Amidst concerns that pedophiles are using public Tor (the Onion Router) servers to trade in child pornography, �ber-hacker HD Moore is building a tracking system capable of pinpointing specific workstations that searched for and downloaded sexual images and videos of kids.
He is embedding a web bug in certain tor requests that implements a javascript based check for local IP address and a udp query to get an external IP. This raises some interesting questions: 1. People running anti-tor servers can undermine the anonymity provided by tor unless users are serious enough not to have their DNS going out in the clear, and serious enough to have browser extensions disabled. None of these ideas are new. 2. This seems to suggest the idea that someone would go to the trouble of running a tor server because they want to protect anonymity but decide to run this because they are uncomfortable with some of the uses of that anonymity. 3. In this case the anonymity they are providing is undermined based on a keyword match which is unreliable at best. 4. H.D. Moore is pro full disclosure of exploit code but against anonymous web browsing? 5. Why go to a lot of trouble undermining your anonymity system in order to target people downloading child porn through your proxy when you can use the same filter script to identify the server if you are running an exit node? Servers are worse than users, targetting them doesn't undermine the purpose of the service you are running, and you don't need any javascript tricks to target them. Bottom line: The goal here is to educate tor users, not to track them. Hacker builds tracking system to nab Tor pedophiles | Zero Day | ZDNet.com |