Eric Eoin Marques remains in Ireland for another week, and Tor users remain in limbo

A man with dual citizenship will wait another week in the Irish court system for a decision regarding his extradition on a Maryland arrest warrant, according to multiple Irish media sources' reports Thursday morning.

Meanwhile, the malware attack on Eric Eoin Marques' servers that coincided with his arrest last week may have taken down a tool vital to journalists, dissidents and whistleblowers. According to The Telegraph:

So-called 'darknet' services like Tor have a bad name, because they are used to spread pornography and images of child abuse, as well as to sell drugs via sites such as the Silk Road. However, they are also used for many legitimate purposes.

For example, some journalists and whistle-blowers use them to communicate with each other, and military and law enforcement officers use them to gather intelligence. (Link)

Marques was arrested on multiple charges related to child pornography, according to several British and Irish news sources, with FBI officials calling him the world's biggest "enabler" of violent child porn.

An American intelligence contractor has been accused of planting the malware, which works to de-anonymize many Tor users, including those who use some of the entirely legal services Marques hosted.

The software

Initial development of the Tor software was originally sponsored by the United States military. Like the wider Internet it enables both positive and negative activities. As the nonprofit organization that now maintains Tor puts it:

Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory.

It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others. (Link)   

Tor works by routing users' traffic through a series of intermediary servers, encrypting and decrypting it along the way in layers -- what is known as "onion routing." This provides a level of anonymity for dissidents and people looking to subvert censorship.

That anonymity, however, also enables actions like drug sales, money laundering and hosting of child pornography. In addition to the Tor software itself, users can utilize "hidden services" -- sites that are often served with a .onion address. Those include Tor Mail, a popular service thought to have been compromised.

SAIC, a Virginia-based intelligence contractor with a large presence in Maryland, is suspected by researchers as a source of the attack on a set of Tor's hidden services hosted by Marques' company.

The exploit took down several hidden-service sites, then used an error page on the sites to target older versions of the now-patched Tor browser bundle, an easy-to-install package of software designed to make Tor simple to use.
So where does that leave users who want Tor's privacy for upstanding purposes?

They have a few options. If they're listening to the Tor team, however, those options should probably no longer include Windows. At least one report has suggested that Macs are vulnerable, as well.

Perhaps the safest bet for now -- assuming a user is willing to trust a project that was originally started by the military at all -- is to use an updated version of Tails, a custom operating system that is designed for anonymity and can be burned onto a single DVD.

Copyright © 2021, The Baltimore Sun, a Baltimore Sun Media Group publication | Place an Ad