DOCSLIB.ORG

A Brief History of Law Enforcement Hacking in the United States

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

SAYAKO QUINLAN AND ANDI WILSON A BRIEF HISTORY OF LAW ENFORCEMENT HACKING IN THE UNITED STATES SEPTEMBER 2016 About the Authors About the Cybersecurity Initiative The Internet has connected us. Yet the policies and Sayako Quinlan is a former intern at New America's debates that surround the security of our networks are Cybersecurity Initiative, where she researched incidents too often disconnected, disjointed, and stuck in an around government hacking and the landscape for unsuccessful status quo. This is what New America’s cyber capacity building. She is a junior at Georgetown Cybersecurity Initiative is designed to address. Working University's School of Foreign Service, majoring in Science, across our International Security program and the Open Technology, and International Affairs with a concentration Technology Institute, we believe that it takes a wider in Business Growth and Development. She is pursuing a network to face the multitude of diverse security issues. career in cybersecurity. We engage across organizations, issue areas, professional fields, and business sectors. And through events, writing Andi Wilson is a policy analyst at New America’s Open and research, our aim is to help improve cybersecurity in Technology Institute, where she researches and writes ways that work—for the countries, for companies and for about the relationship between technology and policy. individuals. With a specific focus on cybersecurity, Andi is currently working on issues including encryption, vulnerabilities Our work is made possible through the generous support equities, surveillance, and internet freedom. of the William and Flora Hewlett Foundation, the Arizona State University, Microsoft Corporation, Symantec Inc., The Acknowledgments Home Depot, Endgame Inc., and Facebook. The authors appreciate the help and support of New About New America America's staff, especially Emefa Agawu, Ethan Walker, Kayla Cross, Rob Morgus, Laura Bate, Ian Wallace, Robyn New America is committed to renewing American politics, Greene, Alison Yost, Kevin Bankston, and Ross Schulman. prosperity, and purpose in the Digital Age. We generate big ideas, bridge the gap between technology and policy, and curate broad public conversation. We combine the best of a policy research institute, technology laboratory, public forum, media platform, and a venture capital fund for ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who believe deeply in the possibility of American renewal. Find out more at newamerica.org/our-story. Contents Introduction 2 Hacking the Mob with Keyloggers 3 Hacking a Bomb Threat with CIPAV 4 One Court Pushes Back on a Hack 5 Hacking the Onion Router 6 Hacking the San Bernardino iPhone 8 The Future of Hacking 9 Notes 11 INTRODUCTION Hacking by law enforcement has been front page evaluating policy options to address the issue: news since the FBI purchased a tool to bypass the what procedural and substantive standards must security of an encrypted iPhone while investigating be met when the government seeks authorization the San Bernardino shooting. However, this type to hack? Under what legal authority can this type of hacking is nothing new: it has been over fifteen of hacking be authorized? Could the hack damage years since the first known case of police intrusion the targeted device or infect untargeted devices? into a computer as part of an investigation.1 While How can the privacy of third parties be protected it is uncertain when this behavior began, we are when investigating a single individual? Should sure that, as of 1999, that the government had law enforcement be able to target only specific begun to use technological skills to access private individuals, or everyone that visits a particular digital networks and material in the process of website or uses a particular service? How should investigating crimes.2 Hacking methods can be as law enforcement minimize the collection of data simple as using a USB drive to install a malicious that isn’t relevant to their investigation? These are program, or tricking users into opening a phishing all critical questions, yet law enforcement has taken email, and as complex as tools that rely on very few steps to provide clear information about previously unknown or “zero-day” vulnerabilities to their procedures, tools, or tactics when it comes to allow a hacker to bypass the sophisticated security their hacking activities.4 functions of a mobile phone’s operating system. Understanding the history of government hacking Despite being a key tactic for law enforcement since is important in order to engage more people in the the turn of the century, hacking didn’t become on-going policy discussion. This paper focuses a major topic of public discussion until the San on a selection of illustrative historical cases, with Bernardino iPhone hack.3 That case received the understanding that due to the secret nature of such widespread media coverage that even the government investigations, we can only know a general public was talking about the ways that fraction of the hacking that has taken place. This law enforcement could, or could not, access the overview highlights major trends in investigative devices that we all carry in our pockets. But the hacking and will hopefully foster more inquiries repercussions of investigative hacking are unclear, into these practices by policymakers and the public. and important questions must be asked when 2 OPEN TECHNOLOGY INSTITUTE HACKING THE MOB WITH KEYLOGGERS The first known case of hacking by U.S. law the tool was akin to wiretapping and that the FBI enforcement was in an investigation into the Italian- had not obtained the proper warrant for its use.8 In American mafia. In January 1999, the FBI searched August 2001, the judge ordered the FBI to provide the New Jersey property of Nicodemo Scarfo, who more information on exactly how the keylogging was under suspicion of running an illegal gambling software worked. They responded by filing a business. When agents downloaded the contents memorandum claiming that the technology was of Scarfo’s computer, one file was encrypted, classified, and that revealing specifics would make using a program called “Pretty Good Privacy” or the keylogger useless in future cases.9 The judge PGP.5 Agents believed this to be the file containing ultimately rejected the defense’s argument to have the bookmaking information that would have that specific evidence excluded and, in March 2002, incriminated Scarfo, but it was not enough evidence Scarfo pleaded guilty.10 to arrest him.6 During the Scarfo trial MSNBC reported on a new A few months after the initial search, in the spring key logging software named “Magic Lantern” that of 1999, the FBI secured a warrant to secretly install the FBI could deliver remotely over email (unlike a Key Logger System (KLS) – technology that, as the the keylogger used in the Scarfo case which had to name would suggest, had the ability to record what be physically installed on the suspect’s computer).11 was typed into Scarfo’s computer. The FBI hoped Technology that could be installed remotely was the tool would help retrieve the password to Scarfo’s a new development, and showed a significant PGP key. advancement in the hacking strategies used by U.S. law enforcement. Although there are no publicly On May 10, 1999, after securing the key logging available warrants that describe law enforcement warrant, FBI agents snuck onto Scarfo’s property deploying Magic Lantern, there was a case in 2007 and installed the technology onto his computer. of two ecstasy manufacturers using PGP, in which After 14 days, the keylogger had collected the law enforcement used a keylogger that may have necessary data to decrypt his bookmaking file,7 and been remotely installed.12 In that same year, an even Scarfo was arrested and charged. But in a two-year newer forensic hacking tool, called CIPAV, started pretrial court fight, Scarfo challenged the legality grabbing headlines. of using the key logging software, claiming that OPEN TECHNOLOGY INSTITUTE A Brief History of Law Enforcement Hacking in the United States 3 HACKING A BOMB THREAT WITH CIPAV On May 30, 2007, a handwritten bomb threat username, registered computer name, and internet was discovered on the campus of Timberline history.15 After sending this information back High School in Washington state. The school was to the FBI, CIPAV would monitor the electronic evacuated, but no bomb was found. On June 4th, communication activity—but not the content of the an e-mail to the school warned that the school communications—of the computer for 60 days.16 district would go offline and that day, the Lacey When a computer accesses a website, the computer School District computer network was hit with a sends information about itself to the website over Denial-of-Service attack that brought down their the network to inform the website how a web computer network.13 Over the next three days, the page should display to the user. CIPAV exploits school received several bomb threats sent by e-mail this function by diverting the information that the from different accounts, all of which were traced computer sends to an FBI server.17 to a hacked server based in Italy. At the same time, a MySpace account was created under the name The FBI deployed CIPAV by impersonating an “timberlinebombinfo” and added 33 Timberline Associate Press reporter and messaging the students as friends. After each threat, the students “timberlinebombinfo” MySpace account.18 The were evacuated, but a bomb was never discovered.14 message contained a link to a fake news article Because the perpetrator was using a proxy server to which, when clicked, allowed CIPAV to access the obscure their true location, law enforcement could computer and send its information to an FBI server.19 not simply request the user’s information from At this point, CIPAV remained on the suspect’s MySpace – they had to get more high tech.
Recommended publications
  • An Evolving Threat the Deep Web

    An Evolving Threat the Deep Web

    8 An Evolving Threat The Deep Web Learning Objectives distribute 1. Explain the differences between the deep web and darknets.or 2. Understand how the darknets are accessed. 3. Discuss the hidden wiki and how it is useful to criminals. 4. Understand the anonymity offered by the deep web. 5. Discuss the legal issues associated withpost, use of the deep web and the darknets. The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online ‘dark’ marketplaces. Operation Onymous, coordinated by Europol’s Europeancopy, Cybercrime Centre (EC3), the FBI, the U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI) and Eurojust, resulted in 17 arrests of vendors andnot administrators running these online marketplaces and more than 410 hidden services being taken down. In addition, bitcoins worth approximately USD 1 million, EUR 180,000 Do in cash, drugs, gold and silver were seized. —Europol, 20141 143 Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 144 Cyberspace, Cybersecurity, and Cybercrime THINK ABOUT IT 8.1 Surface Web and Deep Web Google, Facebook, and any website you can What Would You Do? find via traditional search engines (Internet Explorer, Chrome, Firefox, etc.) are all located 1. The deep web offers users an anonym- on the surface web. It is likely that when you ity that the surface web cannot provide. use the Internet for research and/or social What would you do if you knew that purposes you are using the surface web.
  • Wikileaks and the Institutional Framework for National Security Disclosures

    Wikileaks and the Institutional Framework for National Security Disclosures

    THE YALE LAW JOURNAL PATRICIA L. BELLIA WikiLeaks and the Institutional Framework for National Security Disclosures ABSTRACT. WikiLeaks' successive disclosures of classified U.S. documents throughout 2010 and 2011 invite comparison to publishers' decisions forty years ago to release portions of the Pentagon Papers, the classified analytic history of U.S. policy in Vietnam. The analogy is a powerful weapon for WikiLeaks' defenders. The Supreme Court's decision in the Pentagon Papers case signaled that the task of weighing whether to publicly disclose leaked national security information would fall to publishers, not the executive or the courts, at least in the absence of an exceedingly grave threat of harm. The lessons of the PentagonPapers case for WikiLeaks, however, are more complicated than they may first appear. The Court's per curiam opinion masks areas of substantial disagreement as well as a number of shared assumptions among the Court's members. Specifically, the Pentagon Papers case reflects an institutional framework for downstream disclosure of leaked national security information, under which publishers within the reach of U.S. law would weigh the potential harms and benefits of disclosure against the backdrop of potential criminal penalties and recognized journalistic norms. The WikiLeaks disclosures show the instability of this framework by revealing new challenges for controlling the downstream disclosure of leaked information and the corresponding likelihood of "unintermediated" disclosure by an insider; the risks of non-media intermediaries attempting to curtail such disclosures, in response to government pressure or otherwise; and the pressing need to prevent and respond to leaks at the source. AUTHOR.
  • Wikileaks, the First Amendment and the Press by Jonathan Peters1

    Wikileaks, the First Amendment and the Press by Jonathan Peters1

    WikiLeaks, the First Amendment and the Press By Jonathan Peters1 Using a high-security online drop box and a well-insulated website, WikiLeaks has published 75,000 classified U.S. documents about the war in Afghanistan,2 nearly 400,000 classified U.S. documents about the war in Iraq,3 and more than 2,000 U.S. diplomatic cables.4 In doing so, it has collaborated with some of the most powerful newspapers in the world,5 and it has rankled some of the most powerful people in the world.6 President Barack Obama said in July 2010, right after the release of the Afghanistan documents, that he was “concerned about the disclosure of sensitive information from the battlefield.”7 His concern spread quickly through the echelons of power, as WikiLeaks continued in the fall to release caches of classified U.S. documents. Secretary of State Hillary Clinton condemned the slow drip of diplomatic cables, saying it was “not just an attack on America's foreign policy interests, it [was] an attack on the 1 Jonathan Peters is a lawyer and the Frank Martin Fellow at the Missouri School of Journalism, where he is working on his Ph.D. and specializing in the First Amendment. He has written on legal issues for a variety of newspapers and magazines, and now he writes regularly for PBS MediaShift about new media and the law. E-mail: [email protected]. 2 Noam N. Levey and Jennifer Martinez, A whistle-blower with global resonance; WikiLeaks publishes documents from around the world in its quest for transparency, L.A.
  • An Oft Overlooked Response Option to Hostile Cyber Operations

    An Oft Overlooked Response Option to Hostile Cyber Operations

    The Plea of Necessity: An Oft Overlooked Response Option to Hostile Cyber Operations Louise Arimatsu and Michael N. Schmitt 97 INT’L L. STUD. 1171 (2021) Volume 97 2021 Published by the Stockton Center for International Law ISSN 2375-2831 The Plea of Necessity Vol. 97 The Plea of Necessity: An Oft Overlooked Response Option to Hostile Cyber Operations Louise Arimatsu∗ and Michael N. Schmitt∗∗ CONTENTS I. Introduction ........................................................................................... 1172 II. Uncertainty and Limitations in the Law of Self-Defense ............... 1175 III. Uncertainty and Limitations in the Law of Countermeasures ....... 1179 IV. Necessity as a Response Option ......................................................... 1181 A. Threshold .................................................................................... 1183 B. Limitations................................................................................... 1191 C. Assistance by Other States? ...................................................... 1194 D. Geography ................................................................................... 1197 V. Concluding Thoughts ........................................................................... 1198 ∗ Distinguished Policy Fellow, Centre for Women, Peace and Security, London School of Economics. ∗∗ Professor of International Law, University of Reading; Francis Lieber Distinguished Scholar, U.S. Military Academy at West Point; Charles H. Stockton Distinguished Scholar- in-Residence,
  • Introduction Points

    Introduction Points

    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
  • Stuxnet, Schmitt Analysis, and the Cyber “Use-Of-Force” Debate

    Stuxnet, Schmitt Analysis, and the Cyber “Use-Of-Force” Debate

    Members of International Telecommunications Union and UN Institute for Training and Research confer on cyber security UN (Jean-Marc Ferré) UN (Jean-Marc Stuxnet, Schmitt Analysis, and the Cyber “Use-of-Force” Debate By ANDREW C. FOLTZ All Members shall refrain in ne of the many seemingly advance the specific criteria states will use in intractable legal issues sur- making such determinations. their international relations rounding cyberspace involves As discussed in this article, several ana- from the threat or use of force O whether and when peacetime lytic frameworks have been developed to help against the territorial integ- cyber operations constitute a prohibited use of assess when cyber operations constitute a use force under Article 2(4) of the United Nations of force.3 One conclusion these frameworks rity or political independence (UN) Charter. Notwithstanding a significant share is that cyber operations resulting in of any state, or in any other body of scholarly work on this topic and physical damage or injury will almost always manner inconsistent with extensive real-world examples from which to be regarded as a use of force. When these draw, there is no internationally recognized frameworks were developed, however, there the Purposes of the United definition of a use of force.2 Rather, what has were few, if any, examples of peacetime, state- Nations. emerged is a general consensus that some sponsored cyber coercion. More importantly, cyber operations will constitute a use of force, the prospect of cyber attacks causing physical —Article 2(4), Charter of the but that it may not be possible to identify in damage was largely theoretical.4 Beginning United Nations1 Lieutenant Colonel Andrew C.
  • CONTENTS in THIS ISSUE Fighting Malware and Spam

    CONTENTS in THIS ISSUE Fighting Malware and Spam

    JUNE 2011 Fighting malware and spam CONTENTS IN THIS ISSUE 2 COMMENT 2128 ADDRESSES Education, education, education ‘Under IPv6, spammers could send out one piece of spam per IPv6 address, discard it and then move on to the next address for the next 10,000 years and 3 NEWS never need to re-use a previous address.’ Terry Zink explains why mail providers are not thrilled about Standalone comparatives using IPv6 to handle email. Apple adds daily defi nition checks page 4 Mobile insecurity CLASSES OF BROWSER MALWARE Aditya Sood and Richard Enbody propose a 3 VIRUS PREVALENCE TABLE taxonomy of browser malware with the aim to provide a better insight into the techniques and tactics used. FEATURES page 8 4 Digging through the problem of IPv6 and email 20 YEARS OF EICAR 8 A browser malware taxonomy Eddy Willems reports 13 New targeted attack via Google Images on some of the topics, debates and research presented 16 CONFERENCE REPORT at the EICAR 2011 conference. EICAR 2011: A 20th anniversary in Austria page 16 18 END NOTES & NEWS ISSN 1749-7027 COMMENT ‘In the fi ght While the perpetual debate about the effi cacy of user education runs on, a clear IT security policy in the against cybercrime workplace, along with guidance on how to adhere to knowledge can be such a policy, is surely one of the most basic steps an a very powerful organization can take to help safeguard its systems. Ensuring that employees understand their responsibilities weapon.’ – and that they are fully aware of the ramifi cations for any breaches of the policy – are also important factors.
  • Computer Science 161 Fall 2020 Weaver Misc Topics 2

    Computer Science 161 Fall 2020 Weaver Misc Topics 2

    Computer Science 161 Fall 2020 Weaver Misc Topics 2 1 Pre Lecture Facepalm... From just a year ago! Computer Science 161 Fall 2020 Weaver Welcome to Hell Week.... Computer Science 161 Fall 2020 Weaver • Mental pressure of "Curl up in a ball with a rifle" vs "Pretend everything is normal" continues... • Highly likely Biden will be the winner: But we won't know for sure for another few days at least.... • Really a massive screwup: We should just have preliminary results announced on Friday at once for all states • Today is More Off Topic Stuff: • Nukes • Tor Hidden Services • Sidechannels 3 And Checking In With Everyone Again... How Are You on the Fauci Scale? Computer Science 161 Fall 2020 Weaver 4 The Interesting Problem: Limiting Use Computer Science 161 Fall 2020 Weaver • Who might use a nuke without authorization? • Our "allies" where we station our nukes • Original motivation: Nukes stored in Turkey and Greece • Someone who can capture a nuke • This is what sold the military on the need for the problem: We had nukes in Germany which would be overrun in case of a war with the USSR • Our own military • General Jack D Ripper scenario • The mandated solution: • Permissive Access Link (PAL) 5 Nuke Safety Features Computer Science 161 Fall 2020 Weaver • One-point safety – no nuclear yield from detonation of one explosive charge. • Strong link/weak link – • strong link provides electrical isolation; • weak link fails early under stress (heat, etc.) • Environmental sensors – detect flight trajectory. • Unique signal generator – digital signal used for coupling between stages. • Insulation of the detonators from electrical energy.
  • Piracy Versus Privacy: an Analysis of Values Encoded in the Piratebrowser

    Piracy Versus Privacy: an Analysis of Values Encoded in the Piratebrowser

    International Journal of Communication 9(2015), 818–838 1932–8036/20150005 Piracy Versus Privacy: An Analysis of Values Encoded in the PirateBrowser BALÁZS BODÓ University of Amsterdam, Institute for Information Law The Netherlands The PirateBrowser is a Web browser that uses Tor privacy-enhancing technology to circumvent nationally implemented Internet filters blocking access to The Pirate Bay. This article analyzes the possible consequences of a mass influx of copyright pirates into the privacy domain. The article addresses the effects of the uptake of strong privacy technologies by pirates on copyright enforcement and on free speech and privacy technology domains. Also discussed are the norms and values reflected in the specific design choices taken by the developers of the PirateBrowser. Keywords: piracy, privacy, Tor, privacy-enhancing technologies, policy Introduction Tor (The Onion Router), “endorsed by Egyptian activists, WikiLeaks, NSA, GCHQ, Chelsea Manning, Snowden” (Dingledine & Appelbaum, 2013), is a volunteer network of computers that relays Web traffic through itself to provide anonymous, unobserved, and uncensored access to the Internet. It has about 4,000 relays and about 1,000 exit nodes. Tor users connect to the network, and their Web traffic is channeled through the internal relays to reach its final destination through one of the exit nodes. This arrangement makes the identification and surveillance of Tor users difficult. Anonymity is promised by the difficulty of tracing the Web traffic that appears on the exit node back to the individual who initiated the traffic, as long as there is a sufficient number of internal hops in between. Protection from surveillance is granted by the fact that each link in the communication chain is encrypted.
  • Cyber Warfare: Surviving an Attack

    Cyber Warfare: Surviving an Attack

    14 Cyber Warfare: Surviving an Attack By Devabhaktuni Srikrishna Cyberspace is a new domain of warfare. Created to minimize the vulnerability of United States communications networks to a crippling nuclear first strike by the Soviet Union, the Internet that was originally envisioned to enhance U.S. security is turning into a battlefield 1 for nations or sub-national groups to launch virally spreading attacks 2 and induce network failures potentially involving critical infrastructure systems.3 Cyber warfare and cyberoffense 4 have been a part of U.S. military operations for decades.5 Treaties and rules of engagement define what is off-limits during a cyberwar.6 The more vulnerable the system is, the more policy is necessary to deter adversarial nations from launching attacks, and vice-versa. Some cyberattacks are analogous to air forces probing one anotherʼs defenses or perhaps to espionage during the Cold War, which occurred though there was no official war and no physical harm. Cyberespionage largest recent cyberattacks in their book, but due to a gap in theory and practice. operations of China, for example, against the United States and its allies Cyber War: The Next Threat to National Organizations are vulnerable to the extent have been going on for years and will Security and What to Do About It. Once a they want to be and to how much they want never really end.7 virus or malware is inadvertently to spend to address vulnerabilities. 14 And downloaded onto a networked personal cyber vulnerabilities can be completely U.S. Air Force General Kevin Chilton, computer (PC) by a user9, the PC can be eliminated -- unlike conventional, nuclear, former Commander-in-Chief of commandeered to perform cyberattacks chemical, or biological which are permanent Strategic Command, has stated that ranging from electronic banking crimes, vulnerabilities due to laws of nature.
  • Wikileaks: a Guide for American Law Librarians*

    Wikileaks: a Guide for American Law Librarians*

    LAW LIBRARY JOURNAL Vol. 104:2 [2012-20] WikiLeaks: A Guide for American Law Librarians* James p. Kelly, Jr.** In posting confidential and classified information, WikiLeaks has become one of the world’s most controversial web sites. This paper examines the federal law concerning WikiLeaks and the use of WikiLeaks as an information source. It raises questions librarians must ask themselves as technology advances and leaks continue. Background . .246 Legal Troubles. .248 Financial Troubles . .249 The Espionage Act. 250 New York Times Co. v. United States. .251 United States v. Rosen. .253 Other Relevant Statutes . .254 18 U.S.C. § 641. 254 50 U.S.C. § 421. 254 18 U.S.C. § 1030(a)(1). 254 Prosecuting WikiLeaks Under Current Law. .254 Proposed Legislation. 255 Cases Involving WikiLeaks. .257 A Host of Research Problems. .258 The Congressional Research Service and the Library of Congress. 258 Reliability and Moral Quandaries. .259 Conclusion . 261 ¶1 WikiLeaks has become one of the world’s most controversial web sites. In posting confidential and classified information from governments, businesses, and organizations around the world, it has become a target for those in power. Others have vigorously defended the web site, saying it promotes and defends the ideals of a free press and free speech that are vital to democracy. For librarians generally, WikiLeaks represents a new source for information that might otherwise be unavailable. However, how this information was acquired can present significant legal and ethical problems for its users. ¶2 This article examines WikiLeaks from a legal and a library perspective. While the legal status or problems of WikiLeaks in other countries is occasionally * © James P.
  • Technical and Legal Overview of the Tor Anonymity Network

    Technical and Legal Overview of the Tor Anonymity Network

    Emin Çalışkan, Tomáš Minárik, Anna-Maria Osula Technical and Legal Overview of the Tor Anonymity Network Tallinn 2015 This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non- profit and non-commercial purpose, provided that copies bear a full citation. www.ccdcoe.org [email protected] 1 Technical and Legal Overview of the Tor Anonymity Network 1. Introduction .................................................................................................................................... 3 2. Tor and Internet Filtering Circumvention ....................................................................................... 4 2.1. Technical Methods .................................................................................................................. 4 2.1.1. Proxy ................................................................................................................................ 4 2.1.2. Tunnelling/Virtual Private Networks ............................................................................... 5