FBI fights back against court order demanding Tor exploit source code

The exploit code was used to infiltrate Tor and track down a child pornography viewer.


The FBI is dragging its heels on a court order which requires the agency to reveal how an exploit was used against the Tor network to find a suspected child pornography viewer and their true IP address.

US law enforcement says that revealing the source code of the Tor exploit, used to infiltrate the surveillance-thwarting network, is not necessary to the case, while the judge behind the order, Robert Bryan, considers it a "fair question" to ask how the defendant was caught.

Jay Michaud, a school administrator from Vancouver, Washington, is the focus of the criminal case. Michaud was arrested on charges of downloading child pornography in July, 2015.

The 62-year-old allegedly viewed 187 "threads" on Dark Web forums relating to child pornography, but he did not know the FBI had seized the website supporting the forum and was running it from law enforcement servers for almost two weeks to catch suspects.

During this time, the FBI were able to use a network investigative technique (NIT) -- otherwise known as a hacking tool -- against people who logged in and visited child pornography threads on the domain and slurp their true IP addresses and other information.

Michaud had no previous criminal history, but in a subsequent raid on his home, US agents allegedly discovered a thumb drive containing pornographic images including child abuse and rape.

Last month, the FBI was asked to provide the exploit source code to Vlad Tsyrklevich, a malware analyst hired as part of the defence. However, according to Motherboard, law enforcement has asked the judge to reconsider under a sealed motion, arguing that revealing the full code would do nothing more than show the researcher how the hacking tool was deployed -- and not what happened afterwards.

Law enforcement has given the researcher a portion of the code. However, the defence argues that viewing the full source code will give them the chance to determine if the FBI's exploit carried out functions beyond those permitted by the warrant, which could be a critical element to the case.

A decision has not yet been reached.

See also: Beyond Silk Road 2.0, over 400 'dark web' Tor sites seized by FBI

This is not the first time, nor likely the last, that law enforcement has kept the Tor network within its sights. In 2014, the FBI was able to take down the resurrected underground marketplace Silk Road 2.0, and with the help of Europol and other agencies, also seized over 400 .onion domains.

A total of 17 arrests were made in connection to Dark Web services, and over $1 million in Bitcoin, as well as180,000 euros in cash, drugs, gold and silver were seized.

Read on: Top picks

Show Comments