Der BanekiPrivacyLabs Twitter-Account @Baneki ist seit Sonntag Anlaufstelle von #Torsploit Autoren und Researchern von Arstechnica - Wired - Tor iOS - dynamoo-Blog - Cryptocloud,... gute Update-Quelle
https://twitter.com/baneki
Für Cryptocloud ist die NSA involviert beim Aufspüren der FH-Server, der Übernahme der Services und beim Einplanzen des Js, nicht die FBIer, die kümmern sich um Marques
(Aufspüren mit spoof TCP RST Paketen und dann andere Server flooden, so auf eigene locken - ErrataSec-Theorie)
Ausschnitt des Ccloud-Team-Kommentars, Link dazu unten:
"The past examples that get closer to the line are the aforementioned FBI-run CP site, and the Darkmarket sting (covered nicely by none other than Kevin Poulsen - small world) in which the FBI ran a carder's forum for many months and used their inside access to the forum - including a "VPN service" created from scratch as an FBI honeypot - to take down dozens of big-name carder community stalwarts. But let's be clear - in these cases no clever tech was used. They were more or less social engineering exercises: the FBI shows up, gets someone to flip, uses their admin credentials to take over the infrastructure, and targets people making use of it.
What's different about torsploit? WIth torsploit, you have to mix in the use of offensive intrusion tech - that's what the js is, an injection - and some nontrivial memory jump trickery via an 0day (or something damned close to an 0day, in any case). This isn't rocket science tech - heck, we know a few folks who have told us quite honestly that they could write cleaner js exploit code than what they see here - but it's still offensive tech. That's not typical FBI shit - not at all.
That's not typical any-domestic-U.S.-LEO shit. Not. At. All.
However, we all know that the NSA has such tools - and far more - at their fingertips. Follow the TAO: Alexander the Geeks personal "cyber army," running thousands deep. We know they're involved in domestic stuff far, far more than they were admitting to anyone prior to Snowden's revelations. This js exploit would be less than child's play to them - a throwaway 'splot, as earlier posters suggest it appears from an ex post facto strategic modelling perspective.
We know the NSA tracks Tor - no secret there - and we know domestic U.S. LEOs have a collective stiffie over the idea of hitting Tor hard, and also tossing heavy FUD on it so people use it less... and thus run plaintext more, and are easier to surveil as a direct result. Would they bring in the big guns of the NSA, to run this show?
Would they not? Would the FBI - or even Interpol - want to get into the business of coding (or buying) 0day rootkits... and also installing them, running C&C, etc? This is far outside of their domain expertise. And this wasn't a one-off gig: this took some tech admin skill, to manage the entire Freedom Host hidden services infrastructure - if only for a couple of days, and do it well enough to fool at least some people into visiting and thus being fingerprinted. It's not rocket science, but they don't teach Tor hidden services admin and malware construction in Quantico, do they? Not last we heard."
Der Baneki-Kommentar am Anfang ist auch lesenswert, auch mit Translator
https://www.cryptocloud.org/viewtopic.php?f=14&t=2951&start=30