The Tor anonymisation network has accused the FBI of illegally paying a third party to launch an attack on it.

Tor alleged that the FBI paid “at least $1m (£675,000)” to researchers at the Carnegie Mellon university based in Pittsburgh, so they would launch an attack on them.

Outsourced Attack?

The claims were made by the Tor Project on its official blog, which pointed to the widespread attack by the FBI in late 2014 which took down dozens of Tor sites, including the drug selling website Silk Road 2.

“The Tor Project has learned more about last year’s attack by Carnegie Mellon researchers on the hidden service subsystem,” wrote Tor. “Apparently these researchers were paid by the FBI to attack hidden services users in a broad sweep, and then sift through their data to find people whom they could accuse of crimes.”

And Tor went on to accuse the FBI of acting illegally and said the attack has created a troubling precedent.

“There is no indication yet that they had a warrant or any institutional oversight by Carnegie Mellon’s Institutional Review Board,” it said. “We think it’s unlikely they could have gotten a valid warrant for CMU’s attack as conducted, since it was not narrowly tailored to target criminals or criminal activity, but instead appears to have indiscriminately targeted many users at once,” wrote Tor.

“This attack also sets a troubling precedent,” it added. “Civil liberties are under attack if law enforcement believes it can circumvent the rules of evidence by outsourcing police work to universities.”

“If academia uses “research” as a stalking horse for privacy invasion, the entire enterprise of security research will fall into disrepute,” it concluded. “If this kind of FBI attack by university proxy is accepted, no one will have meaningful 4th Amendment protections online and everyone is at risk.”

A university spokesman told the BBC: “You can read what you want into it.”

Tor Risks

Tor provides anonymity by obscuring the real point of origin of Internet communications, and was in part created by the US government, which helps fund its ongoing development, due to the fact that some of its operations rely on the network.

However, the network is also widely used for criminal purposes, such as operating contraband websites, and it is increasingly being used by attackers to hide their identities as they scan for vulnerabilities or carry out attacks.

In August IBM recommended that system administrators ban access to the network, as it was increasingly used as the point of origin of attacks on public- and private-sector organisations.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

5 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

6 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

7 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

9 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

11 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

12 hours ago