Hacker builds tracking system to nab Tor pedophiles
Amidst concerns that pedophiles are using public Tor (the Onion Router) servers to trade in child pornography, über-hacker HD Moore is building a tracking system capable of pinpointing specific workstations that searched for and downloaded sexual images and videos of kids.
Amidst concerns that pedophiles are using public Tor (the Onion Router) servers to trade in child pornography, über-hacker HD Moore is building a tracking system capable of pinpointing specific workstations that searched for and downloaded sexual images and videos of kids. Moore, the brains behind the Metasploit Project, has come up with a series of countermeasures that include using patched Tor servers and a decloaking engine to detect the exact location of a pedophile within an organization or residence.
Moore first discussed his "countermeasures" at a meeting of the Austin Hackers Association (AHA) last summer when it became clear that the EFF-backed anonymity/privacy network was being used for the most nefarious purposes. Further confirmation came last September when German authorities cracked down on Tor node operators because of the proliferation of child porn.
In an e-mail interview, Moore said the plan is to release the source code, which will allow anyone to run a patched Tor server to help pinpoint pedophiles online. Moore's description of the countermeasures:
1. Run a patched TOR server. The patches embed a Ruby interpreter into the TOR connection engine and allow arbitrary Ruby scripts to process data before sending it back to the client. 2. When child porn-related keywords are seen (either the Web request, or the response), inject a little extra HTML code into the response going back to the Web browser. This HTML code would connect to my decloaking engine.
3. The decloak engine is based on the following techniques:
a) A unique identifier is created to track this user.