Looks like the US authorities used students to hack into Tor
It appears that the US authorities are willing to do just about anything as long as it fulfills their objective. Only recently, was it found out that the US Courts have confirmed that the Department of Defence is not immune to employing students, and use them to find a way to crack into the private browser Tor. One reason why the authorities resorted to using adolescents was because hardly any prying eyes would look at children such as these.
According to a report published on The Guardian, it stated that the courts recently released court papers that show a clear trail between the government and the research that was taking place. On more than one occasion, the students were successful in their attempts, showing that they were more than your average student enrolled in a university. One adolescent even managed to stumble onto the infamous Silk Road swap shop.
It was only a matter of time before Tor was aware what the tag team of authorities and students were up to and made an immediate effort to hide the identities of Tor users. It stated the following in a blog post:
“The Tor Project has learned more about last year’s attack by Carnegie Mellon researchers on the hidden service subsystem. Apparently, these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes.”
Carnegie Mellon, the private research university located in Pittsburgh and apparently being funded by the Department of Defence was believed to hold students that were connected to the authorities, but it looks like this report turned out to be false. Given below is a statement towards what activities the university engages in:
“Carnegie Mellon includes the Software Engineering Institute, which is a federally funded research and development centre established specifically to focus on software-related security and engineering issues. One of the missions of the Institute’s CERT division is to research and identify vulnerabilities in software and computing networks so that they may be corrected. In the course of its work, the university from time to time is served with subpoenas requesting information about research it has performed. The university abides by the rule of law, complies with lawfully issued subpoenas and receives no funding for its compliance.”
However, according to Tor, this is not the first time where enrolled students decided to hack the private browser. The Software Engineering Institute at Carnegie Mellon compromised the network in early 2014 by operating relays and tampering with user traffic. Tor summarizes what transpired in the following statement:
“That vulnerability, like all other vulnerabilities, was patched as soon as we learned about it. The Tor network remains the best way for users to protect their privacy and security when communicating online.”
Looks like we have yet to reach the end of this investigation, but looking at past events, it appears that US authorities are definitely able to resort to extreme measures to achieve their goals.