04
Aug 13

Firefox Zero-Day Used in Child Porn Hunt?

A claimed zero-day vulnerability in Firefox 17 has some users of the latest Mozilla Firefox browser (Firefox 22) shrugging their shoulders. Indeed, for now it appears that this flaw is not a concern for regular, up-to-date Firefox end users. But several experts say the vulnerability was instead exposed and used in tandem with a recent U.S. law enforcement effort to discover the true Internet addresses of people believed to be browsing child porn sites via the Tor Browser — an online anonymity tool powered by Firefox 17.

Freedom Hosting's Wiki page on the Tor network's HiddenWiki page.

Freedom Hosting’s entry on the Tor network’s The Hidden Wiki page.

Tor software protects users by bouncing their communications across a distributed network of relays run by volunteers all around the world. As the Tor homepage notes, it prevents anyone who might be watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets users access sites that are blocked by Internet censors.

The Tor Browser bundle also is the easiest way to find Web sites that do not want to be easily taken down, such as the Silk Road (a.k.a. the “eBay of hard drugs“) and sites peddling child pornography.

On Saturday, Aug. 3, 2013, Independent.ie, an Irish news outlet, reported that U.S. authorities were seeking the extradition of Eric Eoin Marques, a 28-year-old with Irish and American citizenship reportedly dubbed by the FBI as “the largest facilitator of child porn on the planet.” According to the Independent, Marques was arrested on a Maryland warrant that includes charges of distributing and promoting child porn online.

The Tor Project’s blog now carries a post noting that at approximately midnight on August 4th “a large number of hidden service addresses disappeared from the Tor Network, sites that appear to have been tied to an organization called Freedom Hosting — a hosting service run on the Tor Network allegedly by Marques.

torHidden services can be used to run a variety of Web services that are not directly reachable from a normal Internet connection — from FTP and IRC servers to Web sites. As such, the Tor Network is a robust tool for journalists, whistleblowers, dissidents and others looking to publish information in a way that is not easily traced back to them.

“There are rumors that a hosting company for hidden services is suddenly offline and/or has been breached and infected with a javascript exploit,” writes “phobos,” a Tor Project blogger. Phobos notes that the person, or persons, who run Freedom Hosting are in no way affiliated or connected to The Tor Project, Inc., the organization coordinating the development of the Tor software and research, and continues:

“The current news indicates that someone has exploited the software behind Freedom Hosting. From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the web pages delivered to users. This exploit is used to load a malware payload to infect user’s computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We’re investigating these bugs and will fix them if we can.”

Even if the claimed vulnerability is limited to Firefox version 17, such a flaw would impact far more than just Tor bundle users. Mozilla says it has been notified of a potential security vulnerability in Firefox 17, which is currently the extended support release (ESR) version of Firefox. Last year, Mozilla began offering an annual ESR of Firefox for enterprises and others who didn’t want to have to keep up with the browser’s new rapid release cycle.

“We are actively investigating this information and we will provide additional information when it becomes available,” Michael Coates, director of security assurance at Mozilla, wrote in a brief blog post this evening.

Ofir David, head of intelligence for Israeli cybersecurity firm Cyberhat, said he believes the now-public exploit code is indeed related to Marques’ arrest.  David said someone appears to have gained access to Freedom Hosting and injected malicious HTML code that checks the visitor’s browser to see if he is using Firefox 17. If so, the code silently redirects that visitor’s browser to another site which generates a unique identifier called a ‘UUID.'”

firefoxiconDavid said that although the exploit can be used to download and run malicious code on the visitor’s computer, whoever infiltrated Freedom Hosting appear to have only used the exploit to gather the true Internet addresses of people visiting the child porn sites hosted there.

“Ironically, all [the malicious code] does is perform a GET request to a new domain, which is hosted outside of the Tor network, while transferring the same UUID,” David said. “That way, whoever is running this exploit can match any Tor user to his true Internet address, and therefore track down the Tor user.”

For more on this developing story, check out this Reddit thread. Also, Mozilla has an open Bugzilla entry analyzing the exploit code.

Update, Aug. 5, 1:45 a.m. ET: Reverse engineer Vlad Tsrklevich has posted a brief analysis of what the exploit does. His conclusion (which seems sound):  “Because this payload does not download or execute any secondary backdoor or commands it’s very likely that this is being operated by an [law enforcement agency] and not by blackhats.”

Also, here’s a bit more from Mozilla’s security lead Dan Veditz on the vulnerability:

“The vulnerability being exploited by this attack was fixed in Firefox 22 and Firefox ESR 17.0.7. The vulnerability used is MFSA 2013-53

People who are on the latest supported versions of Firefox are not at risk.

Although the vulnerability affects users of Firefox 21 and below the exploit targets only ESR-17 users. Since this attack was found on Tor hidden services presumably that is because the Tor Browser Bundle (TBB) is based on Firefox ESR-17. Users running the most recent TBB have all the fixes that were applied to Firefox ESR 17.0.7 and were also not at risk from this attack.”

Update, Aug. 5, 4:08 p.m., ET: Kevin Poulsen from Wired.com notes that, according to a domaintools.com lookup, the IP address used by the malicious script’s controllers found by Tsrklevich resolves to a Verizon address space that is managed by Science Applications International Corp. (SAIC), an American defense contractor headquartered in Tysons Corner, Va.

Tags: , , , , , , ,

218 comments

  1. dont run after sensations please

  2. The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

    Sounds to me like some law enforcement body or some clandestine government agency planted the malicious HTML code to find out who was downloading the child porn. Now that we know about the N.S.A. surveillance , anything could be possible.

  3. I use Tor Browser whenever I posted something critical about our third-world government. If this is exploited by our banana republic, I would be hesitant to post comments online.

    • I’m surprised the police are doing this. Sounds like something vigilante malicious hackers and the hacktivist group anonymous would do….oh wait I’m wrong. They would never go after their fellow hackers.

    • I use facebook, where do you live? Hong Kong? hahaha a little snowden humor.

    • I use facebook, where do you live? Hong Kong? a little snowden humor….lol

    • The US hasn’t shown much interest in sharing dissident information with non-UK/AUS/NZ partner governments, unless the group uses violence or drugs (like the FARC.)

      So far. It’s still a matter of trusting them

      They will, however, keep this information that certain browsers and IP addresses were caught in this net forever. Even if they didn’t specifically identify you in this dragnet, any relationship between pre-attack-you and post-attack-you could tie the two together.

      • I’ve actually been thinking about your comment a bit since last night, and while we’ve all been focusing on the the ‘intelligence negatives’ (which is to say, identifying those that the government wishes to either prosecute or persecute, depending), so to speak, it may also be wise to be conscious of the possible ‘intelligence positives’ in the potential future. Here is my thinking:

        Since Western governments, particularly the US, tend to have a hand in fomenting discontent and recruiting when they are displeased with a country’s government and/or primary businesses, they will often attempt to recruit locals. It strikes me that something like Tor, which is used as a ‘safe mechanism’ for speaking out in harsher regimes would be a potential goldmine for a country with such an interest; this plus a local ‘in’ at a telecommunications provider and you could easily handpick the ‘safest possible’ people to approach for recruitment.

  4. Privacy and Freedom, right? But is Freedom the right to commit crimes and Privacy nothing more than a shield for committing crimes? The RBN probably would say yes.

    Does a locked door not mean, “Please respect my privacy and stay out of my house?” Or does it mean, “If you can break the lock on my house, you can take anything you want?” And if the later is true, then why doesn’t it apply to porn peddlers, the RBN, and so on? I see above complaints about the NSA spying on you, but what is the NSA other than the extension of my rights to Freedom and Privacy? I don’t want crooks breaking into my computer, or porn peddlers exploiting children, or the RBN stealing my identity.

    I think we are heading for a new world, where criminals no longer have a lock on what they used to commit crimes. I note that Vrublevsky is going to jail, and if it was because of bribery instead of justice, maybe that’s the new paradigm. US banks lost $100 million every day. Suppose they put a $25 million bounty on your head … how many of your friends wouldn’t nark on you for $25 million free and clear?

    Maybe it’s time for the hackers to retire on what they’ve stolen so far. Might be better than the alternative. The rest of us are tired of being ducks in your shooting gallery, and we are going to find someone to shoot back, if we can’t do it ourselves.

  5. jefferysinclair

    This would have never been a problem if the fuckers at reddit wouldn’t spread shit like wild fire. This used to be a good way for people in third world countries to stay anon but reddit just kept saying protect your privacy blah blah blah use tor and then everyone from reddit started posting cp everywhere. if you’re going to blame anyone, blame reddit.

    • it’s funny to see few of those creeps slip up even in that reddit thread
      “uh guys do i really need to wipe my totally legit family picture collection till this blows over?”

  6. Anyone dealing with child pornography should be chased down and prosecuted to the fullest extent of the law.

    • I wish you luck on your next malware infection, which will store child porn and other illegal contraband on your system.

      • Writing fiction, are we?

        • No, that’s a very real threat used in Ransomware.
          https://hitmanpro.wordpress.com/2013/03/28/hitmanpro-removes-child-pornography/

          Someone infected by such malware would be shown real images, and then if they only managed to remove the Ransomware WITHOUT deleting the images (such as from running a sloppy AV scan) then imagine the horror when someone were to stumble across the leftover images, such as at a PC repair shop or family member. Your reputation would be destroyed even if they MUCH later determine it was from malware.

          The same risk also happens from people with open routers and having their IP addresses logged:
          http://arstechnica.com/tech-policy/2012/06/swat-team-throws-flashbangs-raids-wrong-home-due-to-open-wifi-network/

          • “No, that’s a very real threat used in Ransomware.”

            I am not the hillbilly SeymourB is. If I ever saw ransomware on one of my systems, I would be really annoyed that I let it be downloaded. And I would wipe the disk and reinstall the OS to ensure that it was permanently removed, switching anti-virus vendors in the bargain.

            • Part of the problem with this thinking is you ignore the possibilities that (a) you would not notice it — and then (b) someone might try to ‘pull’ the sorts of things that Brian’s “less satisfied critics” might do, on a rather subtle basis. At this point you would at a minimum find your life greatly interrupted. Considering what I have seen on your blog, this is not a thing I would dismiss offhand. While I am completely for free speech, you have the potential to anger someone and that to me would speak of the need for extended caution about such possibilities. AVs don’t catch all malware. If you were targeted or your stub wasn’t detected, do you believe you’d be believed if you said ‘that is not mine’? At a minimum your life would be uprooted under current law in your country. So I would not dismiss this ‘out of hand’.

              • And note I am not even mentioning the specifics, such as exorbitant legal fees to defend yourself, social ramifications, likely future questioning even if you “got off” (“well, they said he didn’t, but do we really know *for sure*? We had better be careful with our children around him”), and (and here you’d really have to hope) public judgement prior to being cleared, if you were cleared and it made it into the news (or even if you weren’t — people remember charges; the government is far less likely to publicise “oh we made a mistake, this man is innocent”.

                This actually is one of my biggest complaints about this whole issue. When an accusation becomes a punishment in and of itself, it becomes extremely tempted to use such an accusation against any and all enemies.

        • Pretty incredible you claim to be knowledgeable but don’t think it’s possible to insert child porn into your systems. This is a very legitimate threat and one that makes the legal process of determining if one did or did not intentionally download child porn extremely difficult.

          • well anybody that serfs porn,,,, knows alot of pages pop up to bait or shock people that you did not want to view lmao.

            child porn cases scare me sometimes. I remember reading a story about a guy i think in costa rica? where they are known for killing you in prison for child sex offenses, was about to get 20 eyars. This guy got caught with pics of porn star Lupe Fuentes and was on trial, and the prosecutor was saying she could not be older then 12 years old…

            the porn star, who is in her 20s, actually flew to costa rica and walked in the court room with her birth certificate id and everything and saved the guys life….

        • Fiction?

          Holy crap son, you really need to stop reading blogs and start reading up on history. Not only has it happened, its happened a lot.

          People have even had charges vacated due to forensic evidence showing the porn was placed on their system via remote control. For which you can thank programmers who log every last action, legal or illegal, their remote control malware performed The victim’s life was completely ruined and they couldn’t find work afterwards, since the average American is as calm and logical as you’ve shown yourself to be here, but the fact remains that the safest place to store illegal porn is on someone else’s system.

          Isn’t it about time for you to tie your leg down so your knee doesn’t jerk like that?

          • Diane Trefethen

            @SeymourB

            “Isn’t it about time for you to tie your leg down so your knee doesn’t jerk like that?”
            ROFLMAO!! I’ve been looking for a better way to say that for years! KUDOs!

          • “Holy crap son, you really need to stop reading blogs and start reading up on history. Not only has it happened, its happened a lot.”

            First, one is not going to find such a story outside of a blog like Brian’s because of the highly technical nature of it. Yes, those details will be included in reading the actual case, e.g. State v. Pervert, but given your borderline-illiterate writing style, I will wager you have never set eyes on one of those.

            Second, someone who does not understand the difference between “its” and “it’s” — you, for example — should not be lecturing other people.

  7. jefferysinclair

    techvet is right get em fbi

  8. At this point I don’t even factor in any of the pedo stuff. I’m starting to be more disgusted with the tactics of the American government and law enforcement and I don’t trust them at all.

    I feel like it’s time to start being critical of what they’re doing rather then letting them buy our complacency in the name of “saving the children”.

    Does anyone else find it odd that this guy was busted after he began looking into getting a Russian visa? Curious isn’t it? Snowden leaks the information about the NSA spying on people around the world with absolutely no regard for anyone’s personal privacy. But of course we’re to believe this is only for foreign terrorists right!
    So this guy, who just happens to run Freedom Hosting, which basically does exactly what the name suggests. They allow anyone to host anything with no oversight, realizes that if the NSA were actually full of crap and just blanket surveilling everyone in the world regardless of what your doing then they could find him, or have been monitering him for god knows how long.
    So he figures he better look into getting a Russian visa. What a convenient time for the Americans to suddenly figure out who he is and have him arrested!

    These bastards are watching everyone. They don’t care about childporn. They care about power and control! If they can’t control the internet and internet users then they’ll destroy it for everyone.

    • isn’t this what some in anonymous do too? spy on pedos and try to get them arrested? how are they diff then the fbi?

      every country in the world does that man. General Alexander even confirmed that in his blackhat speech.

      imo malicious hackers have already ruined the internet for most people….

      • “isn’t this what some in anonymous do too? spy on pedos and try to get them arrested? how are they diff then the fbi?”

        Anonymous is on the other side of the class war from the FBI, for one thing.

        “every country in the world does that man. General Alexander even confirmed that in his blackhat speech.”

        When did ubiquity ever dictate propriety?

        • “Anonymous is on the other side of the class war from the FBI, for one thing.”

          I asked you to explain why! How are they diff from the FBI!? What gives them the right to spy on people and play God? Don’t they always go after TOR pedos? I wouldn’t be surprised if they were helping the FBI.

          “When did ubiquity ever dictate propriety?”

          Did you not understand what I said? Thats the problem, your not admitting that its a global effort, and its not just the USA. Its not even just them and their allies. There really is a sort of modern day cyber cold war going on and the USA is struggling to keep up.

    • “Does anyone else find it odd that this guy was busted after he began looking into getting a Russian visa? Curious isn’t it?”

      Off the top of my head, I can think of a few reasons why that might be true:
      – The FBI is overwhelmed with Islamists and perverts, so it took a while to find this criminal,
      – The case is more complicated than you imagine, so it took a while to convince a judge for a warrant, and/or
      – The FBI does not have enough computer experts for them to have made the case any quicker.

  9. I am ecstatic that child porn facilitators are off the net. I am less happy about the Feds exploiting a Zero day on a pretty popular browser to do so. The market for zero day is exploding due in large part b/c of government agencies and that makes us all less safer.

    With that said according to comment in blog Mozilla, it wasn’t exactly zero day

    https://blog.mozilla.org/security/2013/08/04/investigating-security-vulnerability-report/

    The specific vulnerability has been fixed back in June. Again stressing the importance of updating your software.

    • But child porn dealers are not “off the net”. They lost a few sites, and I assume they all kept backups for this very reason. All this attack did was give blackhats more exploits, and told child porn viewers that they should use more security and a more decentralized host next time, which they will. It’s like antibiotic resistance. If all you do is catch the low-hanging fruit, all that will be left will be the wiser, hardened, extremely tech-savvy people who will teach noob cp viewers how to remain anonymous.

      This was a terrible blow to freedom of speech, and even the fact that it may end in the arrest of several child porn viewers doesn’t mean it was worth it. The good that came is very temporary, if not completely bad in the long run.

  10. Diane Trefethen

    I am appalled at the prevalence of “The ends justify the means” shown here. It would seem that several feel that the US Constitution is just an ancient, useless piece of paper, only adhered to by suckers like those retards who fought the Revolutionary War.

    What you seem to be missing is if we quietly acquiesce to the government violating one provision in the Constitution against one group of people, no matter how despicable that group may be, we give them the right to violate ALL of it against any of us because we’ve agreed that there is no one with the power to stop them. Further, if the government can violate the Fourth Amendment to nail a child pornographer, they can do the same to nab a marijuana grower, or a person who speaks out against the US government or someone who makes idle threats against the President in the privacy of her/his home. To let the government break the supreme law of the land with NO consequences is to open a Pandora’s box of abuses against all of us. YOU may think it’s okay to do that to find one class of criminal but that is NOT what the Constitution says. That document protects all of us, including lowlifes.

    If you don’t like that, please either 1) re-write Constitutional Articles the way you want them and submit to a Constitutional Convention for ratification as new amendments or 2) move to a country that promulgates principles but only for the “right” sorts of people while denying the same to anyone the government deems of unacceptable character.

    • Who knows what the future holds, its still only 20 years old, but imo, you’d have a better argument if you stayed on your own LAN or had your own private network you owned for you and your friends communications and stayed off the public internet highway no? Maybe use encryption. Instead of sending letters in the mail with no envelopes? I don’t think most people consider the internet any more private then walking around outside in public and having conversations or putting posters up on telephone polls.

      and all that what if this and what if that is just fear mongering. The General was saying the same thing at Blackhat, have you ever even heard about on the news, or known or heard about anyone even affected by the patriot act? Or heard about the NSA disrupting someones life wrongfully? I haven’t. And I know some marijuana growers man and I don’t think their lives have changed much in 12 years. Only guy I’ve ever even seen on the news where they used the patriot act suspiciously, was against Eliot Spitzer.

      • The only thing bothering them nowadays is the rapid direction the country is going towards legalization for medicinal and recreational use. Which the growers always vote against.

    • John Gilmore wrote years ago that the internet ‘interprets censorship as damage and routes around it.’

      I posit that the feds interpret privacy as damage, and route around it.

      • Multinational corporations, banks, and insurance companies “interpret privacy as damage, and route around it” to a much greater degree than the federal government, yet the many “anarchists” here never seem to comment on that.

        A country where the government knows all, sees all, and prosecutes based on that would be similar to the Soviet Union or North Korea. A country where corporations know all, see all, and act based on that knowledge would be a mix of Nazi Germany, with its close ties to corporations, and feudal states with lords and serfs. I fail to see why one is worse than the other.

        • As I’ve been saying for a while now, it’s inverse totalitarianism.

          You’re making a HUGE mistake separating the corporations from the government. Either that or you have no knowledge of how people rule (and gain the ability to rule) in the USA (and a lot of other places). One hand washes the other. Do you think things would be as they are if either party had ‘put their foot down’? But neither party will because they serve one another. They do not serve you, and they most assuredly do not serve anybody outside of UKUSA.

          • voksalna wrote “You’re making a HUGE mistake separating the corporations from the government.”

            You missed my point, but I think it was rather obscure. I will try again.

            I understand that fascism results from governments and corporations working too closely together. I, perhaps unfairly, lumped you in with libertarians and other fools who believe that the elimination of government will result in a panacea. We have already tried that many times in history. In the late 1800s, the USA had George Pullman who was a little dictator over his employees. The Wikipedia page is actually quite good on that subject. Pullman is the poster boy for why governments cannot be allowed to be drowned in the bathtub, to use Grover Norquist’s colorful language. ANY, let me say that again, ANY dictatorship, whether government or corporations, cannot be allowed to grow too strong. The USA came fairly close to a equitable mix around 1980 (don’t anyone take that date 100% literally), with neither government nor corporations nor unions (except for auto unions) being too strong. Then we went off the rails because of Reagan.

            One thing that you and many other people refuse to accept is that Islamists are incredibly difficult to catch before they kill large numbers of people. Many people shrieked that the Boston Bombers were not caught before they killed, but how could they have been caught without FBI agents looking through jihadist websites and other sources to reveal the people who are in the final planning stages of killing? If another 9/11 happens, the leaders in charge are going to be in deep kimchi, so they are doing everything they can to prevent another attack.

            I am going to change the subject, but not actually. You and the others here keep declaring that the government is violating the Fourth Amendment and generally playing unfair. Here’s a news flash. The Internet was not created for child porn. It was not invented for people to steal money from banks. It just kind of grew into what is is today. Its infrastructure is owned by many countries and entities around the world. Not a single one of them has said, to the best of my knowledge, that they give their blessing to child porn and theft. Yes, certain ISPs would say that, but they are at the very end of the food chain, wouldn’t you say? Yes, the U.S. government looks unfavorably at people using their infrastructure for child porn and theft, but they, as owners, have the right to do so.

            If you, child porn purveyors, anarchists, online bank thieves, and most of the rest of the readers here want to be free as a bird and do what you want, then create your own world-wide network. Of course, the bank thieves won’t be able to steal anymore, because banks will not use that network.

            As to the Stazi (I am trying to make Chris Hansen happy here), the world was quite different then, don’t you think? Yes, it was “state-limited” for the most part, but it still ran operations in West Germany, a separate country then. Today we have Islamists who have declared on many occasions that they have the right to kill anyone who “insults Islam.” One of the first public instances of this was regarding Salman Rushdie’s book “The Satanic Verses.” Perhaps it was insulting to the Islamic faith, but freedom of speech is cherished in the west, no? Cat Stevens, a former peace-and-love folk singer, publicly called for the death of Rushdie in 1989. So much for peace-and-love. Rushdie has ever since been forced to live under the constant protection of bodyguards. And now the threat of Islamists forces the West to try and prevent more 9/11, London 7/05, Madrid 3/04, and other Islamist atrocities.

            Do I see anybody else behaving this way? Try China, Russia, and North Korea. Sure, they are not as proficient as the USA — so far — but if you read Der Spiegel on a regular basis, you will quickly realize that China is the Avis of the cyber-world: they’re #2, but they try harder.

            And why is it that you never complain about the guy who loves to take his shirt off and drive Ladas around Russia? He is fairly close to being a Soviet General Secretary, but all you ever say is how terrible the U.S. government is.

            As to the little guy having no chance, please, live in the present world, okay? The Internet that existed in the late 1990s is never coming back. You are never going to be a child again. If you want 100% freedom, move to Somalia, but don’t whine that the bigger boys always point their guns at you. There is no free lunch.

            • There is a lot I will address in your comment, in a little bit, so expect more comments from me on your s, but here is where I will start:

              “Many people shrieked that the Boston Bombers were not caught before they killed, but how could they have been caught without FBI agents looking through jihadist websites and other sources to reveal the people who are in the final planning stages of killing?”

              Where did you get this idea? Your government had all of the information it needed to *target* the Tsarnaevs years ago — and they did not find it from a ‘jihadist website’ — they got it from governments like *mine*. Russia itself warned the US years, I believe, before this happened. And the younger brother was almost certainly just trying to please his older brother, which lends credence to what I was saying before — a lot of terrorists perform acts of terror not only due to religious beliefs, but also due to love and loss. Do not grossly oversimplify this issue, because it bears out over and over again to be true.

              As for my belief about government — I believe in no government… that does not constantly and ruthlessly analyse its motivations while being willing to put itself under the mirror of scrutiny. It is a cliche by now, but power corrupts, and you cannot expect the powerful to police themselves — they will police you in order to avoid it.

              • “Your government had all of the information it needed to *target* the Tsarnaevs years ago — and they did not find it from a ‘jihadist website’ — they got it from governments like *mine*.”

                Sorry, but your bias is showing again. The various players are giving conflicting accounts of that. Russia said that it gave the USA plenty of information in advance. Some in the U.S. government said that the intelligence was not actionable. Righties said that this is proof that Obama loves Muslims. Lefties said that this just proves the need for more gun control.

                In other words, everyone is using this issue to further their agenda. What did Russia actually tell the USA? We will never know.

        • One other big problem is, in the past this level of totalitarianism was more or less ‘State-limited’ depending on the ‘State’ in question. East Germany had the Stasi but the Stasi generally was limited to its own people (obviously with some outlying spying as well). In the past most mass surveillance was limited to localised regions — countries, generally speaking, but not necessarily. Do you see *anybody* else behaving this way? I mean *leading* it, not suckling off of the teat of it (which most countries are doing now) — and do you honestly believe that the countries that are not cheerily submitting are not being painted as ‘evil’ in order to extend dominance through alternative means, including public opinion?

          This is about scale.

          • (and once you scale up enough, the little guy has no chance, even if they say no; at this point, there is no way *they* can ‘route around’ it)

    • You do not understand the system of laws in the USA. You throw out the word “Constitution” as if it were fixed for all time. Marbury v. Madison changed that in 1803. The Constitution is a guideline, nothing more.

      Let’s take the most relevant part, Amendment IV of the Bill of Rights:

      “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

      So are you arguing that “persons, houses, papers, and effects” are to be extended to the Internet? If so, you lost that argument when the courts allowed searches of cars without a warrant. And that argument fails when you consider that the Internet is more public locker than private effects.

      And if you attended law school, you would know that the word “unreasonable” carries a lot of baggage. There are many cases which deal with what a reasonable man would do in certain circumstances.

      • The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

        That’s because shady attorneys can twist things around and make words like “relevant” or “unreasonable” suite their needs to establish precedence in a case or cases. This is what the United States government did with the Prism program, along with the collecting of phone record meta data. The N.S.A. just twisted the word “relevant” around to suit their needs by saying that they where business records and are not covered under the fourth amendment because they are not a persons ” houses, papers, and effects” in your immediate procession . Once again the government took away our constitutional rights by manipulating how the interpretation of the forth amendment should be applied towards technology or computers.

        • “That’s because shady attorneys can twist things around and make words like “relevant” or “unreasonable” suite their needs”

          The word “unreasonable” is subjective by definition. Both shysters and honest attorneys use that word to their best advantage. You have no idea how often the phrase “a reasonable man” comes up in law.

          “Once again the government took away our constitutional rights by manipulating how the interpretation of the forth amendment should be applied towards technology or computers.”

          Who died and made you God with the authority to decide the proper interpretation of the Fourth Amendment? How do you know how the Founding Fathers would thought about inventions created long after their time: WMD, helicopter gunships, financial derivatives, the Internet, etc?

          • The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

            From the website threatpost.com a article regarding this very issue states “Tor, the anonymity network favored by activists, journalists, security researchers and other interested in remaining unidentified online, also is used by attackers and other criminals, including those peddling child pornography and other objectionable material. There are reports that the FBI has been using an exploit for the Firefox vulnerability to target people involved in the child pornography trade. The owner of Freedom Hosting, an Irish hosting company that provides some hosting for Tor Hidden Services servers, was arrested in recent days and charged with facilitating the distribution of child pornography. An Irish newspaper said that Eric Eoin Marques, a dual Irish and U.S. citizen, was being held without bail on the charges.” Who’s to say that the F.B.I. and the attorneys that work for them are not playing “god” with our civil rights. You know the same attorneys that work for the N.S.A. who think it’s okay to put taps on fiber optic cables coming in and going out of the United States to vacuum up all the data without a viable search warrant and therefore potentially violating a person privacy and civil rights. I strongly believe that if you give your personal Identifier information (P.I.I.) to any website to store on a data server it should not be given up without a good probable clause search warrant , however, the United States government classifies it as a “business records” so in their mindset it’s not covered under the forth amendment . I don’t want my P.I.I. handled over with a subpoena or given out just because some government agency requests it due to me contacted someone in a government classified rogue country

            Your counter argument please…..

            http://threatpost.com/tor-users-hit-with-firefox-exploit-but-no-large-compromise-of-network-seen/101578

            • Your entire post was true, yet a non sequitor.

              You wrote “Once again the government took away our constitutional rights by manipulating how the interpretation of the forth amendment should be applied towards technology or computers.”

              I wrote in response “How do you know how the Founding Fathers would have thought about inventions created long after their time: WMD, helicopter gunships, financial derivatives, the Internet, etc?”

              You think you know how the Fourth Amendment should be interpreted. Why don’t you actually read the Constitution and mull it over? It is very possible that the Founding Fathers would have decided that the Internet is merely a part of the Postal Service, for which they gave Congress oversight. Obama is probably over-stepping his authority, but the common argument that the Internet should be totally unregulated is fiction.

          • The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

            comment was censored

      • Diane Trefethen

        @saucymugwump
        “You throw out the word ‘Constitution’ as if it were fixed for all time. Marbury v. Madison changed that in 1803. The Constitution is a guideline, nothing more.”

        It is my understanding that William Marbury invoked an act of Congress, the Judiciary Act of 1789 (which granted the Court the power to issue writs of mandamus), sued President Madison and his Sec’y of State, and then applied directly to the Supreme Court for a writ. The most important part of the Court’s ruling was that the Constitution was the supreme law of the land (didn’t see the word guideline in there) and when Congress made a law that contravened the Constitution, the Court had the duty to nullify that law. Under Article III of the Constitution, the Court did not have “original jurisdiction” in this case. The court ruled that the Judiciary Act of 1789 which granted the Supreme Court the power to issue writs of mandamus in cases not specified in the Constitution was in contravention of the specific limitations of Article III and was therefore null and void.

        So, could you explain how Marbury v Madison rendered the Constitution a mere guideline? Sounds to me as if the Supreme Court ruling did exactly the opposite.

        • “So, could you explain how Marbury v Madison rendered the Constitution a mere guideline? Sounds to me as if the Supreme Court ruling did exactly the opposite.”

          If I were 12, I would utter “my bad.” It did indeed reinforce that the Constitution is the back-stop of our law.

          But much more so, Marbury established the doctrine that the Supreme Court has the right to make law. Everyone who complains that judges “make law” are ignorant of the fact that this happened in England at least as early as the 1600s. One of the problems with the Constitution (the other is that poorly-written Second Amendment) is that it did not clearly define the roles and responsibilities of the Supreme Court. Chief Justice Marshall rectified that. Of course, Congress always has the ability to craft a better law to over-ride the actions of the courts.

      • Diane Trefethen

        @saucymugwump
        “So are you arguing that ‘persons, houses, papers, and effects’ are to be extended to the Internet? If so, you lost that argument when the courts allowed searches of cars without a warrant.”

        Your car search analogy fails. In the case of recording and/or seizing emails and phone conversations, one is dealing with potential evidence that either exists and isn’t going anywhere or evidence that has not yet come into existence. There is no exigency With a stopped car, if an officer cannot search the car at the point of the stop, any evidence in that car will surely be disposed of before the police can obtain a warrant. However, even in the case of a warrantless car search, once in court the officer must show s/he had probable cause to stop the vehicle, then probable cause to suspect there might be evidence of a criminal act in that vehicle. Police officers have a good deal of latitude here but they DO have to give the courts something. If they fail, then either the stop or the search will be ruled illegal and any evidence seized will be inadmissible at trial.

        • “Your car search analogy fails. In the case of recording and/or seizing emails and phone conversations, one is dealing with potential evidence that either exists and isn’t going anywhere”

          If police stop someone driving a car, any evidence in their trunk “exists and isn’t going anywhere” (until officers allow him to leave). As for telephone conversations, they most definitely exist, but they are only around long enough for the electrons to finish their journey, so I am not sure of what your point was. I did not intend to imply that officers have the right to open every car in sight (regards your point about exigency / probable cause).

          A better comparison for me to have made would have been as a traveler on a train or airplane. One has no privacy as a passenger, as we all have discovered.

          Much relevant to the Internet would be a letter or package sent by common carrier. The carrier has the complete right to open any letter or package it deems suspicious, dangerous, or rule-breaking. The common carrier of the Internet would probably have to include all countries except for North Korea.

          • “Much relevant to the Internet”

            Much more relevant to the Internet.

          • Pseudoynmous Cowherd

            The “can open any package” rule you cite was created for the protection of postal workers, in case someone sent a bomb or anthrax or something through the mail — and indeed there were some casualties among postal workers in the October, 2001 anthrax mailings.

            There is no comparable justification for granting Internet backbones and service providers any similar powers. No encrypted packet traversing their network poses any threat to their equipment or employees’ life and limb, and any packet that’s part of an attempt to exploit one of their own servers will necessarily be one they can “see inside of”, or it could not infect the targeted machine.

            There’s no justification, then, for ISPs to be anything but big dumb pipes that pay zero attention to the contents of the packets traversing their network (but not terminating at a machine they own). (They may care about the amount, for billing purposes and to figure out when they need to increase capacity some more, but there’s no legitimate business OR safety reason for peeking at the CONTENTS.)

            As for sharing PII with the government, there’s no justification for them doing that, either, except when presented with a warrant, and no justification for them to keep such information longer than their own business needs require them to. In fact, I’d argue that not only should PII be subject to some protections, but that any data retained for nonbusiness purposes is not a “business record” for search-legality purposes, nor is a business record still a business record once it has outlived its usefulness as such, even if they do retain it. Data that exists only to satisfy potential future law enforcement requests is not a business record; it’s a search waiting to happen and should require a warrant to be legally turned over. This is the case whether the data is there because of regulatory requirements, pursuant to retention laws specifically there to make law enforcement able to get such records, or because they have a lucrative side business SELLING such records to LEOs — in the latter case, it’s not a business record but a PRODUCT.

            • Diane Trefethen

              @Pseudoynmous Cowherd
              Re: Your “The ‘can open any package’ ” post
              WOW! Well written, consise and on point.

            • Pseudoynmous Cowherd wrote “The ‘can open any package’ rule you cite was created for the protection of postal workers”

              That is only half the story, regardless of what your new groupie, Diane Trefethen, says. The law was created for that AND to allow for authorities to prevent such packages to be sent to our fearless leaders. The USPS, UPS, and FedEx all have restrictions on mailing perfume and other hazardous materials, for the protection of carrier employees, airline employees, aircraft passengers, and people who may be injured/killed on the ground as a result of a crash.

              “There is no comparable justification for granting Internet backbones and service providers any similar powers”

              There is no difference between intercepting packages filled with white powder and intercepting traffic on backbones which amount to plans to kill large numbers of people, i.e. Islamist attacks. Both can result in deaths.

              “There’s no justification, then”

              See above.

              “As for sharing PII with the government, there’s no justification for them doing that, either, except when presented with a warrant”

              I would not say there is no justification, but LE officers must not be allowed to go on fishing expeditions. Your fourth paragraph was a bit of a mess, conflating government with business. I was not able to completely understand your point. Your comments about warrants were rather simplistic. This lies in the area of FISA courts and I will agree with you that the Feds have gone too far here. The FISA courts were established to handle these things and the Congress is failing in its duty to rein in over-zealous LE officers. Our judicial system worked very well for serious issues like Aldrich Ames and Robert Hanssen, but current government leadership is lacking.

        • searches of cars without a warrant what? ya thats definitely not holding up in court. You don’t live in America do you?

          • This is what I was thinking of (I really wish Brian would switch to a blog-system where we could edit our posts):
            http://www.cnn.com/2013/02/19/justice/supreme-court-search

            • @saucymugwump so that is the case Diane is talking about? lol. Ya i got arrested way after February.

              Here is my real life example in more detail. I’m sitting on a strangers stoop around the corner from me with an older neighbor in his 50s. We roll a joint and start smoking it. My friend of mine came by in his car, parks and joins us. After a little while about 5 plain clothes narcotics detectives come hopping out from behind the back yard and back of the house and surround us scaring the crap out of us on the stoop. I live in NYC this really happens. Someone probably called on us. They take the joint out of my hand and cuff me and the older gentleman, who had a bag of weed on him. My friend, who happens to be black, they let go because he had nothing on him.(they could of taken him too if they wanted because just a roach clip is good for two people) Then one detective notices a car window open, he asks my friend is that your car, my friend said yes, and he began to search it finding a couple bags of weed and they arrested him too.

              We all went to court together a couple weeks later. I got an ACD, the older gentleman paid half the fine. And my black friend got his case dismissed totally because he didn’t’ give permission to the cop to search his car.

              Now that doesnt’ mean they can never search your car. I’m sure dogs at the airport are ok. I’m sure if they see something from the window, or see someone convulsing, etc….. I use to be told if they saw blunt guts underneath the car door, but i’m sure that be hard to fly in court. but these are rare cases. I have never ever seen a dog sniffing cars in my neighborhood, actually I’ve never seen that anywhere but the airport. But i’m sure it does happen sometimes probably for a real prime target.

        • searching your car without a warrant? what court? lmao, i was in court with a friend recently, who got busted with some weed, the judge threw the case out cause my friend said he didn’t give permission to the detective to search his car. Actually the public lawyer was going for an ACD or a lesser charge, but then the judge was like, if he searched the car illegally i should just dismiss this case. dismissed.

    • Well said. Has anyone read 1984 recently? Absolutely appalling how our constitution is being disregarded…I thought our elected officials are supposed to uphold the constitution of the U.S…. That’s what soldiers fight and die for.

  11. This didn’t just target diddler porn enthusiasts, all of Freedom Hosting’s service were injected with this java exploit including Tormail and dozens of activist forums that had nothing to do with illegal porn.

    Anybody who used Tormail last 2 weeks is now potentially in the same boat with kiddy pornographers because it was definitely hosting the same exploit.

  12. @McDerpp

    And judging by how the US has treated leakers and journalist in the past few years. The data will be very useful.

  13. Reraming. Jury bias. Manipulation. Deception. Misdirection. Spin. Women and children must be saved, yes yes. Nice patterns. This happens over and over again. It’s the easiest way to manipulate governments, the public, juries, and every other person and group into making it abhorrent to defend someone charged with such a thing — even if the thing itself has nothing to do with the purpose of the charge (and the person had nothing to do with it directly — I surely do not see proof of him personally trading kiddie porn, have you?).

    He ‘facilitated’ it by offering .onion services. ISPs must be facilitating it also. So must cable companies. Telecommunication and fibre companies. Mozilla. Tor. Microsoft. GNU. Bittorrent. vBulletin. WordPress. Twitter. Kodak. Android (so Google). Your memory card manufacturer. Your computer and phone manufacturers.

    Wake. Up.

    Also he was apparently already being monitored if they knew he was researching how to get Russian visa. Which obviously must be criminal. Of course. Because he doesn’t have friends there. Or customers. Or any interest in other parts of the world. Imagine if he looked up how to get a visa to Yemen.

    • “Also he was apparently already being monitored if they knew he was researching how to get Russian visa. Which obviously must be criminal. Of course.”

      Or maybe it is as mundane as: the FBI was already watching him and they were afraid he’d pull a Snowden, i.e. ask for Russian asylum. You do know that preventing criminals from leaving to avoid prosecution is standard practice in all civilized countries, right?

    • Your comparing TOR to those companies you mentioned? really? first off, those companies require that you comply with the law in their contract you accept with them and they don’t look the other way if you break it. What a ridiculous comment.

      I was afraid to use TOR after you told me not to use it for banking, and the linux people were telling me its full of criminals. I tried it for a day or two, and when i stopped, tor servers were probing me for a week. I also put it on my phone for kicks but the network was really slow and google and yahoo would come up in diff languages sometimes and I imagined that had to be a huge red flag especially with NSA. You have to be crazy to use it.

      • Diane Trefethen

        @CooloutAC

        “first off, those companies require that you comply with the law in their contract you accept with them and they don’t look the other way if you break it”

        They also promise in their TOS agreements not to share your information, communications and data with others except as specified in the TOS so you, the customer, know the limits of your privacy, and in cases where law enforcement presents a legitimate warrant obtained in a civil court based on information sufficient to establish probable cause. A secret, star-chamber court saying yes to virtually every NSA request to seize the emails of millions of Americans who are NOT suspected of any crimes does not qualify as a court issuing a warrant to monitor a specific individual.

        As far as I know, there are no court decisions that specifically allow law enforcement to “go fishing” by seizing or recording the private communications of individuals who are in no way associated with or suspected of any criminal or “terrorist” activity. If I am wrong, please cite such rulings.

        • Diane: I do not know who you are, but there is no longer ‘upvoting’ so I just wanted to say you are one of the best new commenters I have come across here in a long time, and I am finding myself consistently delighted to read your comments. 🙂

          • It’s too frustrating to argue with people that don’t address your points and then seem to troll you. Reading mugsauce’s blog kind of takes the cake for me and I think I’ve seen CooloutAC before.

            • Yes, I believe he started his commenting run right around when I started commenting here more than occasionally — which means just before or when the LibertyReserve went down (and before the news came out that the proprietors were arrested).

              Historically speaking it is a valiant but wasted effort, but I still admire your comments, Diane. Yours too, Chris (I want to make joke here about CP due to your posting name but will refrain). 🙂

            • Obviouslynotme

              @Diane and Chris Hansen
              I must also agree, It is refreshing to read comments that are based on fact and not opinion. Too many op-ed posts from these two without any sort of research or reference. Trolls indeed!

              I often look forward to the diverse and rational comments from peers in the security field on important news items from Brian Krebs.

              Please continue to sort through the nonsense and be the beacon of light that I hope to find here when I take a moment away from looking at logs all day.

            • “It’s too frustrating to argue with people that don’t address your points and then seem to troll you. Reading mugsauce’s blog kind of takes the cake for me”

              Sometimes I become busy and never make it back to a conversation, but I do a better job than most at addressing points. If you disagree, give a specific example.

              If you do not like my blog, then don’t read it. Every serious entry is well-documented, but perhaps you are too lazy to follow those links. I wonder if you are politically-correct and therefore cannot handle contrary opinions on a few choice subjects.

              My blog entry of “The British Prime Minister’s last day in office” has been well-received all over the world. Yours is a minority opinion.

              P.S. You and others keep making fun of saucymugwump, but it is not my name, so I care not.

              • You may laugh at this but the thing I found most distasteful of was the first post that showed up — if you truly believe in a free and democratic country, I have no flipping idea why you would post such a grossly prejudiced ‘joke’ about ‘merit badges’ for your scouts. Since I do not wish to change the topic of this section, I will say only that I learned a lot about you reading two blog posts. *THAT* should, though, be the danger of ‘freedom of speech’, if anything should — you have the right to make these jokes but it also exposes you to a whole lot of simplified profiling. Just because it isn’t (or is, for all I know) the government profiling, does not make profiling any less dangerous.

                • And I think it bothered me more because it made the entire ‘blog description’ reek of irony.

                  • Speaking of irony, it is really rich that you and the other child porn advocates decry my blog for insulting 1-2% of the population, all the while promoting something which could potentially hurt just under 75,000,000 people (i.e. children) in the USA alone. You and I look at the world in completely different ways.

                    http://www.census.gov/prod/cen2010/briefs/c2010br-03.pdf

                    • @saucymugwump: Yeah, here’s the problem here: Your joke equated homosexuality with paedophilia.

                      I won’t even bother further addressing your knee-jerk pedanticism, your meaning to insult me by calling me a liberal (do you even know what this word means? or do you just believe in a black or white worldview: them (me) versus us (you)?), as well as a child porn defender (this would be news to me and anybody I know; you want to bandaid things, which do precisely nothing to alleviate the suffering of any of the involved parties). It’s dangerous to live in a world and approach it consistently as nothing but a categoriser: If you cannot fit a label on somebody, how can you react? Insightful people are multimodal and multidisciplinary. They do not rely nearly as much on shortcuts. All ways end to suffering to some degree. Even yours. Even mine. The difference here is that some of us are willing to step back and acknowledge there are many ways to see the problem, while others must resort to incorrect labels and stereotyped ‘solutions’ which, for decades, perhaps even centuries, have done little or nothing to change anything in a meaningful way. Doing things over and over again expecting different results isn’t effective; it’s wasteful.

                • Talk about irony.

                  Yes, that post (there are two more, the earliest of which explains my attitude on that subject, but I am certain you would never read it) is controversial, to be sure. And now I understand why you (and Hack, Hansen, and the others) and I will never come to an agreement. You, like all liberals, honestly believe that certain subject cannot be joked about, all the while making jokes about righties. Spencer Ackerman of Wired Magazine is the poster boy for that belief, as he has selected conservatives at random and called them “racists” merely to tarnish them politically — because, of course, liberals all “know” that all conservatives are racists.

                  In other words, you only believe in freedom of speech when you agree with the speech in question. In this respect you are the same as conservatives who do exactly the same thing, for example, they tarnished anyone who was against the Iraq war as un-American, traitorous, and unpatriotic.

                  I, on the other hand, believe that freedom of speech means just that. Up to crying “Fire!” in a crowded theater, anything goes. People can say that a military invasion is wrong. People can say that a president is an imbecile, corrupt, incompetent, a liar, etc. People can say insulting things about Islam, even if it hurts the feelings of Muslims. People can say that the NSA should be throttled back. People can say that the Boy Scouts should have remained free of, well, you know.

                  P.S. That post and the Harry Potter one are some of my more popular ones as determined by the blog statistics, though not nearly as popular as “The British Prime Minister’s last day in office,” so your views are not universal.

                  I will add a warning to politically-correct liberals like yourself at the beginning, similar to the warning seen on tobacco products.

                  • Saying I make jokes about right wing people only proves you have no idea who I am or what I stand for and cements my belief in my (just now submitted) reply. I don’t joke about politics or logic or things that your forefathers would have called ‘inalienable rights’. Ever. When it comes to things that have value, approaching them with humour demeans them and cheapens them. While I would not go so far as to say human rights are holy, or sacrosanct, our humanity is one of the few things that prevents us from going completely off the rails, and we lose more and more of our humanity by turning it into a joke every day. Does this mean I’m ‘serious as cancer’, as your people might say? Sometimes. But I do have a sense of humour. I just realise that mocking creates opposite reactions. I hate your Jon Stewart, in a similar fashion. When people can joke about important things, they have an outlet that is, as history has proven out, far more palatable than *doing* something to change the problems of the world. People hate tension. Or maybe I am just some ‘Russian’ and we are known for being very “grey thinkers” with “gloomy literature”.

        • my email is already stored someplace besides my pc regardless. do you trust google employees or your isp not to read your emails or spy on you? lol At least the people in the NSA swear and oath to protect people and to live and die by it. Honor is a dying concept nowadays so its hard for most people to understand. Don’t you realize every country in the world is probably reading your emails?

          The UK and China gov’t ips are all over my connections all the time just as much as usa.. But its actually more likely some russian kids or paranoid drug dealers are the ones that actually bother to read my boring emails. So sorry if i don’t care about the NSA knowing I smoke weed or what crazy things i say on the forums when all my info is on facebook anyways. They have bigger fish to fry. I don’t buy into much anti american propaganda nowadays especially online from foreigners. I try to only concern myself with what actually happens in reality, not what could happen. A meteor could also hit me tomorrow but the chances are very unlikely…

          • unless of course your Russian 🙂

          • Also Diane, you are correct in your last statement. Now you can call the General a liar if you want, but I wouldn’t. I believe him when he says they are only collecting data, but don’t even have the man power to look at it all. It is there for when they need it for quick access in a ticking time bomb situations to pinpoint and expedite investigations. IMO, it all it does is save some red tape. You cannot deny every country subpoenas their ISP’s for info. This has been going on for 20 years……its just getting more efficient now, and now alot of them are networked and have technologies like prism. The Gov’t is scared and desperate since the internet is getting so bad now at a time when its finally being recognized by us as the greatest soft power tool man ever created.

            Now you can also believe Snowden if you want, that he could just tap into anybodies camera or phone in real time in an instant, even the presidents, and knows the name of every cia agent there is, etc…. But i think like most malicious hackers he is delusional and exaggerates, and is suspicious to me since he decided to move to China and Russia.

          • Diane Trefethen

            @CooloutAC
            So is your argument, “Since others do it, it’s okay for the USA to do it?” Me? I’d rather that our (once) great country have a code of honor whereby we choose to behave in a certain way because we think that is the right way to behave. That “right” way is spelled out fairly clearly in our Constitution. It may not be the right way for Google or Russia or France and that is okay but I CERTAINLY don’t want MY country to do what someone else does just because the others do it when I know those actions violate our Constitution.

            • I’m saying its suspicious to only blame the USA when every country in the world does the same thing…..or when we have been serving subpoenas to isps for over 20 years and had the Patriot Act for 12. Edward Snowden told us nothing we didn’t already know. You needed proof? Is he even considered proof of anything?

              and your analogy of a kid blowing up his school because of his religious views sounds like terrorism to me…I don’t think the definition can be any more straightforward imo. Refer to the definition i posted.

              Even if you don’t want to call that “crazy” kid a “terrorist”. Do you not think he should be stopped? I mean what are you arguing here? How bout we just call them psychos who like to blow people up? I’m not really sure where your going with this, but its a little creepy.

        • “A secret, star-chamber court saying yes to virtually every NSA request”

          That “star-chamber court” is the FISA court, established by Congress with the Foreign Intelligence Surveillance Act of 1978. If you do not like their decisions, complain to your Congress-person.

          I find it amusing that certain posters gush all over Diane and claim that her posts are totally factual even though she uses loaded phrases like “star-chamber court” instead of the actual name.

          • Diane Trefethen

            “Loaded phrases?” Well, let’s see. According to Reuters (http://www.reuters.com/article/2013/06/21/us-usa-security-fisa-judges-idUSBRE95K06H20130621), “The trial court judges who sit on the FISA court wield great power working in secret.” Then there is the definition of a star chamber from dictionary.com, “a former court of inquisitorial and criminal jurisdiction [check] in England that sat without a jury [check] and that became noted for its arbitrary methods [check] and severe punishments [half check if you count blatantly violating the Constitution as a punishment inflicted on the American people].

            Just like you, Muggy, to focus on my diction rather than the core of my comment, to wit, that this “court” just rubber stamps NSA surveillance requests. Again quoting Reuters. “Between 2001 and 2012, the FISA judges approved 20,909 surveillance and property search warrants – an average of 33 a week. During that 12-year period, the judges denied just 10 applications.“ “From 2007 to 2012, FISA judges also approved 532 ‘business record’ warrant applications, the category used in the order that directed Verizon to release metadata on all phone calls inside the United States. No business record warrants were rejected.”

            • @Diane: Am I alone in feeling that whatever made those 10 other (rejected) FISA requests interesting would shed light on a lot of things? People have focused on the ‘rubber stamping’ nature of the FISA court, which makes me wonder — if they would and have approved almost every single request, what made those 10 denied ones unique? I suspect a lot more could be learned from those 10 denials than the thousands of approvals.

              • Sorry, not ’10 others interesting’ — I meant ’10 others different’. My English is good but I do occasionally stumble. 🙂

  14. All child porn purveyors should be boiled in oil. All those who want to avoid the feds going after perverts and criminals should create their own private network — and keep it free of lowlifes.

    • ” All those who want to avoid the feds going after perverts and criminals should create their own private network — and keep it free of lowlifes.”

      That’s called the regular internet.

      • What’s your point? That the Internet is everyone’s private network or that we have the right to eliminate lowlifes? I agree with the latter, but not the former.

        • I’d much rather boil the low-lifes who siphon off millions of dollars from innocent third parties and use their ill gotten gains to maintain their extravagant lifestyles in eastern europe.

          They’re both scumbags, but you have to prioritize your scumbags otherwise you’ll never get anyone boiled in oil.

          • …as opposed to the ones who siphon off tens or hundreds of millions — even billions — of dollars a year off of innocent people (often including legally evading taxes thanks to special provisions) to subsidize lavish lifestyles and finance political campaigns everywhere else?

  15. Child porn should not be illegal to view to start with, this is a witch hunt.

    They should use these exploits against real criminals hurting kids, like those selling drugs.

    • “Child porn should not be illegal to view to start with”

      It would take a long time to find a qualified medical, psychological, and/or law enforcement professional who would agree with you.

      • Diane Trefethen

        I abhor child porn for a lot of reasons but the bottom line is that the porn itself is just pictures and words. MIGHT child porn convert a male* with healthy sexual interests into a pedophile? “It would take a long time to find a qualified medical, psychological, and/or law enforcement professional who would agree with…” that hypothesis. However, to the extent that real children are used to make pornographic images, the use of children in this way is a horrendous crime against those children. It is the EXPLOITATION of the kids that is so very wrong, maybe even deserving of the boil-in-oil corrective method. But the images/words themselves? The satisfying of sexual appetites that I cannot begin to fathom? No. I too have a problem with those being illegal, per se.

        Consider. The images in the newest video games are becoming increasingly real. The comic book appearance of the characters has almost vanished. So what if a company were to make the most vile, disgusting child pornography “films” digitally? No kids, no people, no sex slave trade, no kidnappings. Just digital images. With NO children risked or at risk, what is your complaint now? That people SHOULDN’T want to look at stuff like that? They shouldn’t pick their noses in public or lie to their spouses but is “SHOULDN’T” enough to arrest, prosecute and jail them? Is your moral aversion to THE SIGHT of children being sexually abused, again – not real children, not really abused – enough to destroy an otherwise contributing member of society’s life?

        *Most are male.

        • Brava! And yet they are already doing this, and have been for years now. Rather than provide a list of links and sources, https://en.wikipedia.org/wiki/Legal_status_of_cartoon_pornography_depicting_minors is a good place to start. I believe the PROTECT Act is what it falls under currently (the same law that created the ‘Amber Alert’ system). Even if ‘interpretation’ of the law there is still questionable, it ruins the person’s life. And in the cases where actual child pornography was also accessed, they were charged with both animated and actual child pornography.

          I am in agreement with you on all aspects of what you said.

          One thing I’ve noticed more and more is that the US has been going after consumers and non-participatory parties instead of going after the actual perpetrators of the original crimes. And no, I do not believe drawing children having sex in anime should be illegal. Distasteful, but not illegal. There’s also the matter of — legal where? Some places have an age of consent of 14 or 16, others 17, others 18, some even 21, I believe. Why should the US have the right to dictate the accessibility of such things in countries where this is so (regardless of how I personally feel about the matter).

          There’s also the very touchy subject of thoughtcrime versus actual crime. Paedophilia is a proclivity — acting on it is a choice. And in a way by overpolicing, they are making the choice to perpetrate a lot more common.

          And then there is the matter of cases such as famous underage pornography actresses being found later to have lied about their ages… or girls from such trashy videos as those Girls Gone Wild videos lying about their age so they could flash their breasts at a camera.

          Just so those who do not know it, by current interpretation of case law in the US, if you’ve seen any of that — that makes you a criminal.

        • “But the images/words themselves?”

          Yes, for two reasons:
          1) Creating child porn often involves the molesting of children, convincing them to take their clothes off, or them doing acts which may scar them, and
          2) Seeing child porn may tempt total losers to molest actual children (no, I do not believe that it always reduces that tendency).

          • Diane Trefethen

            @saucymugwump
            “But the images/words themselves?”
            Yes, for two reasons:
            1) Creating child porn often involves the molesting of children, convincing them to take their clothes off, or them doing acts which may scar them, and
            2) Seeing child porn may tempt total losers to molest actual children (no, I do not believe that it always reduces that tendency).

            #1 conflates the producing of a product with the consumption of a product. It is reasonable to prosecute those who force children to perform sexual acts for a camera but not reasonable to prosecute those who possess or view the end product. Similarly, it is reasonable to prosecute those who knowingly produce X-rated films using kidnapped young girls but not those who possess or view the films. This argument is invalid.
            #2 Possibly true. This argument may be valid. Can you cite a few examples?

            • “#1 conflates the producing of a product with the consumption of a product”

              The hell it does. The demand for child porn motivates capitalists with no scruples whatsoever to create it. This is Capitalism 101. Society has rightfully decided that child porn is so harmful to children that we will prosecute both consumers and producers.

              “#2 … Can you cite a few examples?”

              I am neither a sociologist nor a social worker, so I am unable to provide any concrete examples. It is merely my opinion.

              By the way, you and others may find the below article informative. It details the early link between the German Green Party and pedophiles.
              http://www.spiegel.de/international/germany/past-pedophile-links-haunt-german-green-party-a-899544.html

              • I’m confused. You do realise that by legal definition in your country, child porn does NOT require any sort of sexual content, correct? Merely a semi-naked or naked child. Those baby in a bathtub pictures that parents used to take in your country 50 years ago, if posted on the internet now, could wind up getting you in (I have to say it!) hot water, believe it or not, due to the ‘interpretation’ clause. And you’d be ignorant if you thought that paedophiles required images of children engaging in sex to ‘get it up’. From what I have read in my studies of psychology, it is often the innocence that is found the most pleasing — which is one reason so many of your sex tourists trawl for younger and younger victims in foreign countries. One thing I actually believe I may approve of in your country’s current fight against child abuse is making this sort of sexual tourism for its own citizens illegal, so to speak, even if it crosses borders — even though I find the ways it gets investigated and proven somewhat troubling.

          • The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

            @saucymugwump

            I’ve actual seen child porn while investigating spam links that baited internet users credit card information. From the images that I’ve viewed it’s not a good thing to see and you never get the images out of your head.

            Anyway, If I find those links I report them to the The Center for Missing and Exploited Children immediately

    • Moronic post, Johan. No doubt hiding behind tor or a lax countries VPN.

      Freedom isn’t actions without repercussions, people who knowingly break the law under the guise of anonymity are pretty corrupt people, more so than those who have the idiocy to not conceal what they do.

      I hope they have a field day with tormail, I can imagine it was a hub of nastiness.

      Freedom isn’t about breaking the law and being able to get away with it, you guys crying about whoever’s actions being underhand… The crap the sites may have peddled might’ve been worthy of these actions…

      Be interesting to see how many people are offline for a while with this news 🙂

      • You are correct I was hiding behind a proxy when I said that child porn should be legal because free speech only takes you so far when dealing with violent people and thugs who do not accept free speech.

        The US has no right to take down any material that is legal in other countries, what they have done amounts to censorship, pretty sick, not surprising coming from the NSA, most things they do are sick.

        The FBI/NSA should be restoring all child porn where it was, I am getting sick and tired of americans getting their noses on the Internet, the Internet belongs to the whole world.

        • Johan, freedom of speech is one thing… breaking the law is another, I don’t know the laws on every specific country but I would be amazed if any say it’s ‘legal’ anywhere… unregulated internet or badly policed maybe.

          You are happy to look at pictures of abuse, that’s clear – to me that’s immoral and wrong, depending on where you’re located that is a crime. Depending on where those servers were physically located may determine the proceedings against the users, I hope it is in America or an co-operating country and they do go batshit crazy on this.

          You forget that freedom of speech doesn’t guard you from illegal activity, the very way you can use these sites the LE and agencies can try to prevent it – they’ve done a very good job, this could all be a big farce just to scaremonger… but it could well be considered approach to catching certain types.

          I don’t understand any of you that complain about this on the level of freedom of speech, nobody is impeding that – they are stopping you and others from breaking the law. Nobody gives a shit what you think about what you do, they care that you do it and that it’s illegal. Just like nobody gives a shit if you talk about how great the heroin you purchased was, they care that people are breaking the law… keep it to plain text and words and nobody will come after you… knowingly break the law, eventually get caught.

          • Diane Trefethen

            @dafuq
            “I don’t understand any of you that complain about this on the level of freedom of speech, nobody is impeding that – they are stopping you and others from breaking the law.”

            It’s not about just “breaking the law.” Laws are often made to punish people with whom the law makers disagree. Therefore, when deciding on whether breaking a law is truly criminal, we need to look to the supreme law of the land. If a behavior is protected by the Constitution, then any law which prohibits all forms of that behavior is unconstitutional. Of course there are reasonable exceptions to “freedom of speech,” but almost uniformly, those exceptions are predicated on 1) the accused making false statements, whether yelling “Fire” in a crowded theater when there is no fire or lying about another person’s actions or a company’s non-existent criminal misdeeds, and 2) harm befalling someone who has been the subject of another’s “free speech.” Laws prohibiting the possession or viewing of specific pictures or written descriptions fulfill neither of those two standards. So, can you provide a rational justification for banning the possession or viewing of child pornography that adheres to the one possessing or viewing, NOT to the one(s) who produced the porn?

            • “So, can you provide a rational justification for banning the possession or viewing of child pornography that adheres to the one possessing or viewing, NOT to the one(s) who produced the porn?”

              Do your own damn research! Go to a law library, or if you cannot gain entrance, go to the library of a community college which offers paralegal courses. It will be difficult at first because you will not understand how the books are arranged, but a librarian can probably explain the basics. Most attorneys use online research methods, e.g. Nexus, but books still work fine. Here is one link which explains the basics of legal research:
              http://www.lawschool.cornell.edu/library/WhatWeDo/ResearchGuides/Basics.cfm

            • @Diane Trefethen

              “So, can you provide a rational justification for banning the possession or viewing of child pornography that adheres to the one possessing or viewing, NOT to the one(s) who produced the porn?”

              I never said they shouldn’t be punished, I think all that are involved should feel some pain.

              Liken it to SR, should the users/buyers be just punished? No, the dealers should too – but if cracking down on buyers leads to arrests of dealers… then good on them. At the end of the day they’re both doing something illegal!

              Same principal with kiddy porn, the viewers are breaking the law, as are the ‘dealers’.

              Freedom of speech and privacy isn’t a way for people to break the law and get away with it… like i said, the issues at hand are not about freedom of speech but the freedom to commit crime.

        • “The US has no right to take down any material that is legal in other countries”

          Child porn is illegal in all civilized countries. Viewing it in Islamic countries may cause you to be beheaded. In which country do you live?

  16. saucymugwump and CooloutAC guys nobody cares what you think trust me . You are just full of it ( and here is why i think that ).Here is my proposition to you both. Do you know what skype is , if so Why don`t you talk to yourself s in skype its faster , easier and we dont have to read your crap every time ? You are bloody spammers and a Hippocrates if you ask me .In Every bloody single post i see you faces .And sure enough you all ready ” been there done it before” and you know better then anyonelse as always .You know everything about anything .

  17. I find it truly amusing that many people invoke the Constitution to justify their belief that everyone should be bound by its literal text, while simultaneously invoking the right to use alternative currencies such as Bitcoin and steal the intellectual property of writers and composers.

    From the Constitution, Article I, Section 8:

    The Congress shall have Power …

    To coin Money, regulate the Value thereof, and of foreign Coin, and fix the Standard of Weights and Measures;
    To provide for the Punishment of counterfeiting the Securities and current Coin of the United States;

    To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;

    To define and punish Piracies and Felonies committed on the high Seas, and Offences against the Law of Nations;

    http://www.archives.gov/exhibits/charters/constitution_transcript.html

    • Note that (1) does not say it shall have the *sole* power to coin money or anything of value. To do so would have been moronic, especially at the time the Constitution of your country was created. Which is to say that your statement about Bitcoin has absolutely nothing to do with what you excerpted in your post.

  18. Wrong sleeping , is that all you got to say , man ” who knows everything about anything ” ..

    What about the rest of my comment then , do you agree with it !? I knew you would cos its 100% trues . Ever Brian didn’t delete this comment cos he knows that its 100 % true 🙂

    • Brian rarely deletes comments, except when they are overly rude, off-topic or duplicates. You submitted the same comment 3x in a row, and duplicates almost always get flagged as spam.

      • Duplicates — was just an accident .Anyway , person who post on jihad dot org must be sick on the head .There are some Hippocrates and republicans in there too.Google — saucymugwump 🙂

        saucymugwump .blogspot .com

        • I know how hard it is to speak English so I wanted to let you know to say ‘hypocrites’, instead of letting it correct to the name of a famous philosopher. 🙂

        • stupid people wrote “person who post on jihad dot org must be sick on the head”

          Given that I am not a Muslim — quite the contrary — I would not know the first thing about jihadist websites.

          You are an imbecile.

          • Maybe this is part of the problem: Learning about a thing does not equate to condoning or agreeing with it.

  19. Technically if the exploit has already been patched, is it really a zero day exploit?

    I suppose it depends on when this flaw was being exploited. If it was after July 25th then it’s not a zero-day exploit, if it was before July 25th then it was a zero day exploit. (ESR 17.0.7 was released on 7/25)

  20. The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

    From techdirt.com 08/05/2013

    —-
    DEA Not Only Gets Intelligence Data, But Then Is Instructed To Cover Up Where It Gets The Info
    from the wow dept
    —–

    Okay, so we were just talking about other government agencies wanting data from the NSA. The NY Times story claimed that the NSA was regularly turning down such requests. Except… this morning Reuters broke the news that the NSA, along with the CIA, FBI, IRS and Homeland Security, are actually funneling data to the Drug Enforcement Agency (DEA) and (even worse) the DEA is then instructed to lie about where it gets the evidence.

    The undated documents show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant’s Constitutional right to a fair trial. If defendants don’t know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence – information that could reveal entrapment, mistakes or biased witnesses.

    “I have never heard of anything like this at all,” said Nancy Gertner, a Harvard Law School professor who served as a federal judge from 1994 to 2011. Gertner and other legal experts said the program sounds more troubling than recent disclosures that the National Security Agency has been collecting domestic phone records. The NSA effort is geared toward stopping terrorists; the DEA program targets common criminals, primarily drug dealers.

    “It is one thing to create special rules for national security,” Gertner said. “Ordinary crime is entirely different. It sounds like they are phonying up investigations.”

    As the article notes, the DEA doesn’t just hide the actual details from those they’re prosecuting, but even from judges and US attorneys in the Justice Department. Basically, it looks like the NSA is illegally giving the DEA info, and then the DEA is figuring out ways to pretend it got that info from legal sources. That goes way, way, way beyond what is supposed to be happening.

    “Remember that the utilization of SOD cannot be revealed or discussed in any investigative function,” a document presented to agents reads. The document specifically directs agents to omit the SOD’s involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use “normal investigative techniques to recreate the information provided by SOD.”

    And this isn’t just for extreme cases either. Reuters says that two separate senior DEA officials said that this technique “is used almost daily.” As the Reuters report explains, the info from the NSA might, for example, highlight a particular vehicle that may be involved in a drug effort (remember, the NSA isn’t supposed to collect or look at info on things happening in the US), and then DEA officials will be told something like “look for this vehicle in this place.” The DEA will then ask “state police to find an excuse to stop that vehicle,” leading to a search. Then they later claim that the arrest and finding drugs came because of a “routine traffic stop” rather than NSA surveillance dragnet efforts.

    There’s a lot more in the article, including a variety of DEA officials insisting that there’s nothing wrong with this sort of thing… balanced out by a variety of defense attorneys pointing out that it’s unconstitutional to hide where information for an investigation came from. It is a fundamental aspect of basic due process that those accused of crimes get the details of the evidence and the investigation that lead to their arrests. That the DEA appears to be actively covering up this information, and that it’s been standard operating procedure for decades, is immensely troubling

    • Freedom of the Press

      Funny, when n informant gives information to the press, some people seem to think that’s holy, as if given to a priest. But give that information to the NSA and they want him outed. If outing a source to the press is bad, how is it that outing an NSA source is not bad? If outing a press source has a chilling affect on the freedom of the press, how is it that outing an NSA source doesn’t have a bad effect on the ability to prosecute criminals? As usual, selective enforcement, in the direction of what we favor.

      I read a lot of crap above about privacy and freedom. Most of it boils down to, “What I want is the way it should be and what I don’t want is wrong.” US society is (theoretically) a collection of people who have agreed to live together by a common code, one that discriminates against no one and treats everyone equally. When you say your “privacy” is more important than some 10 year old getting exploited to produce porn, you are patently an idiot who needs to be sold to a porn producer in southeast Asia so you’ll understand the problem. Likewise if you are a thief, you want to US Constitution to be handcuffs so you can continue to steal without getting caught.

      We have this same problem with terrorists, who are known for hiding behind innocent people like the despicable cowards they are. It’s too bad the US government didn’t have the brains at the beginning of the war on terror to produce an ad campaign.

      “This is a terrorist. He kills innocent people because he can’t deal with the concept that people are entitled to opinions other than his or to a life he doesn’t agree with. Terrorists are cowards, so they hide behind innocent people in hopes this will prevent him from receiving what he is trying to give to others. If you willingly shelter a terrorist, you are complicit in his crimes and deserve to suffer with him. If a terrorist stands near you, RUN AWAY, because if we get him in our gunsights, we will shoot. We don’t want to kill you to get the terrorist, but we aren’t going to let him get away with murder just because you are standing in font of him.”

      So, if your privacy is important enough to you to stand in front of pornographers and thieves, by all means go ahead. If using Freedom Hosting is too important to your legitimate business to not worry about being associated with the Silk Road, go for it! But you have no right to blame people who are hunting for criminals if you are too stupid or self-important and hypocritical to get out of the way.

      Go NSA Go!

      • The biggest problem here is that there still is no reasonably static definition of what a terrorist is, so they can change the word to fit just about any person that disagrees with their viewpoint as long as they can slant things (and they usually can).

        • I think alot of malicious hackers could be considered terrorists.

          • “The calculated use of unlawful violence or threat of unlawful violence to inculcate fear; intended to coerce or to intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological.”

            the word violence means they are not going to go after most malicious hackers, the FBI would but not NSA or Homeland Security. Unless you were working for terrorists or involved in a conspiracy.

            but the hacker that swatted brian can definitely be considered a terrorist.

          • Diane Trefethen

            @CooloutAC
            “but the hacker that swatted brian can definitely be considered a terrorist.”
            This is exactly what voksalna was refering to when he said, “The biggest problem here is that there still is no reasonably static definition of what a terrorist is…” The word terrorist should never be used as a label for plain vanilla crime, even horrendous, violent crime. Terrorism is defined far more by its objective than its methods. If I blow up a high school because I am convinced that all the teachers are agents of the Devil and the students disciples unto Him, then my act is not “terrorism.” Crazy? Yes. Criminal? Yes. Horrific? Yes. But not terrorist. I have no intent to coerce/manipulate/TERRIFY others into doing something I want them to do.

            • “The calculated use of unlawful violence or threat of unlawful violence to inculcate fear; intended to coerce or to intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological.”

              what about this statement confuses you?

              plain vanilla crimes? you think swatting brians home is a plain vanilla crime?>HAHAH and what “objective” are you talking about?

              • The biggest and easiest response I can make here is to say that by your definition rape is terrorism. It is an act of brutal violence, but acts of brutal violence are not terrorist acts in and of themselves. Neither would it be terrorism if the rapist then said it was for God, or skinned the victim alive and offered it as sacrifice to Allah (I have no idea why any crazy or sane person would do this but I am making my point). It wouldn’t even be terrorism if the rapist did it to a group of women. He may ‘terrify’ them, but terrifying does not equate to terrorism. Your dictionary definition itself is imperfect and incomplete. Terrorism implies not only ideology or manipulation (‘if you do not have sex with me I will kill you’ may be a particularly terrible act of criminal violence, but it still is not terrorism).

                You may be best looking at terrorism as a function of scale, ideology, and shared belief system.

                • when women are afraid to walk the street in that neighborhood it sure is terrorism. Terrorism against females. Which happens in many muslim countries…cough.

                  I used the DoD definition, not websters buddy. But each department has their own specific definition. its a broad general term. Its just another word like criminal man, but one more regarding conspiracy to commit violence or fear. http://www.azdema.gov/museum/famousbattles/pdf/Terrorism%20Definitions%20072809.pdf

                  For example the united nations definitions is specifically against country states. Obviously the cia or homeland security are concerned, and NSA, with more foreign matters. Fbi is obviously domestic in their definition.

                  The FBI might be called in to handle that rape case if they think its a bigger conspiracy. otherwise local police will probably handle it? And no matter what we define a violent criminal like that, Even if he is not a “terrorist” is it safe to call him a violent criminal, and is it ok if they hunt him down online? Are you telling me thees shouldn’t be allowed to read his emails if hes a suspect? Just like they would get a warrant to search somebodies home?

                  I don’t understand why you and Diane are defending rapists and psychos who want to blow up schoolchildren. Its really creeping me out what the motives for that are. What are you trying to say here? They shouldn’t put an “apb” out on the guy in cyber space? lol I think some people do not realize online is the same thing as “real life” and it should be respected just like a public street. There is absolutely no difference!

                  Or are you worried about who my country is going to assassinate? is that it? well then I would assume it depends on the impending situation and scale of the threat or subjects and I believe it has to be imperative to national security.

                  • I am sorry, I would rather listen to Maoist lectures or cut the nails of my toes than reply to any more of your strange, illogical comments. You should apply to your MPAA, I hear they are hiring professional ‘trolls’ now. Or maybe your government would find you useful infiltrating Anonymous. I suspect you could find a home there.

                    • whats strange is you too defending rapists and people blowing up schools, as people who should not be hunted down online, Because we can’t call them the word terrorist.

                      You creep me the hell out.

                    • @CooloutAC: What is strange is you seem to believe the only way to warrant someone being prosecuted is you to label them as ‘terrorist’.

        • Freedom of the Press

          Webster’s Online defines terrorist as, “A radical who employs terror as a political weapon; usually organizes with other terrorists in small cells; often uses religion as a cover for terrorist activities.”

          That didn’t seem hard to define and it’s static enough. But the point remains that terrorists are convinced that they have the right to employ terrorism to achieve their ends. Criminals have the same self-centered view and would like the US Constitution to be a set of handcuffs to keep the US Government from doing something about them.

          So I trust the government? NO! Do I trust the RBN or child pornographers? Not even that much. You see, criminals have already harmed me more than the government, so when it comes to choices, I’ll choose the NSA over the anarchist criminal paradise that most of the outraged people on this site seem to prefer. In fact, I enjoy reading their outrage. The more trouble it is for them to steal, the louder they squeal, like the pigs they are. (And if you are outraged, but not a thief, be sure and check back with us after you are the victim of a crime. I’ll be interested in seeing if your opinion changes. There’s an old saying that a Republican is a Democrat who got mugged.)

          So until I can personally break the fingers of the scumbag who stole my identity, I’ll support the government going after them. Once we have locked away and/or killed the terrorists, criminals, their child porn buddies, I’ll support reining in the NSA, but of course by then, there won’t have a need.

          • If given the choice between being f*ed by your government and f*ed by a criminal — and having experienced both, mind you — the ‘reasonable man’ would choose to continue to walk around and have the ability to repair his life. I’d choose getting f*ed over by a criminal any day rather than have my entire life ruined due to a suspicion or fingerpointing — for example being even accused of CP. Have you read the DEA story that came out today — this *is* what they do?

            Or the stories about the SWAT teams busting in and even killing people playing friendly card games in your country?

            So yes, I’d choose mugging. And I have had some bad experiences with ‘good’ people (“the government”) and ‘bad’ people (“criminals”) as well as the occasional good experience with either — sometimes integrity is not always where you wish to find it — so I do not need to be theoretical. I suspect you do.

            • The problem here is, you don’t realize 9 times out of 10 , people are getting “fkd” by criminals and not their Gov’t. So your going to have a hard time convincing more then 60% of the American Public otherwise….

          • I dare you to even try to prove to me — that is, provide me with *any* hard evidence whatsoever — that they have not been playing “fast and loose” with definitions for a very very long time.

            I am pretty sure I win immediately if I mention Clapper lying through his balls and then trying to say it had to do with ‘interpretation’. And that was only one example. It gets far worse when real people with real lives are involved so you get to see how it personally affects them in real life, not just in theory and hypothetical. Countries have repeatedly gone to war and invaded countries over definitions — and your country especially. And while I would agree that the bombing in Boston was tragic, you cannot seriously tell me that a pressure cooker bomb now constitutes a ‘weapon of mass destruction’. Because that is what your own government’s saying now. And then there are the cases where activists are coerced into going along with doing things they would not do by undercover agents. And ‘terrorists’ who could never have pulled off any of their schemes without a whole lot of material and emotional support, which the government happily provided. These are the same sorts of people that a few decades ago would have joined a cult. People do things for all sorts of reasons. A lot of people are lonely and just want to please someone who they think want to be their friend. And a lot of *real* terrorists are created by foreign countries invading them and killing all of their friends and loved ones.

            So terrorism is a pretty weighty word, and terrorist — I think it’s quite possible that your own government may qualify as a terrorist organization according to some definitions.

            Note that I’m not saying you are. But I’m saying words can be, and all too often are, twisted by people on every side of whatever fence to get what they want.

            In the meanwhile, your own government probably performed the first and only well-known acts of cyberterrorism — according to your own country’s legal definitions. But they had “good reasons” so it’s OK.

            • Freedom of the Press?

              Well, we have managed to find something we agree on, “I’m saying words can be, and all too often are, twisted by people on every side of whatever fence to get what they want.”

              Criminals will use every trick in the book to try to USE the law, the constitution, Sharia, privacy, freedom, buzz-words, WHATEVER in order to keep doing what they have been doing.

              Let’s see if we can agree on this: We find a way to keep criminals off our systems, out of our banks and wallets, and not exploiting children for porn, and anything else that most people can agree on and I’ll back any definition of privacy you choose.

              You see, everyone has a key issue, and the key for me is to not have to spend hours trying to protect my computer, my bank account, and my children from predators. I’m not opposed to privacy. I’m a strong advocate for privacy. I’m a stronger advocate for predator control.

              Until someone suggests a workable means of predator control, I’ll support the NSA. Workable doesn’t mean I’m happy that the criminal didn’t screw me as bad as the govt could. Workable means almost no chance that the predator can screw me so I can go back to criticizing my government for waste, fraud, and abuse.

              • But the NSA program does not even *work* for what you are talking about, nor is that really its end goal (regardless of what they are trying to “spoon feed to you”). What, you think they will just say ‘oh we have wasted billions upon billions of your taxpayer dollars, our mistake’ when they get the dual benefit of surveillance and appearing to do something (not to mention providing a supreme cover for what they wind up also getting out of it)?

                Start with ‘why the need to lie?’

                • Enlighten us and tell us what the real goal is then, if its not to police the internet? What is this big lie a cover for? ….

                  I call this human evolution, you had to know it was inevitable eventually they were going to police the internet. The reality is ‘cyber space” is no diff then real life man, and its about time it gets civilized for the sake of alot of industries…

                  If you want your “privacy” for w/e reasons…then build your own network for you and your friends.

            • Prove to me anybody’s life has wrongfully been ruined by Prism? Similar programs have been going on since the patriot act for the past 12 years!!!! Where were you then? what if this what if that this could happen that could happen……you got no evidence of anything cause nothing like that has ever happened. The question is what are you worried about happening to you?

              If we really want to dig deep, its been going on since the beginning of time man. Now its just more efficient and easier and more widespread spies on people. But dont’ act like its just starting now because a traitor wanted to be famous and go visit his malicious hacker friends in China and Russia, like we needed any proof.

              And since your so hung up on definitions, maybe we shouldn’t call people criminals? Is that too broad a term? Lets just call everyone bad people…lol

              BUT The diff is….Terrorizing someone IS terrorism dude….contrary to what you want to convince yourself.

              • Diane Trefethen

                @CooloutAC
                If you want to say “Terrorizing someone IS terrorism” in your own little circle, there is nothing wrong with that. However, if a government develops a whole new set of code that specifies punishments for “acts of terrorism,” punishments that include life in prison and the death sentence and then that government redefines various felonies as acts of terrorism just because they terrorize someone, there is indeed something wrong with that. If an act perpetrated in 1975 would get you 15-20 but in 2013 it carries the death sentence, any reasonable person has to ask, “What changed? Were we wrong to classify that action as a mere 15-20 years in jail kind of thing back then or are we wrong to classify it as deserving the death sentence today?”

                • committing a crime is called a “criminal” act.

                  And yes they also have a whole set of defined laws depending on the type of crime. Just like the definition of terrorist is different depending on what department of Gov’t it is.

                • @ Dianne, WoW that is also some serious serious fear mongering to imply people would be put to death for something like domestic violence.

                  The police kill people all the time Diane, diff situations for diff actions.

                  First of all assassinating a US citizen, which I assume is what your referring to, is by executive order only. Its also my understanding that its only when its imperative to national security. Now the head of some Russian hacker ring thats not even a citizen, thats a different story altogether. I don’t think they even need an executive order to go into your country and smother you in your bedroom.

    • NSA only gives information to homeland security and FBI, The fbi might give info to the dea. and if they have to cover it up then it can’t be used against you in a court of law.

      • If you really believe this then you have not been paying attention. “Parallel construction” has been going on for a very long time. It’s actually something that intelligence agencies use quite a lot to cover for their spies, as well, not just to gain evidence to charge people via what I believe you would call “serendipity” in English.

        • I really don’t think NSA is talking directly to the DEA. I’m not saying their info is not getting there. But it probably goes through the FBI first….

          • http://www.thomhartmann.com/bigpicture/dea-preventing-right-fair-trial

            according to this news article i’m wrong. But i really have a hard time believing the NSA cares…or has time to care, who is smoking weed and then forwarding that info directly to some special DEA division that deals with Mexico and South America. Doesn’t even make sense to me. Man i’ve lost faith in all new media.

            • and I guess you’d also have to believe that the NSA for some reason, is monitoring some drug dealers phone calls in real time.

              I can see the DEA doing that….but to try and connect that to the NSA? Doubtful. Its like reporters will say anything nowadays.

              • I wanted to edit my post to say, that I guess NSA is monitoring for potential terrorists coming from Mexico that want to harm US citizens. If they are drugdealers that are going to poison the weed i’m all for it. But i doubt they are targeting drug dealers, but I guess in mexico the guy that sells guns and child sex slaves and wants to kill Americans, Might also be the same guy that ships weed too…lol

      • Diane Trefethen

        @CooloutAC
        “NSA only gives information to homeland security and FBI, The fbi might give info to the dea.”

        I respond to you because if you’re a troll, you are a very cogent one. Your statement betrays either ignorance (NSA shares a great deal with our allies in exchange for both their info and the right to spy on their citizens without interference) or you are not a troll but rather a shill for the US gov. Note, according to Snowden via Hopkins & Borger, Guardian, UK, “The US government has paid at least £100m to the UK spy agency GCHQ over the last three years to secure access to and influence over Britain’s intelligence gathering programmes.”

        “and if they have to cover it up then it can’t be used against you in a court of law.”
        Ah surely ignorance is bliss. Do you REALLY think the DEA just says,”Hey, Judge! Our investigation began because the NSA gave us copies of emails and recordings of phone calls for these guys we are prosecuting here today!” ? To echo The Utah Data Center/N.S.A./ Area 51/Room 641A/Xkeyscore, here is the link to the original Reuters article:
        http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805
        Two excerpts: “Documents show that federal agents are trained to ‘recreate’ the investigative trail to effectively cover up where the information originated…” ” ‘Remember that the utilization of SOD [Special Operations Division] cannot be revealed or discussed in any investigative function,’ a document presented to agents reads. The document specifically directs agents to omit the SOD’s involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use ‘normal investigative techniques to recreate the information provided by SOD.’ “

        • You keep calling me ignorant but you just agreed with everything I said and have said on this blog. I wonder who is the one trolling here.

          So you agree that wouldn’t be able to be used in a court of law. Good for you. Because if they can’t even tell the judge about it, it certainly can’t be used as evidence or probable cause.

          and yes I’m the one on this blog always talking about not only the UK but Sweden as well being networked with Prism. The titan traffic database and the internet modernisation programs. We already know this Diane, Snowden exposed nothing……these two programs were exposed in the UK in 2008…..

          And I have to say your the ignorant one if you think there is a new law in my country that gives cops the authority to search your car without permission. I can tell you from recent firsthand experience that you don’t know what your talking about.

          • and the FBI is not the NSA…..so stop confusing the two.

            • “recreate the information from sod”

              good luck with that. they better hope they are not up against any smart lawyers. Its why so many of these malicious hackers get off so easily. It can be overly technical sometimes….

        • Diane Trefethen

          @CooloutAC
          I withdrawn my calling you cogent since you seem to think that my quoting you is the same as agreeing with you.

  21. The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

    Brian Krebs needs to start investigating the criminals at the N.S.A.

    Update: Researchers say Tor-targeted malware phoned home to NSA
    JavaScript attack had a hard-coded IP address that traced back to NSA address block.

    http://arstechnica.com/tech-policy/2013/08/researchers-say-tor-targeted-malware-phoned-home-to-nsa/

  22. “Users running the most recent TBB have all the fixes that were applied to Firefox ESR 17.0.7 and were also not at risk from this attack.”

    So it looks like Tails 0.19 users were safe seeing as it uses Iceweasel 17.0.7 (which is an “unbranded version of the Mozilla Firefox web browser.”)

  23. I give up. This is one way to prevent me from posting anymore today. 🙂

    • Geraldo Rivera

      Try deleting the internet session cookie

      • I do technology for a living, so I had already tried that. He has had problems on his blog before this. It had nothing to do with my cookies. I don’t even save cookies so when I reloaded my browser to make sure it wasn’t me and got the same problem more than once, and nobody else was nesting, it was elementary.

        Posted only because CooloutAC thought it was the reason, and f that. 🙂

        • i laughed because i knew it was not the reason…and thought it funny it was only a problem for you of all people. pretty ironic.

  24. Sophos may be related to sophos.com, a pretty reputable security website. They track quite a few security issues.

    Verizion has ties back to the FBI. Enough said about that. Just look at some of the reports they put out.

    As far as child porn, I commend them for tearing down anything regarding this subject. Thats simply just wrong.

    I’ve been in the security profession for a long time, and when it comes to child porn, even a hint at it, we dial 1800-call-the-feds !
    Its something that is taken very seriously, and if viewed, even in what appears to be an investigation, can backfire on those doing forensics. Its best to notify the Feds upon finding any instance or viewing of the material. Then yank out the drive and burn it.

    IF this guy is guilty, he probably will be serving a very long jail sentence. Inmates don’t like these type of people. IF he is in a prison, his life will probably be day-to-day for him.

    I haven’t had to deal with this sort of garbage for many many years. But from what I can say, there was an ISP geographically located south of the USA that housed all sorts of vile porn that wanted “exposure” and business – if you want to call it that. IMHO they needed to drop a bunker buster on that location, and it might have cleaned up the filth for at least a little bit.

  25. The Utah Data Center/N.S.A./ Area 51/Room 641A/XKeyscore

    ESET Blog: Identity-exposing malware on Tor “could be work of FBI”

    Posted: 05 Aug 2013 09:21 AM PDT

    The “smoking gun”, one researcher suggests, is that the malware – which infects users via Firefox, distributed as part of the Tor Browser Bundle – does not install a “backdoor” in users’ PCs. Intead, it sends their IP address and MAC address (which can be used to identify PC users) to an address in America.

    “It just sends identifying information to some IP in Reston, Virginia,” Tsyrklevich said in a report in Wired’s Threat Level blog. “It’s pretty clear that it’s FBI or it’s some other law enforcement agency that’s U.S.-based.”

    http://feedproxy.google.com/~r/eset/blog/~3/GhBB2d_H6zs/?utm_source=feedburner&utm_medium=email

    http://www.wired.com/threatlevel/2013/08/freedom-hosting/

  26. what is going on Brain .I opened this page and all of the fields have been filled in already .NAME .Email even a website .i Didnt do anything .Is this some kind of a autofill or something ?? whats going on Brian ???

  27. Diane Trefethen

    To All:

    Since Brian’s version of WordPress does not include the handle of the person being replied to, it would be helpful if when you reply to someone else’s statement, you either include the quotation with which you have an issue or at least use @nameofposter to identify to whom and what you are responding.

  28. Diane Trefethen

    @voksalna
    If you are interested in trading eddresses, here is a throwaway one you can use for initial contact:
    dt-vok[at]wakerobinranch[dot]com
    Also, if Chris or Vee or Pseudoynmous Cowherd are similarly inclined, I can facilitate your reaching each other.

    • @Diane Trefethen: Yes, you were the other person I was addressing. Thanks. I will send you a message from a temporary box to your temporary box and from there we can go elsewhere.

  29. Diane Trefethen

    @Brian
    Vis-à-vis nesting comments (threading?), RSN uses Joomla instead of WordPress. Perhaps that software would work better. However, I have to admit, I’ve not seen such a firestorm of comments on your website in ages! It would seem that when it comes to SPYING as opposed to just criminal take-your-money stuff, your followers become incredibly motivated to post here 🙂

    • @Diana Trefethen: I think his problem is actually W3TotalCache, not WP. It could also be his hosting provider lending a hand (cacheing mismatches and incorrect timestamps for some of the nesting that didn’t post correctly).

  30. @CooloutAC: PS: Since you like dictionaries so much, look up the differences between ‘cooperating’ and ‘co-opting’.

    • Maybe we shouldn’t call people criminals, because its too broad of a term that we can use as a reason to arrest them….LMAO…..

      • @CooloutAC: Until someone is convicted as a criminal, no, you should not call them a criminal. Unless I have stepped into an alternate universe (and sometimes I believe I have), there is a presumption of innocence until conviction. Acts may be criminal, but until proof of act leads to conviction, only the act is criminal; labeling a person criminal before even trial is both ‘wrong’ and ‘slanderous’.

        • if you commit a crime your a crimnal. Just like if you commit an act of terrorism your also a criminal.

        • @v olksana So the criminal is not a criminal until proven a criminal but the act is criminal? You tripped all over yourself you criminal lmao.