[liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
The Doctor
drwho at virtadpt.net
Tue Aug 6 10:38:24 PDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/06/2013 10:18 AM, Pavol Luptak wrote:
> The question is how FBI gained access to Freedom Hosting? What kind
> of exploits did they use?
Freedom Hosting offered web hosting services to people that asked for
it, yes?
A hypothesis I've seen floating around (without evidence, that's all
it is) is this: The FBI asked for and received web space on Freedom
Hosting. They uploaded an app that they knew had a couple of
vulnerabilities that allowed for server side code execution and used
them to compromise other sites on that machine. No need to send
ninjas to raid the cookie jar when you can say, "Mother, may I?"
- --
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
Livin' la vida alpha test.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIBNJAACgkQO9j/K4B7F8GoOgCg6tLxg4LDf08CX64XsLTBQvlj
kmQAn34OwraBqPwY8EH+rt2O1QLd6zC8
=eZ9N
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list