Japanese police target users of Tor anonymous network

Trollbeater

Robin Hood of U15 Torrent
Jan 6, 2009
455
38
Japanese police target users of Tor anonymous network
BBC News

Japanese people who "abuse" the Tor anonymous browsing network could be blocked from using it.

The recommendation was made in a report drawn up for the National Police Agency (NPA) in Japan by a panel of technology experts.

The panel was formed to help decide how to tackle crimes committed with the aid of the Tor network.

For months, Japanese police attempts to catch a hacker known as "Demon Killer" were hampered by his use of Tor.
'The Onion Router'

The internet service provider (ISPs) industry would be asked to help site administrators block the use of Tor if people were found to be abusing it, the Mainichi Shimbun newspaper reports.

Tor (The Onion Router) is a way for people to use the web without surrendering the identifying data that websites typically gather. As its name suggests, it sends data traffic through a series of routers arranged in layers like in an onion to make it difficult to find out who is browsing a site or is behind any particular web activity.

Tor has vexed several Japanese police investigations into cybercrime. In particular it stifled attempts to find and arrest a hacker who used the "Demon Killer" alias.

Japanese police began investigating the hacker after he started threatening to bomb schools and nurseries via messages posted to chat forums and discussion boards. A reward of 3m yen (£20,000) was offered for information leading to the hacker's identification.

Police arrested four people for posting the threats but realised the hacker had compromised the computers of these innocent victims and was abusing their machines remotely via Tor.
Malicious program

The hacker continued to taunt police in emails that sent investigators all over the country looking for him. In a bizarre twist the hacker directed investigators to Enoshima, an island off Tokyo, and gave them information that led them to a cat wearing a collar on which was a memory card.

The card held details of the code and malicious program he used to gain remote control of victim's computers. Inadvertently, directing police to the cat helped them catch the suspected hacker, Yusuke Katayama, 30, who was seen on CCTV footage with the cat.

After Mr Katayama's arrest, the NPA sought guidance on how to handle similar cases. The industry report drawn up for the NPA recommended considering a ban on Tor and other anonymising networks as they had been found to be used in a wide variety of crimes.

Japanese ISPs have not welcomed the recommendation.

"Communication privacy is our lifeline. We won't be able to accept such a request," an industry insider told the Mainichi Shimbun.

http://www.bbc.co.uk/news/technology-22248692
 

Ceewan

Famished
Jul 23, 2008
9,151
17,033
A lot of tor nodes are from corporate, military and educational institutions so a ban on Tor nodes is highly unlikely.

As far as the hacker goes.....glad he was caught. People that threaten to blow up kids and schools need some re-education and phycological help.
 

isityours

People don't dance no mo'
Sep 27, 2008
2,886
4,135
As far as the hacker goes.....glad he was caught. People that threaten to blow up kids and schools need some re-education and phycological help.

people that actually do that probably need those things but people that just threaten those things probably just need to get a life...

nice story.
 

Ceewan

Famished
Jul 23, 2008
9,151
17,033
people that actually do that probably need those things but people that just threaten those things probably just need to get a life...

NO. People that blow up schools or nurseries with kids in them on purpose don't need help, they are past helping. Those kinds of people are too dangerous to be allowed to live in a society and are best put down like the mad dogs they are.

Going to all that trouble to make threats against innocent children that are no danger to you whatsoever the way this guy did is a serious cry for help and I hope he gets it. This was not the same as putting a "kick me" sign on someones back as they walk by and in no way resembled a harmless prank in my opinion.
 

Aqua2213

New Member
Jul 23, 2008
777
59
The hacker continued to taunt police in emails that sent investigators all over the country looking for him. In a bizarre twist the hacker directed investigators to Enoshima, an island off Tokyo, and gave them information that led them to a cat wearing a collar on which was a memory card.

 

Miku-Numnum

Member
Mar 10, 2007
65
10
Japanese people who "abuse" the Tor anonymous browsing network could be blocked from using it.
Odd that you could be blocked from something that is by definition (or this statement) anonymous
 

isityours

People don't dance no mo'
Sep 27, 2008
2,886
4,135
Odd that you could be blocked from something that is by definition (or this statement) anonymous

i think you mean, odd that they would have proof that you were the one abusing the tor network because it is anonymous.

while it can still be proved that a user is/was connected to tor (if they dont use a proxy while connecting to it) proving who is using the network for what purpose is more difficult.

also, as i understand it, the information sent isnt encrypted (unless it has been prearranged to be decrypted by the receiving end) before it is uploaded to the network. the 'onion' provides protection while the packet is bouncing between nodes but the first upload and the final release (in this case posting to a message board) would need to be unencrypted. this provides some theoretical leeway i guess.

what the japanese authorities are talking about though is an isp level blocking of tor (the web site) and making it as difficult as possible to use the tor network. what doesnt make sense, and the reason that it can neither be effective nor implemented is that they are talking about only blocking users that have been proven to be abusing it.
 

Ceewan

Famished
Jul 23, 2008
9,151
17,033
Odd that you could be blocked from something that is by definition (or this statement) anonymous



ISPs often use blocklists, that is they have domain name or IP list that if you type in they will block you from accessing. Tor is as anonymous as it gets and it is patterned off a military multi-layer encryption technique called Onionrouting. This means the original request travels through a minimum of three different computers, the first two requests encrypted, to get to its' orgin. The last request goes through an exit node which is not encrypted so it can reach its' destinantion. These exit nodes are not anonymous but tracing the computer that makes the original request is practically impossible. The Tor nodes themselves are not kept secret, though nodes are added and removed on a regular basis because Tor nodes are completely volunteer only. So if someone was to add known Tor nodes to an ISPs' blocklist then Tor users would have a very difficult time accessing Tor because they could not connect to the Tor node to make any requests.

Example: I use my computer to access Akiba-Online using the Tor network. My ISP does not see my request when I type the URL in my browser because it is sent as an encrypted request to a Tor entry node. (What my ISP does see is my request to access the IP of the first node and this IP can be blocked). The Tor entry node then sends my encrypted request to a second node who passes that request on to a third node. The request to access the url Akiba-Online then goes out a Tor exit node in an unencrypted form so the Tor exit nodes ISP can understand it and grant the request.
 

isityours

People don't dance no mo'
Sep 27, 2008
2,886
4,135
ah, sorry. i misunderstood the OP. the police are hoping that isp will assist sites in blocking users from allowing access to them from tor (which would be even less effective and many times more difficult to gain cooperation for and to monitor). it still seems like a fairly half-assed attempt at control over this 'problem'.

in the case of dedicated or semi-permanent nodes, blocking could be implemented but the mere fact that the users themselves can create/become nodes at will makes it impossible to block everyone.
 

lowleg26

non-active
Oct 25, 2009
1,766
212
In a bizarre twist the hacker directed investigators to Enoshima, an island off Tokyo, and gave them information that led them to a cat wearing a collar on which was a memory card...

...Inadvertently, directing police to the cat helped them catch the suspected hacker...who was seen on CCTV footage with the cat.

I think we're all overlooking a serious question: Is the cat doing OK? :puzzled:
 

isityours

People don't dance no mo'
Sep 27, 2008
2,886
4,135
I think we're all overlooking a serious question: Is the cat doing OK? :puzzled:

you did see the cats name, demon killer, right? im sure its doing fine :joker:

but, no, seriously. it was the cat all along...
 

cattz

(◣_◢)
Jun 11, 2007
305
5
Weird with the cat part, and good riddance to the actual guy, but realizing Tor exists just now...?

Are we going to see "Concerns about anonymous VPN providers" in 4-5 more years..?
 

Zuul24

New Member
Nov 13, 2009
2
0
What amused me was the fact that the guy thought he was untouchable because of the TOR network then got cocky and got caught for it.

TOR anonymity is one thing... using it for terrorism and threats is unacceptable.

Yeah, and what happened to the cat? :)
 

koji52

Member
Jan 11, 2011
82
4
The hacker continued to taunt police in emails that sent investigators all over the country looking for him. In a bizarre twist the hacker directed investigators to Enoshima, an island off Tokyo, and gave them information that led them to a cat wearing a collar on which was a memory card.

The card held details of the code and malicious program he used to gain remote control of victim's computers. Inadvertently, directing police to the cat helped them catch the suspected hacker, Yusuke Katayama, 30, who was seen on CCTV footage with the cat.

that's what you get for getting full of yourself...

At first i thought he was a simple hacker, then started threatening about bombing? Threatening to bomb schools where children are is a very serious crime especially when we are at war with terrorists. Bombs don't pick victims; your either man or women, adults or minors, rich or poor you will get hurt or die. He was going to far with that one. I just hope that he was just scaring people and not really attempt to do it, and I'm glad he was caught.

:cheer:
 
Aug 11, 2012
48
25
Police arrested four people for posting the threats but realised the hacker had compromised the computers of these innocent victims and was abusing their machines remotely via Tor.

Isn't the police and/or reporter misunderstanding how TOR works here? I mean, from what they're saying it's like I can compromise computers just by logging onto TOR.

NO. People that blow up schools or nurseries with kids in them on purpose don't need help, they are past helping. Those kinds of people are too dangerous to be allowed to live in a society and are best put down like the mad dogs they are.

Your comment totally reminded me of Mirai Nikki. I found it hilarious that by the end everyone was friends with the ninth and she was portrayed as something of a protagonist; but no one seemed to remember that she bombed a school while class was in session, presumably causing dozens of injuries and/or deaths of innocent children.

Weird with the cat part, and good riddance to the actual guy, but realizing Tor exists just now...?

Are we going to see "Concerns about anonymous VPN providers" in 4-5 more years..?

Truths. Good luck doing more than browsing and making posts with TOR, everybody knows that if you want to download stuff (warez, child porn, etc) VPNs are what it do.

Anyways, guy got caught, no one got hurt, kinda seems like the police are just whining that their job is too hard. Also, good for the Japanese ISPs for having some integrity. I doubt the major US ones would have the balls to make the same response.
 

Ceewan

Famished
Jul 23, 2008
9,151
17,033
Isn't the police and/or reporter misunderstanding how TOR works here? I mean, from what they're saying it's like I can compromise computers just by logging onto TOR.


No, this time it is your misunderstanding. Tor exit nodes are plainly visible when they relay URL requests from a Tor user. Apparently a few Tor exit node owners were briefly arrested and/or detained when police were attempting to track the orgin of the bomb threats and/or taunting emails. In this way Tor exit node owners are very vulnerable and have been detained in other countries for lesser offensives in the same manner. So, in a manner of speaking, one can compromise other computer owners by abusing Tor.

This is not the purpose of Tor. Tor is meant to offer anonymous web surfing without having your ISP spy on you and offers the free use of a "proxy firewall". Most ISPs' and websites track your activity and sell this knowledge even if they have no right to it. Tor prevents this by insulating its' users and bypassing immoral ISP and government blocklists that maintain that they have the right to what you see or read. Tor is a free humanatarian project that is supported by the EFF and many other corporate and educational entities that believe in this endeavor. (I noticed that Hewlett-Packard even operates a Tor exit node.)

Tor coders have done what they can to prevent Tor from being blatantly misued and to keep Tor as anonymous as possible but there is no way that they can prevent the kind of abuse as was mentioned in the thread topic. For that reason Tor has made a few enemies among law enforcement circles across the globe, (although this was one of the worst instances I have ever read). Tor has many vulnerabilities if not used properly but one has to be setup/prepared to take advantage of them, which, I suspect, many law enforcement agencies are not, (as was probably in this case). A simple IP check is a useless and primitive tool against Tor users. I find the emails to be a particularly interesting matter as proxies are usually useless when sending emails because emails contain the original IP in its' header information, (of course you have to know to look for it).
 
Aug 11, 2012
48
25

Hmmm...good information but I suppose my issue is more of a rhetorical one RE: the use of compromise. Actually now that I think about it, from what was in that article I think calling the guy a hacker is giving him too much credit. Knowing how to TOR doesn't make you a hacker nor does using TOR to make threats mean you have compromised the exit nodes. Well I suppose you could argue it compromises the integrity of TOR or something along those lines but not compromise in the context of computer security that the article used. I guess it's really just nitpicking but these kinds of guys tend to love being called hackers and I don't approve of the media feeding their egos, especially when what they're doing is such low level, petty (as far as hacking goes) crap. I'm not thrilled when \b\ DDOS's someone and the media tells us the shake in fear of the superhacker group anon and this guy isn't even on that level (simply going by what's in the article; I have no interest in looking into this guy any further).

On a different note, I'm kinda surprised this is the most serious misuse of TOR you know of, I'd expect it to have been used for worse before. That being said the only other case I can think of was something involving a document about counterfeiting coupons in the US. Even that I suppose was more serious in a way. It certainly had more real world impact (i.e. costing businesses money) than some chump making idle threats for the epeen. If you can't tell I have no love for the guy but it's less about the threats (doesn't seem like he had any intentions of following through) and more for being a scummy, low-level attention whore who ultimately got what he was seeking. At least I can take comfort knowing that within a week or two no one will remember him and he will still be rotting in jail. But oh how I hope he doesn't get a Wikipedia page.
 

Aqua2213

New Member
Jul 23, 2008
777
59
I guess this event could be catagorized as a "Pink Collar" crime...

 

isityours

People don't dance no mo'
Sep 27, 2008
2,886
4,135
im assuming that this is the same guy when i write this but i may be wrong.

there was stuff on the news around this time about someone who had hacked into some site or server and left messages for people, or who had hacked into somewhere and used that as there place of release to send threatening messages to the police. at the time the media said that the police were having trouble tracking the person as they were 'bouncing their connection through multiple servers' but the tor network wasnt mentioned as far as i remember. this guy was actually hacking.

the way the above story reads, there was just some guy posting messages to boards through tor and he got put in jail for it.