Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

University’s Tor Hacking Research Funded by DoD

In response to a motion filed by the defense in the case of an alleged Silk Road 2.0 administrator, a judge has confirmed that US authorities funded Carnegie Mellon University to conduct research on the Tor anonymity network.

In response to a motion filed by the defense in the case of an alleged Silk Road 2.0 administrator, a judge has confirmed that US authorities funded Carnegie Mellon University to conduct research on the Tor anonymity network.

In November 2015, the Tor Project accused the FBI of paying Carnegie Mellon University at least $1 million to deanonymize Tor users suspected of conducting criminal activities. It turns out that the research conducted by the university was actually funded by the United States Department of Defense (DoD) and the FBI obtained the information on alleged criminals after serving a subpoena to Carnegie Mellon’s Software Engineering Institute (SEI).

When the news broke in November, court documents showed that an academic institution had helped the FBI identify criminals that had been using Tor to hide their activities. One of the suspects was Brian Richard Farrell from Seattle, who has been charged with conspiracy to distribute cocaine, heroin and methamphetamine through his role as an administrator of the underground drug bazaar Silk Road 2.0.

Authorities said they identified Farrell and other suspects based on IP addresses obtained by a university-based research institute that operated its own computers on the Tor network. Farrell’s defense filed a motion asking the prosecution to provide additional information on the relationship between this research institute and the government, and the methods used to identify the defendant on what was supposedly an anonymous website.

A federal judge denied the motion this week, arguing that since the suspect was identified based only on his IP address, the search of the Tor network had not violated any of his Fourth Amendment rights. The judge pointed out that Tor users should not expect their IP address to remain private considering that the Tor network has vulnerabilities and that users connect with their real IPs to the Tor nodes that should help them remain anonymous.

One important aspect revealed by the judge is that the FBI wasn’t funding the SEI research. Instead, it was funded by the DoD, and the FBI obtained the IPs of crime suspects based on a subpoena.

This is in line with a statement released by Carnegie Mellon University in November in response to accusations that it was paid by the FBI. The law enforcement agency also denied paying the university at the time.

Researchers unmask Tor users

Advertisement. Scroll to continue reading.

Tor helps users maintain their anonymity online by routing their traffic through a series of relays operated by individuals and organizations across the world. In January 2014, more than 100 devices joined Tor as relays and attempted to deanonymize users who operated and accessed hidden services.

The attack relays were identified by the Tor Project in July 2014 and removed from the network. The Tor Project concluded that these attacks were likely conducted by a group of Carnegie Mellon University researchers who had planned to disclose their findings at the Black Hat USA conference in August 2014.

The results of the research were never made public because the Black Hat talk was canceled due to the fact that the university had not approved the content of the presentation for public release.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights