U.S. drops child porn case to avoid disclosing Tor exploit
Credit to Author: Lucian Constantin| Date: Mon, 06 Mar 2017 07:04:00 -0800
The U.S. Department of Justice is asking a federal court to dismiss its indictment in a case that involves a child porn site known as Playpen, after a judge asked the government to disclose the hacking technique it used to gather evidence.
“The government must now choose between disclosure of classified information and dismissal of its indictment,” the DOJ said in a court filing Friday. “Disclosure is not currently an option.”
The case involves Jay Michaud, a school administrator from Vancouver, Wash., who was arrested in July 2015 for allegedly viewing child porn images on Playpen. Michaud’s case was one of at least 137 cases brought throughout the U.S. in relation to Playpen, a website that operated on the Tor anonymity network and which the FBI managed to seize in 2015.
Instead of shutting the website down immediately, the FBI let it operate for an additional 13 days, during which time it deployed malware on its visitors’ computers to obtain their real IP addresses and later identify them.
The Tor hidden service protocol, which Playpen used, is designed to hide the website’s real IP address from users and the IP addresses of users from the website itself. In other words, it provides two-way anonymity.
Playpen visitors used the Tor Browser, a hardened and Tor-optimized version of Mozilla Firefox. It’s not clear how the FBI managed to deploy malware on computers that visited Playpen, but security researchers believe that it was done through a yet unpatched vulnerability in Mozilla Firefox.
The FBI refers to the exploit as a Network Investigative Technique (NIT) and has refused to disclose details about it, claiming that it’s classified.
Michaud’s lawyer previously asked the judge to force the DOJ to release the exploit as part of the discovery process between legal teams, and Mozilla even filed a brief in the case asking for the government to share details of the vulnerability with the browser maker so it can be patched.
The judge agreed that there was a law enforcement need to keep details of the tool secret, but in May ruled that the government can’t both keep the tool secret and use the information gathered with it as evidence at trial. It had to be one or the other.
“The suppression order entered by the Court in May 2016 has deprived the government of the evidence needed to establish Defendant Jay Michaud’s guilt beyond a reasonable doubt at Trial,” the DOJ said in its latest motion to dismiss the indictment. “Because the government remains unwilling to disclose certain discovery related to the FBI’s deployment of a ‘Network Investigative Technique’ (‘NIT’) as part of its investigation into the Playpen child pornography site, the government has no choice but to seek dismissal of the indictment.”
The DOJ is seeking a so-called dismissal without prejudice, which, if granted, would leave open the possibility that the government could bring new charges against the defendant in the future if the situation changes and it will be in a position to disclose the requested information about the exploit.
http://www.computerworld.com/category/security/index.rss