One of those things I’ve been meaning to cover — the FBI managed to get a complete copy of TorMail’s data. Presumably using a Mutual Legal Assistance Treaty to vacuum it out of the server in-situ at OVH. (We don’t know for sure it was OVH, but lots of things fit, and OVH is a very popular place for VPSes and the like.)
On one hand I’m tempted to regard any service like TorMail as a honeypot — many observers have said anything labeled “privacy” should be considered a honeypot — but it’s hard to say.
More realistic perhaps is anywhere lots of people with law enforcement interested in them decide to cluster, law enforcement compromise is likely to follow.
Wait, sorry, we live in an age of mass surveillance. Make that, anywhere lots of people decide to cluster, law enforcement/intelligence agency compromise is likely to follow…
Depressing, ain’t it?
Well, cheer up, it’s not new, this kind of stuff has been going on for ages. As far back as World War I, spies-in-training were warned, “never use the telephone!” — even back then, intelligence agencies engaged in mass surveillance. By WWII the Nazis and everyone else had it down to a science.
No computers, either. They just brought in thousands of people to man the headphones.
Consciousness as a state of matter: MIT physicist Max Tegmark — who long stood firmly in the camp “quantum mind effects are not possible” —
is now of the opinion that consciousness is a state of matter. He nevertheless still comes to the conclusion that “his mathematical formulation of consciousness is missing a vital ingredient.” https://medium.com/the-physics-arxiv-blog/5e7ed624986d
The British are looking for the right to revoke citizenship of those they don’t like. John le Carre used this as a plot device in his novel “The Mission Song” — maybe this practice has been unofficially done for a while.
JYA praises Snowden for once. Rare enough to be worth reporting! Tweet since deleted, so I’ll quote it in full:
“Spies and overseers are incoherent about Snowden’s inconceivable breach. Rote dumbfound at senate hearings, berzerk blame and praise. Tx Ed.” https://twitter.com/Cryptomeorg/status/428997201872711680
“While investigating a hosting company known for sheltering child porn last year the FBI incidentally seized the entire e-mail database of a popular anonymous webmail service called TorMail.
Now the FBI is tapping that vast trove of e-mail in unrelated investigations.[..]
According to the new document, the FBI obtained the data belonging to Freedom Hosting’s customers through a Mutual Legal Assistance request to France – where the company leased its servers – between July 22, 2013 and August 2 of last year.
That’s two days before all the sites hosted by Freedom Hosting , including TorMail, began serving an error message with hidden code embedded in the page, on August 4.
Security researchers dissected the code and found it exploited a security hole in Firefox to de-anonymize users with slightly outdated versions of Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. Though the FBI hasn’t commented (and declined to speak for this story), the malware’s behavior was consistent with the FBI’s spyware deployments, now known as a “Network Investigative Technique.”
No mass deployment of the FBI’s malware had ever before been spotted in the wild.
The attack through TorMail alarmed many in the Darknet, including the underground’s most notorious figure — Dread Pirate Roberts, the operator of the Silk Road drug forum, who took the unusual step of posting a warning on the Silk Road homepage. An analysis he wrote on the associated forum now seems prescient.
“I know that MANY people, vendors included, used TorMail,” he wrote. “You must think back through your TorMail usage and assume everything you wrote there and didn’t encrypt can be read by law enforcement at this point and take action accordingly. I personally did not use the service for anything important, and hopefully neither did any of you.” Two months later the FBI arrested San Francisco man Ross William Ulbricht as the alleged Silk Road operator.[…]
The French company also hasn’t been identified. But France’s largest hosting company, OVH, announced on July 29, in the middle of the FBI’s then-secret Freedom Hosting seizure, that it would no longer allow Tor software on its servers. A spokesman for the company says he can’t comment on specific cases, and declined to say whether Freedom Hosting was a customer.”