FBI Allowed To Hack Anyone That Uses Online Anonymity Tools

2000px-US-FBI-ShadedSeal.svg (1)Last Thursday, the US Supreme Court approved a new rule that would make it easier for law enforcement agencies including the FBI to hack any computer, regardless of its location. This decision will take effect from December unless the Congress opts to bring up a competing legislation against the decision. The FBI will have the powers to search any computer (even those that are remotely located) that has online anonymity software installed in it. The new ruling also allows the FBI to hack into computers that have been hacked once or those infected by a botnet, which is a type of malware program that takes over many computers and infect them with viruses.

Beware Online Anonymity Seekers

Federal judges would now be able to issue search warrants that would allow law enforcement agents to search or seize any computer anywhere. The rule also incorporated a small paragraph that is related to computers using privacy software. According to approved change to Rule 41, a federal magistrate judge has the power to issue a search/seizure warrant for any computer anywhere in the world that uses online anonymity tools like VPN and Tor. The US Supreme Court has purportedly approved the rule change to combat the rising incidents of cyber-crime. Interestingly, this rule was approved just a day after advancement of a bill by the US House of Representatives that made it a prerequisite for the government to obtain a judge’s cause warrant before seizing stored data from company computers such as Dropbox, Facebook or Google.

John Roberts, Chief Justiceof the Supreme Court,submitted the rule change to Congress as part of the annual collection of amendments to the Federal Rules of Criminal Procedure.Kevin Bankston, Open Technology Institute director (policy advocacy group) opined that the changed rule would authorize much more of government hacking than what is happening currently. He urged the Congress to pose questions to the FBI in this regard. It is alleged that FBI is fighting cases in court to keep its spying tactics a secret from the public.

As a deviation from the current Rule 41 which allows a magistrate judge to issue search warrants only within their jurisdictions, the amended rule would allow the same magistrate judge to issue search/seize warrants on any computer if its location has been hidden through technical means.It is also possible for the government to search millions of computers all at once with just a single warrant. There was added concern that the computers searched would belong to the victims of the cyber-crime that seek online anonymity instead of the perpetrators in most cases.

Whereas many of the experts that testified against such changes of the rule and privacy advocates are smarting against the upper handedness of the government, many are calling on the Congress to reject the rule that could mean an end to online anonymity. Senator Ron Wyden, an advocate of privacy, added that the amendment was clearly a debate that the Congress and the elected representatives of the country should take up and resolve after adequate public vetting. This is important in the light of the fact that there are over a million people that use Tor and other online anonymity tools for very legitimate reasons just as some others are using it to hide their crimes.

2000px-US-OfficeOfJusticePrograms-Seal.svgAbsence of any opposition to the rule means that it will come into effect in December this year and will result in spying by the government on users of Tor or VPN services without the user having any knowledge of it. The Department of Justice, however, welcomed the amendment. Their argument was that this change would help to prosecute those criminals that use Tor or similar tools to maintain online anonymity while perpetrating their crimes.

Earlier in the month, an Oklahoma federal judge had to turn down evidence in a case relating to child pornography owing to the limitations of Rule 41. Though the amendment to Rule 41 was proposed in the year 2015 by the Department of Justice, Google, in collaboration with other privacy advocacy groups wrote a letter expressing concerns about the violations of international agreements that this amendment would bring about as a result of the authorization of the government to conduct searches on computers outside of the United States.

Ricochet: Instant Messenger That Uses Tor Online Anonymity Network

With so much of our information available on the internet, maintaining online anonymity can be a challenge. Many of us look for privacy and online anonymity especially in chat services. Ricochet software is the perfect solution as it lets users connect through instant messaging without having to disclose their identity.

1

Ricochet is open-source software that operates on multiple computing platforms. It was developed initially by John Brooks and was called Torsion IM. It underwent multiple changes since then and was renamed to Ricochet in June 2014. Ricochet recently passed its first security audit conducted by NCC Group and had been sponsored by the Open Technology Fund (OTF). The vulnerability that was found which could deanonymize users has been fixed in the recent version release.

Ricochet is a decentralized instant messenger which means it does not connect to any server or does not share data with any server to maintain online anonymity. It uses Tor to create a hidden service locally on the computer of the user. A user with this Tor hidden service running on his computer can connect to any other user who also runs the hidden service.

Tor maintains online anonymity by directing traffic through several thousand relays over a free, volunteer, worldwide network making it extremely difficult to track traffic back to the user. This hides the user’s details, location and usage from anyone who is trying to identify users through traffic analysis. This detailed relay of traffic also protects disclosure of identity through network surveillance.

Tor networks make it difficult to track Internet activity back to the user keeping the online anonymity of the user intact. These activities include all forms of communication like emails and instant messages, online posts and visits to different websites. To maintain online anonymity, Tor uses encryption of the information in the application layer itself of the communication protocol. This communication protocol is layered like an onion and hence the name. The innermost layer contains the information to be communicated while all outer layers consist of randomly selected relays through which the information passes before reaching the final destination.

When the information is passed over the network, each relay decrypts a layer of the encryptions and receives the information of the next relay through which the remaining encrypted data needs to be passed. Thus the peeling of the encrypted layers happens one after the other and the data passes through multiple relays. The final relay decrypts the actual data that needs to be sent to the recipient’s address and forwards it to the destination. Thus the final relay does not even know and hence cannot reveal the source IP address maintaining complete online anonymity.

Using this complex Tor network, Ricochet sends instant messages to recipients and these messages never leave the Tor network, which maintains complete online anonymity. Ricochet provides every user a screen name which is unique. This screen name is generated automatically the first time a user starts Ricochet. This user name is a combination of two parts, the first part is the word “ricochet”’ and the second part is the address of the Tor hidden service that gets started in the local system of the user when he starts Ricochet.

For two Ricochet users to be able to communicate and yet maintain online anonymity, at least one of them has to share their unique screen name with the other. This can be done either privately or publicly. Sharing screen name does not in any way mean that any details of the user get shared with the others. Neither the IP address, nor the physical location of any of the users is revealed when screen names are shared.

12

The advantage of Ricochet is that along with online anonymity, even the information shared is encrypted. Users do not have to register themselves at any servers which can pose any kind of threat to their online anonymity. The contact lists are saved locally on the system of users making it tough to know who the user is chatting with. Even chat histories are not saved to preserve online anonymity. Thus, Ricochet offers an instant messaging solution that maintains online anonymity and keeps all communication secure.

Dark Wallet Provides Online Anonymity

If you think that the level of online anonymity provided by the encryption system of bitcoin and its other cryptocurrency brethren is high, then wait until you see what Dark Wallet can do to make your online transactions even more hidden from prying eyes.

Dark Wallet
Just what is Dark Wallet, and how does it work? Dark Wallet is the brainchild of two individuals – Amir Taaki, a free-market anarchist of Iranian and British descent, and Cody Wilson, who rose to fame when he printed the very first, fully-working 3D printed gun. The two men tandem has long since grown after the conception of Dark Wallet, and now includes notable figures from the cryptocurrency, unSYSTEM and Libbitcoin fields, among others.

The promise is that Dark Wallet will provide an even more private way of acquiring online anonymity through the use of bitcoin and when doing transactions in virtual marketplaces. As bitcoin became somewhat of a mainstream phenomenon, governmental bodies have been taking action in restricting and decentralizing the cryptocurrency. Dark Wallet’s prominent feature, which is to provide total online anonymity by being a bitcoin transfer and storage platform, seeks to return bitcoin to its original decentralized, anti-establishment roots. The app is poised to completely conceal any and all users’ identity, even stronger than what bitcoin promises.

But how does it hide the cryptocurrency transaction? Via CoinJoin mixing and stealth payments. Dark Wallet hosts its very own independent system of bitcoin exchange, meaning that anyone who has this software can sell or buy bitcoin without going to any other exchange platform. Online anonymity is observed by the user not needing to provide any personal identification or information. The CoinJoin technology lets a particular transaction merge and join a bitcoin transaction in random at the same time. The blockchain transaction records will invariably join together, and the encrypted multi-party sale is encrypted further within the Dark Wallet software to block out any virtual eavesdroppers. The Stealth Address feature works where any user can generate a “hidden address” paired up with a secret key, then publish the address to the sender or the receiver. The bitcoins are then sent to another address that is an encrypted version of the stealth address.

Dark Wallet started out as an idea by the two freethinkers, and sought help for funding by posting their idea on Indiegogo. The duo immediately launched a comprehensive crowdfunding campaign that generated around $50,000 and other funds in bitcoin currency.

bitcard darkwallet
The potential online anonymity of Dark Wallet is enormous. By itself, it can be used to power darknet market and illegal trades that are covertly carried out on the dark web. The online anonymity factor is a huge boon to black market transactions such as the renowned Silk Road, which was taken down in October 2013.

Dark Wallet fills in security holes in anonymous bitcoin transactions. Bitcoin transactions have become more and more transparent, due to the fact that each payment is recorded on a blockchain, which is like a public record. This blockchain is copied and sent to thousands of computers in order to prevent bitcoin fraud and virtual forgery within the network. The addresses themselves can be traced back to the user if the government agency or any corporation looks hard enough.

Dark Wallet developers admit that the software application is still in the early stages of progress, and a lot of work is needed to make it fully realized. The online anonymity software itself is labeled at an alpha stage and is far from being complete. The built-in app may be installed in a Google Chrome browser, with support for Mozilla Firefox web browsers coming in soon. Dark Wallet has paired up with Chip Chap, an app where you can convert Euros for bitcoins, and vice versa. The developers are also urging interested communities to test out their online anonymity application and are looking for suggestions to make it even better.

Vuvuzela: New Online Anonymity Tool

Researchers from Massachusetts Institute of Technology (MIT) have developed a new messaging system called Vuvuzela which can be used to provide online anonymity and is believed to be more secure than the popular Tor system.

The researchers, who have been working on the project for close to six months now publicized their success early in December in a press release and have put down this achievement to imperative piety and close scrutiny of the Tor network.

Earlier this year, an all-best partnership between researchers from Qatar Computing Research Institute (QCRI) and MIT did a deep going-over on the undisputed online anonymity tool Tor in a bid to expose its bugs and vulnerabilities, and came up with a report deeming the network as 88 percent accurate.
Vuvuzela
The Vuvuzela system is basically modeled on Tor, and the analysis of the directions taken by various packets on Tor nodes helped them design the new 99 percent accurate Text Messaging System.

The main difference between the two soon-to-be rivals is that Vuvuzela doesn’t allow third parties to develop patterns and use them as a way through to the original servers, something Tor cannot guarantee. What’s more the new system, unlike Tor, has undergone mathematical validation by experts in a public paper “Scalable Private Messaging Resistant to Traffic Analysis” as proof for its online anonymity credentials.
Man Using Tor
For the old Tor system to work, every user leaves their message on predefined locations like, say, Internet-connected dread drop servers, where other people can retrieve the message. If there were four people using the system, for instance, and only two of them were exchanging text messages, the fact that there is a conversation between two people on the server would be obvious and anyone would easily make a pattern and find a way into the servers.

On Vuvuzela, though, the complexity of the goings-on leaves no room for online anonymity jeopardy. With or without information, in this system, information flow towards the dead-drop server is kept constant, making it hard for anyone analyzing patterns to find a clear-cut track into the server as the traffic seems’ to come from numerous untraceable locations all the time.

Of course the hacker can take a further step and infiltrate the server to find the real users and the locations from which the messages are coming, and that makes the system still unreliable. So, to make it perfect, the researchers created two more servers to make it three and two more layers of encryption, a measure that makes it downright impossible for a hacker to study the patterns and look into the message threads and the identity of the users.

And that’s not all. The dead drop servers have been designed in such a way that understanding them would be difficult for anyone. The first server, for instance, sports the top most encryption layer on the messages whose order has been deliberately tampered with. The second layer does the same, and only the third layer provides and displays the messages in the order preferred by the recipient.

Not unless all the three layers are compromised, which is next to impossible, according to the brains behind the architecture, messages and user identity is safe from third party access and online anonymity is guaranteed.

According to Nickolai Zeldovich, co-leader of the Parallel and Distributed Operating Systems group, who clearly doesn’t intend to cast Tor in bad light, believes that Tor’s assumption that no single hacker in controls multiple nodes in his system cannot be relied on to provide online anonymity these days because “maybe there’re people out there who can compromise half of your servers.”

While it would be tricky for some of us to buy this idea (every new invent comes with a load of hype, basically), the team from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) believe their advanced text message system can guarantee 100 percent online anonymity and allow for exchange of messages approximately once a minute. “Statistically, it’s next to impossible for a hacker to tell whether messages received at the same time window were destined for the same recipient,” explains CSAIL. “Those statistical assurances stand even if one or two of the servers get infiltrated. The system will conventionally work as long as one server remains uncompromised.”

Tor Announces Their New Executive Director

After five months of pursuit for a new Executive Director, Tor’s quest has finally come to an end. Tor had been looking for someone to continue leading the organization with the same enthusiasm and having in mind the same values this giant has been promoting over the years; someone who can work on educating the public about the importance of online anonymity.

It is Shari Steele, a former Executive Director at Electronic Frontier Foundation (EFF), that has been announced as the new Executive Director of Tor Project. The choice is really quite logical, for the two organizations have more than one thing in common.

While Tor provides online anonymity for its users using the encrypted multilevel relays, the EFF describes itself as the leading nonprofit organization defending civil liberties in the digital world. Tor provides specific online service to its users and EFF is more involved in protecting human rights in legal sense.

Who is Shari Steele?

Shari Steele

According to Wired’s opinion, Steele sounds like an ideal person for leading the Tor Project. She started her career at EFF as a leader of a small group of lawyers and led them into becoming the world-class team. EFF has been involved in almost every significant legal battle of the digital world; it even battled with NSA’s dragnet surveillance programs and challenged the government’s use of National Security Letters.

Shari Steele is often described as a passionate advocate of free speech, and during her time at EFF as Executive Director her main responsibilities were fundraising, financial structure, employee welfare and benefits, support system for the office and many other things. Her leaving the organization was the result of her wish to move.

Shari Steele has proven herself a great leader and probably the best testimony for that is the “Farewell blog post” by her former colleagues.

The founder of EFF, Mitch Kapor recalled the early days of the organization which also coincides with the early days of cyberspace. He also spoke about Steele’s role in stabilizing and transforming the organization into, as he put it “a beacon of freedom in today’s online world.” Kapor went on to express his huge personal gratitude to Steele, wishing her best of luck in her future business ventures.

Her interest in taking the role of Tor’s ED is not a big surprise, since this is not the first time Steele is involved with Tor. At very same farewell blog post, Roger Dingledine, Project Leader, Director, Researcher at Tor Project remembered Steele’s crucial decision when she “took a chance” and helped fund the project in 2004, despite EFF being more focused on legal aspect of the similar idea. Dingledine pointed out that Tor and online anonymity might not even exist today if it wasn’t for Steele at the crucial moment. On two more occasions Steele stepped in for Tor, once with resources in staff and the second time as fiscal sponsor when Tor applied for Omidyar grant.

Tor Today

Despite being created as means for online anonymity, which was supposed to provide Internet users with security and freedom, Tor has met with many negative reactions of the general public, mainly due to excessive misuse by the drug dealers selling illicit drugs on darknet markets. These darknet markets can only be accessed via Tor Browser; hence its appeal.
tor browser logo

Nevertheless, there are still more positive applications of Tor network and online anonymity it provides, for many journalist and freedom fighters use it a tool for communicating with whistleblowers, especially in countries with limited freedom of speech.

New Executive Director of Tor will have a difficult job of presenting it to the public as a good thing; an idea of online anonymity that really should be supported with heart and soul; as well as sponsored. Shari Steele believes that no major turnover in Tor’s business will take place after she assumes her position – it will remain the leading provider of online anonymity and security on the internet today; plus, she is promising to expand the boundaries to new horizons. What this boundaries-and-horizons part means exactly remains for us to see.

In the meantime, Roger Dingledine is relieved to have the new Executive Director and is very excited that his team of developers will finally be able to completely devote to improving Tor network.

Roger DingledineSome might say “About time!” because earlier this year one of the darknet markets, Agora, “retired” from business claiming that they have found a glitch in Tor’s security system and decided to wait some time until this is fixed.

Another incident is also related to this glitch in Tor network. Back in 2014 in the Operation Onymous more than 27 darknet markets have been seized because the online anonymity Tor was supposed to provide was compromised.

Facebook Blocks More Contents In India

In 2014, social media giant Facebook had announced that they blocked nearly 5,0000 content pieces from India during first six months of the year following requests by mostly government agencies.

According to India Facebook report for Government Request Report, the restriction of the pieces of content came about following requests law enforcement agencies of India and also the India Computer Emergency Report Team. The restrictions were done under local laws that proscribe criticism of the state or religion.

Facebook Apps

During his visit to the South Asian country in October 2014, Mark Zuckerberg, the Facebook founder, said he was open to helping Narendra Modi, the new Prime Minister, to connect remote and distant villages to the internet.

In Facebook’s 2014 report that listed 83 countries all over the world, India led the world with 4,960 registered requests for regulating content. It was followed by Turkey and Pakistan which had 1,893 and 1,173 registered requests respectively.

India also recorded the second-highest requests by government to access user accounts. It had 5,958 such requests, behind the US which requested Facebook to access the accounts of 23,667 accounts.

Government requests on the rise

The Deputy General Counsel of Facebook, Mr. Chris Sonderby, wrote in November 2014 in a blog post that the data show that government requests for content and data had gone up by 24% worldwide compared to second half of 2013.

Sonderby added that the giant social media company was working to push nations for greater transparency and also to reform surveillance practices required to build the trust of people in the internet.

According to Facebook, it is common for governments to request for data on Facebook users as part of the official investigations.

Most of these requests are linked to criminal cases such as kidnappings or robberies. In most of these requests, governments seek basic subscriber information like name and sometimes length of service. Some requests have gone further to ask for actual account content or IP address logs.

“Every single request that we receive is subject to checks for legal sufficiency. It is a requirement that officials provide us with substantive description of factual and legal basis for their request. When we realize legal deficiencies or vague overly broad demands for information, we push it back,” read a statement from the company.

The company further added that even where they determine that local laws would force them to disclose information, they only share basic subscriber information.

Why the number of blocks is increasing in India

facebook content block request
In the same period of time last year, only some 4,960 posts were blocked in India. In 2015 however, this number has increased by almost three times. While Facebook states that government-requested content blocks have gone up globally by about 18%, the most likely reason explaining the massive surge in blocks of posts in India is due to the growing political unrest in the country.

In the data released by Facebook in its biannual Government Requests Report, India requested to restrict 15,155 pieces of content, three times the requests it made during the same period last year.

Scientists have even come up with a way of determining mathematically the virality-quotient of a post. This describes how information spreads, social aggregations and higher dimensional groups.

There are some 130 million monthly Facebook users in India, which is the highest number of users after the United States. Greater number of users means great quantity of posts. With this comes even more hate mongers and individuals peddling falsehoods and information. Sometimes these people just want the information to go viral.

Online Anonymity

This clampdown on information by government agencies in India may lead to people resorting to online anonymity. Online anonymity is where users browse the internet without their identities being revealed. Online anonymity provides layer of protection for individuals’ privacy. Online anonymity lets individuals express their views and ideas without fear of being judged. This phenomenon of online anonymity is very common in Russia where the government really checks what people say over the internet. Online anonymity is also a vital tool for free speech.

This is the third time that Facebook is releasing the report since its reception way back in 2013, and in the three years, India has been topping the list of content removal request.