posted Sun, 08/04/2013 - 09:50
3018
Tormail Compromised? / Hosting Owner Arrested
ad
Original post from:
"In a crackdown that FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network has been compromised, including the e-mail counterpart of TOR deep web, TORmail."
"The JavaScript zero-day exploit that creates a unique cookie and sends a request to a random server that basically fingerprints your browser in some way, which is probably then correlated somewhere else since the cookie doesn't get deleted. Presumably it reports the victim's IP back to the FBI."
https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arr...
- Bookmark
- 0
- 0
What about the tor browser?? Is it still secure?
Yup, its the same as before. Just make sure to download the latest browser bundle (the latest update turns java scripting off by default). The exploit was very narrow and targeted.
Looks like it wasn't tormail, but their hosting platform was compromised not any of the tormail servers. So your info if any should be safe. That said umm ill probably get a new email. Also, I'm glad he got caught that's some messed up shit.
TorMail is hosted on FH (FreedomHost), and FH servers are now with the FBI. Ergo, TorMail servers are now with the FBI.
So yes, your TorMail data are now with the FBI.
NOTE TO ALL:
Assume all of your TorMail conversations are now with the feds, so act accordingly. Please note that the feds were only interested in pedo networks and especially child-trafficing. I assume none of us here is into that sick shit, so it's relativly safe to say we're okay.
TorMail did not use encryption to store the emails, they're all in plaintext.
You only have problems if you revleaed your personal information via TorMail.
As for the exploit itself (MAC, real IP, and hostname disclosure), it only affected you if: You use Firefox 17.0 or lower, and you're using Windows, and you have JavaScript enabled. ALL THREE CONDITIONS MUST APPLY for you to assume that the exploit has affected.
You can read more about it on THW (http://kpvz7ki2v5agwt35.onion/wiki/index.php/Talk:Freedom_Hosting)
Mozilla reps are claiming that if you were using the latest Tor Browser Bundle (FF ESR 17.0.7 - the exploit should not have worked as it's been patched).
Note: TBB by default - even though it includes the NoScripts add-on, runs Java Scripts by default. So you need to explicitly turn that off.
If you didn't hit the tormail address over the few days (or if you hit it and the site was already down) - I wouldn't worry too much.
Also, I believe tor mail was a diskless operation - so I can only assume they started pulling plugs as soon as shit went down.
All true and already mentioned, except for the last line which is incorrect.
TorMail is hosted by FH, and the FBI already got the FH guy (that's how they installed the exploit code on the FH sites). So it's extremely likely that the FBI already has the TorMail database.
AnonYeah this sucks, honestly im freaking out. I only use my email for orders but I think the feds can read the emails. Shit honestly super depresed can barely move and ill I was trying to do is inprove my body fml.
Well I need to get a new email account now. Looks like ill be paying for counter mail or something. Blah