Share this article:
Tor: Law Enforcement’s Friend or Foe?
In the last few weeks and months we have seen numerous stories about arrests concerning “hidden service websites” on Tor. If you were not paying attention, the FBI, DEA and others have had several arrests associated with drug trafficking on the site Silk Road, which has since been taken down. There also was a least one arrest for illegal gun sales on another Tor site, Black Market Reloaded. With all this bad stuff happening on Tor, it must be bad and maybe it is law enforcement’s enemy?
To that, I say horse hockey, slow down and contemplate some things! In the brick and mortar world, we never designate a interstate highway as “evil” or a law enforcement‘s foe, because there are too many accidents, DWI arrests, or it is used by drug runners to transport shipments. We recognize that our interstates can be used for good or evil. The highway is neutral; it just can be used for good or bad purposes. The same is true for Tor.
What purpose does Tor have for law enforcement, other than an online place to catch, or attempt to catch bad guys? To answer this question we have to consider Tor’s original goal, which was… “protecting government communications”. Part of that protection involves hiding the source of the communication from enemies. Tor’s website further notes: “ Today, it is used every day for a wide variety of purposes by the military, journalists, law enforcement officers, activists, and many others.” Did you notice that is said law enforcement officers? What do they use it for? Tors’ site notes that it issued in the following way by law enforcement:
- “Online surveillance: Tor allows officials to surf questionable web sites and services without leaving tell-tale tracks. If the system administrator of an illegal gambling site, for example, were to see multiple connections from government or law enforcement IP addresses in usage logs, investigations may be hampered.
- Sting operations: Similarly, anonymity allows law officers to engage in online “undercover ” operations. Regardless of how good an undercover officer’s “street cred” may be, if the communications include IP ranges from police addresses, the cover is blown.
- Truly anonymous tip lines: While online anonymous tip lines are popular, without anonymity software, they are far less useful. Sophisticated sources understand that although a name or email address is not attached to information, server logs can identify them very quickly. As a result, tip line web sites that do not encourage anonymity are limiting the sources of their tips.”
Now think about it. Tor is being used not only to sell illegal drugs and weapons, but also for law enforcement purposes too. Isn’t that just like an interstate? Additionally, Tor is making an effort to speak with law enforcement about how if functions. That doesn’t sound unfriendly to me.
So, in my opinion Tor is neither foe nor friend. It is just something that police have to understand and work with, just like they do when they patrol any other highway, either informational or real. I am sure there are folks with political clout or some agenda who will differ on that view. My hope is they don’t miss it up for those who enforce and/or obey the law. Too often when government tries to make something better, the result is bad. Maybe Tor is like the government too. It can be bad or good depending upon who is in at the time or what they are doing. Now there is a thought.
In our book, Todd and I discuss tips and pointers for investigators who need to use Tor to get unseen to their designation of interest. We also of course provide guidance for those who patrol or investigate all areas on the online highways of the Internet. I am glad law enforcement is patrolling Tor’s areas. It hopefully makes our world a safer place. For now, I think a good cigar is in order.
Want to read more on internet crime? You can order your very own copy of Art and Todd’s new book, Investigating Internet Crimes, 1st Edition: An Introduction to Solving Crimes in Cyberspace at a 30% discount.
Just enter discount code “STBCNF13” at checkout.
About the Author
Art Bowker (@Computerpo) has over 27 years’ experience in law enforcement/corrections and is recognized as an expert in managing cyber-risk in offender populations. In addition to co-writing Investigating Internet Crimes, 1st Edition: An Introduction to Solving Crimes in Cyberspace, he is also the author of The Cybercrime Handbook for Community Corrections: Managing Offender Risk in the 21st Century.
Art is a lifetime member of the High Technology Crime Investigation Association (HTCIA) having served on its Executive Committee, including as President in 2008. In November 2013, received the Federal Probation and Pretrial Officers Association’s (FPPOA) top award, the Richard F. Doyle Award, for having made the most significant achievement in, or contribution to, the Federal Probation & Pretrial Services System or the broader field of corrections. Additionally, he received the Thomas E. Gahl, Line Officer of the Year Award (Great Lakes Region Award), which is named in honor of the only U.S. Probation Officer killed in the line of duty. Both awards centered on his contributions and efforts in managing cybercrime risk. In January 2013, Art was recognized by the American Probation and Parole Association (APPA) with the Sam Houston State University Award for his writing contributions to promote awareness of cybercrime and tools for helping the community corrections field combat computer crime. He is a member of both FPPOA and APPA. You can learn more about Art, his work and interest at his website, Computerpo.com.
Tor. (n.d.). Who uses ?. Retrieved from https://www.torproject.org/about/torusers.html
Trip report: Tor trainings for the Dutch and Belgian police. (n.d.). Blogs. Retrieved from https://blog.torproject.org/blog/trip-report-tor-trainings-dutch-and-belgian-police
Securing computer systems is crucial in our increasingly interconnected electronic world. With so many business, consumer, and governmental processes occurring online, a growing potential exists for unauthorized access, change, or destruction of those processes. For years, Elsevier’s Syngress imprint has helped computer and information security professionals learn theory, strategy, and tactics for protecting digital assets in this constantly evolving field. Our books and eBooks in areas such as info security, digital forensics, hacking and penetration testing, certification, and IT security and administration. Click here for Syngress companion materials Click here for access to our archive of free eBooks, booklets and downloadable PDFs for Syngress and Computer security content. Access companion materials and instructor’s resources for all our books from the Elsevier Store. Search by author, title or ISBN, then look for the “Resources” tab on any book page.