All the recent dark net arrests seem to be pretty vague on how the big bad was caught (except the IM admin’s silly opsec errors) In the article they say he clicked on a honeypot link, but how was his ip or any other identifier identified, why didnt tor protect him.

Obviously this guy in question was a pedophile and an active danger, but recently in my country a state passed a law that can get you arrested if you post anything the government doesnt like, so these tools are important and need to be bulletproof.

  • DisgracedDoctor@mander.xyz
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    How hard is it to implement a backdoor in a fully opensource project? (Assuming the project in question has a lot more eyes on it then an overworked developer)

    • FractalsInfinite
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      Pretty much impossible, especially with so many eyes on the project. It is possible to intentionally introduce vulnerabilities into open source code and use that as a backdoor but for projects like tor keeping that hidden for long periods of time is incredibly difficult due to the number of people independently auditing the code.