Advertisment

Recent federal court documents show that multiple suspected board users of an unnamed DW child porn site have been reportedly ID’d by the United States Department of Homeland Security (DHS). However, unlike the world-wide bust of almost 1000 users of the once-popular DW site “Playpen”, a site which was temporarily run by DHS and FBI agents for a fews days before the arrests, Federal law enforcement didn’t accomplish this with exploits of the Tor protocol, or by a comprehensive hack. Instead, they found a workaround: users of the dark web site posted links to child pornography that was hosted on a file sharing service, so investigators obtained IP addresses from that host.

The child porn site in question is not revealed in the court filings; it is only mentioned as “Bulletin Board A”. In at least one of the transcripts, a federal investigator involved in the case went on record saying that the site had “at least 23,000 users.”

Federal law enforcement agents were given a break in the case when they noticed board users were posting links and files of child porn to the board, links and files that were hosted by the clearnet file sharing site “ziifile”. Ziifile makes users sign in with an account, a step which apparently many board users did on a regular browser. While this was convenient, as upload speeds of images and video over tor are notoriously poor, it proved to be one corner cut too close. Once authorities figured that out, all they had to do was subpoena ziifile for the IP addresses of the uploaders of the files, and anyone who used ziifile over the clearnet even once was unmasked. As mentioned by the state’s attorneys in the court papers, “the storage service provided, among other information, business records that contained the IP addresses connected to the downloading of the specific files.”

As reported by Joe Cox from Motherboard, at least three cases related to the DW board and ziifile have been found to exist. In December, David Skally, from Rhode Island, pleaded guilty to possessing child pornography; Jack Bean, Jr. from Massachusetts, pleaded guilty to similar offenses in February, and a third suspect, Larry Reece, from Virginia, was also identified by law enforcement. Reece has since had his charges dropped due to cited lack of evidence by his attorney.

Goes to show that even though Tor browsing can protect your identity, the browser can’t prevent users from outing themselves through careless mistakes. Although many of us are glad to see pedophiles reprimanded, this case should be a serious warning for anyone trying to share files securely over the dark web. As convenient as they are, clearnet sites like Dropbox or Google docs are not secure and dangerous to use to share sensitive content. Luckily, there’s a solution for Linux users that provides both relative speed and amazing security, although in exchange for a complicated configuration process and a clunky GUI. It’s an FTP daemon called vsFTPd, and you can find out more about it here.

The author of this article is donating his proceeds to the Ross William Ulbricht defense fund.

Get the latest Bitcoin News on The Bitcoin News
Our Social Networks:
Facebook Instagram Pinterest Reddit Telegram Twitter Youtube