Skip to main content

FBI battling child pornographers with darknet honeypots and Tor malware

fbi warning internet connected toys 50106167  flag of painted on brick wall
If there’s one thing about which virtually everyone can agree, it’s that child pornography is abhorrent and by far one of the worst things about the so-called “darknet.” From the FBI to the hacktivist group Anonymous, numerous efforts are constantly underway to unearth sites that enable the sharing of child pornography, and those efforts are generally universally applauded.

For the FBI’s part, its efforts are incredibly aggressive, ranging from exploiting the Tor anonymous routing system that enables the darknet, to operating or enabling certain child pornography sites in order to set up honeypots to grab identifying user data. Some information has been uncovered recently that hints at the FBI operating as many as half of all of the known child pornography sites on the darknet, according to Ars Technica.

The information comes from documents that the American Civil Liberties Union was able to obtain from the FBI, and it at least implies that the FBI received authorization to run 23 sites in addition to the one site that it is known to have at least temporarily assumed control over.

A key passage contained in one of the released documents reads, “In the normal course of the operation of a web site, a user sends ‘request data’ to the website in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user’s actions on Websites 1-23 will be collected. That data collection is not a function of the NIT (network investigative techniques). Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user’s actions on Websites 1-23.”

Cybercrime lawyer Fred Jennings interpreted this statement to not quite acknowledge that the FBI is running the sites, but to at least hint that the agency is closely involved with them. He said, “That paragraph alone doesn’t quite say the FBI is operating them. But definitely no other way to read that than websites 1-23 were hosted at a government facility, with the FBI’s knowledge and to the FBI’s informational benefit. It’s clever phrasing on their part.”

In addition, these “network investigative techniques” were used to disseminate what can be termed malware that enables the bypassing of Tor protections in order to grab a user’s IP address, operating system, MAC address, and other potential identifying information. The use of NIT resulted in the arrest of almost 200 child pornography suspects in an operation dubbed “Playpen,” with almost 1,000 users identified, suggesting that more arrests may be on the way.

There are some strong protections that govern the authorization of these sorts of tactics. Rule 41, a part of federal jurisprudence rules, says that only a senior federal district judge can issue warrants for out-of-district actions, and that rule was used in Playpen. It’s not clear, though, if the rule was used correctly, because a number of Playpen cases have been jeopardized due to improper searches, according to rulings by federal judges in Iowa, Massachusetts, and Oklahoma.

The FBI is being cagey in response to direct questions about whether the agency is actually running “half of all child porn sites on the Tor-hidden Web,” and FBI spokesman Christopher Allen stated via email, “I would refer you to public documents on the Playpen investigation, in which we seized and operated a darkweb child pornography site for a period of less than two weeks. That was an extraordinary investigation, and to my knowledge may be the only time that has occurred. So to suggest this is a common thing is patently not true.”

Given the heinous nature of child pornography and its potential for causing significant harm to children, it’s unlikely that many people will fight these efforts by the FBI to round up perpetrators. Whether or not the FBI is actually running child porn sites on the darknet, merely enabling them, or just piggybacking via NIT to catch people sharing child pornography is now an open question, and one that will likely take some careful research to answer.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
I put the RTX 4060 Ti up against the RX 6700 XT — and there’s a surprising winner
RX 6700 XT graphics card installed in computer.

You generally expect that a new generation of graphics cards will outperform the previous generation, but we're in a precarious spot this time around. Nvidia's recent RTX 4060 Ti hasn't been met with a warm reception, and cheaper last-gen options like the RX 6700 XT have looked increasingly attractive as their prices come down.

I threw both cards on my test bench to see which is the better one to buy, and there's a clear winner. There are some important considerations to keep in mind before picking up either GPU, though.
Where's the value?

Read more
These ingenious ideas could help make AI a little less evil
profile of head on computer chip artificial intelligence

Right now, there’s plenty of hand-wringing over the damage artificial intelligence (AI) can do. To offset that, Firefox maker Mozilla set out to encourage more accountable use of AI with its Responsible AI Challenge, and the recently announced winners of the contest show that the AI-infused future doesn’t have to be all doom and gloom.

The first prize of $50,000 went to Sanative AI, which “provides anti-AI watermarks to protect images and artwork from being used as training data” for the kind of large-language models that power AI tools like ChatGPT. There has been much consternation from photographers and artists over their work being used to train AI without permission, something Sanative AI could help to remedy.

Read more
Off to college? Acer just slashed the price of this Chromebook to $200
The Acer Chromebook 314 at a side angle.

Chromebook deals are a special bunch of great value options a lot of the time. We've spotted a particularly great one over at Acer. Right now, you can buy the Acer Chromebook 314 for $200 saving you $100 off the regular price of $300. Even better, if you use the code GRADS10 at checkout, you save an extra 10% so the Chromebook cost just $180. If previous laptop deals have been too pricey for you, this could be the one you've been waiting for. It has all the essentials you need from a Chromebook and even sports a full HD screen. Here's what else you need to know about it.

Why you should buy the Acer Chromebook 314
Acer is one of the best laptop brands for affordable computing, thanks to it knowing how to get the most from a tight budget. The Acer Chromebook 314 has all you could need in this price range. It offers an Intel Celeron N4020 processor along with 4GB of memory and 64GB of eMMC storage. If this system were running Windows 11, it'd be very sluggish but when running Chrome OS, it performs well.

Read more