remain just as vulnerable to hacking as sites
on the open Internet.
The Anonymous operation against Lolita City began on October 14,
when members discovered links to child pornography on a .onion site
called The Hidden Wiki. According to the group’s statement,
Anonymous members removed the links, but they were reposted
by a site administrator.
Anonymous then moved to shut down the site with a denial of service attack.
Additionally, the hackers matched the digital fingerprints of links on the
site to Freedom Hosting. After sending a message demanding that the
hosting service remove the content, Anonymous’ hackers were able
to exploit the PHP site with a SQL injection attack and extract the user
database before launching a denial of service attack.
“The server was using hardened PHP with escaping,” Anonymous said
in its statement. “We were able to bypass it with with UTF-16 ASCII encoding.”
arstechnica.comwhen members discovered links to child pornography on a .onion site
called The Hidden Wiki. According to the group’s statement,
Anonymous members removed the links, but they were reposted
by a site administrator.
Anonymous then moved to shut down the site with a denial of service attack.
Additionally, the hackers matched the digital fingerprints of links on the
site to Freedom Hosting. After sending a message demanding that the
hosting service remove the content, Anonymous’ hackers were able
to exploit the PHP site with a SQL injection attack and extract the user
database before launching a denial of service attack.
“The server was using hardened PHP with escaping,” Anonymous said
in its statement. “We were able to bypass it with with UTF-16 ASCII encoding.”
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου