Some of the technical points of this article are simply wrong...
> The exit node IP address of the user was easily obtained using the two different methods discussed briefly above.
This is really not a vulnerability but simply how tor, and the internet at large, works - hidden services by design protect the service not the user (the user is protected by tor by default) - what the author actually did here was "leak" their non-hidden services IP.
> and true external IP address (see partial data example to the above). And to answer the second question, “no”, this did not involve the placement of malicious malware. Read on…
The author then goes on to state that they gave the users malicious malware to run which revealed their ip address. They justify that this was not malware by stating:
> It should be noted that this was not malware per se. It did not replicate and was run voluntarily by the user. The user was notified that a “security scan” was going to be run on their machine and they freely chose to run the scan.
The author then goes on to publish a list of tor exit nodes with tor user agents...which they could have gotten directly from the tor directory services...
And, as pointed out by others, the author never really goes on to state why they think Tor is the devil - they built a honeypot and were disgusted by the flies it attracted....I'm not really sure what they were expecting...
The author appears to believe that "Tor is the devil" because "4,000-5,000 hidden services are running at any given time. Secondly, the content served by these sites is almost universally illegal or immoral (by my definition anyway). A conservative estimate would be maybe 1 out of 200 or so hidden service websites contain content I would deem worthy of the protection an anonymous network provides. Sites featuring free speech dumps or libraries of hard-to-find underground literature are few and far between on the Dark Web."
Except that the approach the author used is in my opinion completely flawed.
The author states he started from 1 (one) seed URL, and then crawled the sites, visiting links. But that's not valid, as you'd only ever come across a possible fraction of what exists.
To be able to make any authoritative claim, he would need to scan the entire IP-space, like an actual search engine would.
I'm not condoning pedophelia or anything like it, but I think it's naive to take a simple approach and then make authoritative claims about the entirety of the TOR network.
But I also think that there were flagrant abuses that could be pursued under the CFAA. Just because something isn't "per se" malware doesn't mean it wouldn't fit the legal definition.
You used to be able to set yourself up as an HSDir server, and sniff the outgoing hidden service descriptors, but the author has clearly not done this given his level of technical expertise and domain knowledge.
Appreciate the comment RedditorThrowaway. My parenthetical headline that “tor is the devil” was facetious and apparently a failed attempt at dry humor.
Their argument doesn't appear to be "Tor is bad because it can be used for bad stuff" but "Tor is bad because it is overwhelmingly used for bad stuff today". That seems to be a meaningful distinction to me.
(I don't really care about the argument/premise itself, I just find your sloppy attempt at a counter-argument to be weak)
Since we're talking about the devil: The biblical standard for acceptable collateral damage is kind of interesting. God in the old testament said he wouldn't smite a city if there are at least 10 righteous people in it. /theologynerd
There's a much different notion of God in that passage (and much of the Old Testament) than most have now. The number 10 is arrived at after Abraham persuades God to lower the standard from 50. There are at least a few stories where mortals persuade God to change his/her mind.
Of course, him being God he would've probably known the exact amount of righteous individuals in the city. Not to mention being able to define 'righteous'.
That said, I've always been very fond of the passages in the OT where individuals managed to 'change' God's mind, as well as the general human emotions he appeared to have.
No, it argues that the Tor hidden services that the author knew about were overwhelmingly used for bad stuff. This is problematic in two ways: the methodology of gathering addresses was pretty suspect, and it glosses over the fact that the VAST majority of Tor traffic is headed to the open Internet, not a hidden service.
If you're looking for a shoddy metaphor you should probably use swords instead, because the legitimate uses of knives vastly outnumber the killing-people uses of them but swords have it the other way around.
Honest question - what examples are there of literature that can only be obtained on the dark web? Perhaps I'm closeted but I'm unaware of such books.
For example right now I'm reading a sci-fi book that remains unpublished in Russia, but it's available in the west. Or the other day had a browse of "steal this book".
A straightford way to find many of those who profit from its distribution would be to use a bot to locate forum threads that go on for hundreds of pages.
> the author never really goes on to state why they think Tor is the devil
According to the comments section, the author says "My parenthetical headline that “tor is the devil” was facetious and apparently a failed attempt at dry humor."
> The exit node IP address of the user was easily obtained using the two different methods discussed briefly above.
This is really not a vulnerability but simply how tor, and the internet at large, works - hidden services by design protect the service not the user (the user is protected by tor by default) - what the author actually did here was "leak" their non-hidden services IP.
> and true external IP address (see partial data example to the above). And to answer the second question, “no”, this did not involve the placement of malicious malware. Read on…
The author then goes on to state that they gave the users malicious malware to run which revealed their ip address. They justify that this was not malware by stating:
> It should be noted that this was not malware per se. It did not replicate and was run voluntarily by the user. The user was notified that a “security scan” was going to be run on their machine and they freely chose to run the scan.
The author then goes on to publish a list of tor exit nodes with tor user agents...which they could have gotten directly from the tor directory services...
And, as pointed out by others, the author never really goes on to state why they think Tor is the devil - they built a honeypot and were disgusted by the flies it attracted....I'm not really sure what they were expecting...