FBI refuses to reveal how Tor was circumvented in child pornography case

The FBI has asked a judge to withdraw a request that the agency reveal the means used to identify a suspect in a child pornography case. The suspect used the Tor browser, which shielded his IP address.

The US judge found that the request to disclose the technology was a “founded question” and granted it, Motherboard reports. The defense of the suspect wants to find out whether the FBI has exceeded the authorization of the judge with the use of the hacking technique, or network investigative technique.

However, the FBI will not explain how the Tor browser anonymity method works. Part of the technology has been disclosed by the service, but not the underlying exploit itself. According to ACLU researcher Christopher Soghoian, it should be a vulnerability in Firefox, because that is what the Tor browser is based on. According to him, the FBI should therefore disclose the vulnerability to Firefox maker Mozilla.

Such techniques have been disclosed in the past. For example, in 2012, the FBI used the Metasploit framework. In doing so, the FBI used a Flash applet to ensure that the traffic of suspects went through the Internet, instead of through the Tor network.

The investigation into the child pornography site “Playpen” ran in 2015, with the FBI continuing to temporarily host the service with its own servers to identify suspects. Motherboard said at the time that the site had more than 215,000 users. The FBI’s investigation also yielded more than 3,000 cases in several European member states.