Statement from the Tor Project re: the Court's February 23 Order in U.S. v. Farrell
Journalists have been asking us for our thoughts about a recent pdf about a judge deciding that a defendant shouldn't get any more details about how the prosecutors decided to prosecute him. Here is the statement we wrote for them:
"We read with dismay the Western Washington District Court's Order on Defendant's Motion to Compel issued on February 23, 2016, in U.S. v. Farrell. The Court held "Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network." It is clear that the court does not understand how the Tor network works. The entire purpose of the network is to enable users to communicate privately and securely. While it is true that users "disclose information, including their IP addresses, to unknown individuals running Tor nodes," that information gets stripped from messages as they pass through Tor's private network pathways.
This separation of identity from routing is key to why the court needs to consider how exactly the attackers got this person's IP address. The problem is not simply that the attackers learned the user's IP address. The problem is that they appear to have also intercepted and tampered with the user's traffic elsewhere in the network, at a point where the traffic does not identify the user. They needed to attack both places in order to link the user to his destination. This separation is how Tor provides anonymity, and it is why the previous cases about IP addresses do not apply here.
The Tor network is secure and has only rarely been compromised. The Software Engineering Institute ("SEI") of Carnegie Mellon University (CMU) compromised the network in early 2014 by operating relays and tampering with user traffic. That vulnerability, like all other vulnerabilities, was patched as soon as we learned about it. The Tor network remains the best way for users to protect their privacy and security when communicating online."
"a thermal imaging camera is not commonly available to the public".
SCOTUS could hardly say that today, unfortunately.
1. Some smart phone makers are already offering thermal cameras in their consumer products.
2. At least one Chinese maker of consumer drones is offering a drone equipped with a thermal camera (cost: less than 2000 USD).
Speaking of China, one model of phone unlocking copware device which is becoming very popular with US cops (because it is a kind of "Swiss Army knife" which can unlock most any device, in contrast to better known devices which can often only unlock Apple phones, or only unlock particular models) is made by a Chinese company. And when the cops boot it up, it contacts servers back in China and even shares data found in the unlocked devices with the Chinese manufacturers. So when FBI or another US LEA unlocks your phone, they may be sharing your data, not only with American and British spooks (CIA, NSA/GCHQ), but with Chinese spooks.
MI5 is being granted to trawl directly through NSA's database for information on US persons communications, by the way.
With little fanfare, hidden cameras and microphones are quickly becoming ubiquitous in US homes. Although consumers are not being informed that their consumer devices may contain hidden spies you didn't ask for and probably don't want in your home. Examples include Samsung Smart TVs. Other items have microphones which listen and transmit your in-home utterances (often via unencrypted WiFi connections) to corporate servers, such as Google Nest "Smart Home" devices. Companies which make IoT devices are all agog about LED lightbulbs which will contain microphones and other bugs to enable "targeted adverts" and "cross platform tracking" (identifying particular WiFi devices such as phones and laptops with particular known individuals who can be bombarded with instant messages or worse).
I could say much more along these lines. To mention just two:
1. some people affiliated with CSAIL (MIT's once respected Computer Science and Artificial Intelligence Lab) are selling to the general public a $300 consumer device which nosy neighbors can use to image people right through the walls of an apartment.
2. some US researchers are touting a bundle of microscopic fibers which can be pushed through microscopic pores in just about anything (fiberboard, say), and which can be attached to an inexpensive small device which can form a sharp optical image without any need for lenses. This is nothing like a "camera" as the public understands that word, but LEAs are already rushing to exploit it for inhome covert surveillance of "suspicious" persons.
Please, give the links to the papers.
For CSAIL, links were given in comments to another blog post on this website.
For the microscopic fibers with free ends which can be used to form sharp images without any need for lenses or focusing by using software to compensate for light travel time differences to/from bits of objects to be imaged and the ends of the various freely moving microscopic fibers, look at phys.org.
If you can't find them, please ask again and I'll dig out the links for you.
Thinks I'm stupid
Did you mean to write "Thanks?"