Last year, the Federal Bureau of Investigation (FBI) hacked the hidden service Tor in order to track people who used child sex websites.
Following this, Mozilla is now requesting courts to reveal as to how the FBI carried out the hack.
This would enable Mozilla Firefox to ensure that its code remains secure.
How The FBI Hack Tor?
In the hack in 2015, the FBI seized the servers that ran a pedophile website by name Playpen.
However, the agency did not shut down its operation.
FBI agents continued to run the website using the same servers for the purpose of identifying the users’ IP as well as MAC addresses though they accessed the website through Tor.
Customer details were forcibly obtained from the Internet Service Providers (ISPs).
Arrests followed on receipt of customer details.
The agency referred to the technique it employed to hack the pedophile website as network investigative technique and flatly refused requests to reveal as to how the hack was executed.
Denelle Dixon-Thayer, chief legal as well as business officer of Mozilla, explained through a blog post as to why it is important for Mozilla to have a clear understanding of the vulnerability which allowed the FBI to hack Tor.
According to her, the Tor makes use of a part of the Firefox browser code to run its browser.
It is speculated by some, including those in the defense team, that there might be vulnerabilities in the portion of the Firefox browser code that Tor is using.
She also noted in the blog that nobody, including Mozilla Firefox, is aware as to what vulnerability the FBI exploited for the Playpen hack operation.
Further, none outside the government knows whether the vulnerability resides within Mozilla’s code base or not.
Vulnerability and Hack Details
As a result, Mozilla Corporation has recently filed a brief in the courts, begging that the vulnerability and the hack details be disclosed to them by the government.
Denelle Dixon-Thayer also noted in the brief that the order issued by a judge to reveal the hack and vulnerability details to the lawyers of a defendant, Jay Michaud, caught as part of the probe, is not justified.
According to Mozilla, hackers might be in a position to exploit the vulnerability in the Firefox browser if the hack details are publicly disclosed without providing access to the information to the company first.
This is because the browser is being used by millions of people.
As such, the argument covers all those people around the world who use the Firefox browser.
A spokesman in the US Department of Justice reportedly said that the department would respond to the brief on a later date.
Mozilla’s brief comes in at a time when the process of disclosing computer security issues identified by the federal agencies is being debated.
In fact, it follows the recent standoff between the FBI and Apple related to unlocking the iPhone purportedly used by the shooter in the terrorist attack in San Bernardino, California.
The policy of the Obama administration is that the government should submit the details of flaws they identify during the course of investigations to an interagency group.
However, evidence shows that this is not the case.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018