FBI battling child pornographers with darknet honeypots and Tor malware

fbi warning internet connected toys 50106167  flag of painted on brick wall
Budastock/123RF
If there’s one thing about which virtually everyone can agree, it’s that child pornography is abhorrent and by far one of the worst things about the so-called “darknet.” From the FBI to the hacktivist group Anonymous, numerous efforts are constantly underway to unearth sites that enable the sharing of child pornography, and those efforts are generally universally applauded.

For the FBI’s part, its efforts are incredibly aggressive, ranging from exploiting the Tor anonymous routing system that enables the darknet, to operating or enabling certain child pornography sites in order to set up honeypots to grab identifying user data. Some information has been uncovered recently that hints at the FBI operating as many as half of all of the known child pornography sites on the darknet, according to Ars Technica.

The information comes from documents that the American Civil Liberties Union was able to obtain from the FBI, and it at least implies that the FBI received authorization to run 23 sites in addition to the one site that it is known to have at least temporarily assumed control over.

A key passage contained in one of the released documents reads, “In the normal course of the operation of a web site, a user sends ‘request data’ to the website in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user’s actions on Websites 1-23 will be collected. That data collection is not a function of the NIT (network investigative techniques). Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user’s actions on Websites 1-23.”

Cybercrime lawyer Fred Jennings interpreted this statement to not quite acknowledge that the FBI is running the sites, but to at least hint that the agency is closely involved with them. He said, “That paragraph alone doesn’t quite say the FBI is operating them. But definitely no other way to read that than websites 1-23 were hosted at a government facility, with the FBI’s knowledge and to the FBI’s informational benefit. It’s clever phrasing on their part.”

In addition, these “network investigative techniques” were used to disseminate what can be termed malware that enables the bypassing of Tor protections in order to grab a user’s IP address, operating system, MAC address, and other potential identifying information. The use of NIT resulted in the arrest of almost 200 child pornography suspects in an operation dubbed “Playpen,” with almost 1,000 users identified, suggesting that more arrests may be on the way.

There are some strong protections that govern the authorization of these sorts of tactics. Rule 41, a part of federal jurisprudence rules, says that only a senior federal district judge can issue warrants for out-of-district actions, and that rule was used in Playpen. It’s not clear, though, if the rule was used correctly, because a number of Playpen cases have been jeopardized due to improper searches, according to rulings by federal judges in Iowa, Massachusetts, and Oklahoma.

The FBI is being cagey in response to direct questions about whether the agency is actually running “half of all child porn sites on the Tor-hidden Web,” and FBI spokesman Christopher Allen stated via email, “I would refer you to public documents on the Playpen investigation, in which we seized and operated a darkweb child pornography site for a period of less than two weeks. That was an extraordinary investigation, and to my knowledge may be the only time that has occurred. So to suggest this is a common thing is patently not true.”

Given the heinous nature of child pornography and its potential for causing significant harm to children, it’s unlikely that many people will fight these efforts by the FBI to round up perpetrators. Whether or not the FBI is actually running child porn sites on the darknet, merely enabling them, or just piggybacking via NIT to catch people sharing child pornography is now an open question, and one that will likely take some careful research to answer.

Home Theater

Kanopy privacy breach reveals which movies members have been streaming

Free video streaming site, Kanopy, has been inadvertently publishing millions of lines of web log data for days, according to a new security report. A bad actor could guess a person's identity and see what they've been watching.
Computing

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.
Computing

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.
Computing

There’s more space on MySpace after ‘accidental’ wipe of 50 million songs

MySpace is no longer a safe refuge for music and media produced in the 2000s. It said that almost any artistic content uploaded to the site between 2003 and 2015 may have been lost as part of a server migration last year.
Computing

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Deals

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…
Computing

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 
Computing

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.
Computing

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code. 
Mobile

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.
Mobile

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.
Computing

Microsoft’s Clippy came back from the dead, but didn’t last very long

Before Cortana, Alexa, and Siri even existed, Microsoft Clippy dominated the screens of computers in the 1990s to help assist Microsoft Office users when writing letters. He recently made a bit of a comeback only to die off again.
Computing

Nvidia faces attacks from AMD, Intel, and even Google. Should it be worried?

Nvidia announced an expanded array of RTX server solutions designed to leverage the power of ray-tracing at GTC 2019. The effort will help Nvidia take on Google's Stadia in game streaming with GeForce Now, and the company's investments in…