A man in Ireland is arrested on child pornography charges, and a network of ostensibly anonymous and invisible websites goes down at the same time. It's no coincidence, and this latest chapter in the story of privacy on the Internet shows that it's hard to hide, even in the "deep Web."
"Just as there is no such thing as 100 percent security, there will always be an arms race to maintain anonymity," wrote Alan Woodward, a security and cryptography researcher and professor at Surrey University, in an email to NBC News.
The Independent reports that Eric Eoin Marques, a 28-year-old Dublin resident, appeared before a judge last Friday to answer charges of distributing child pornography originating from the FBI. He was denied bail and faces extradition to the U.S. should that be decided when he next appears on Aug. 8.
At the same time as Marques' arrest, a Web host called Freedom Hosting and all the sites that use it went down. Freedom Hosting — with which Marques is connected — operated via Tor, a network of semi-anonymous nodes that pass Internet traffic between them in order to hide identifying traits before sending it on to its destination.
Tor-based services, like most tools, can be used for good or evil: An anonymous Internet connection can be used to allay the fears of corporate whistleblowers or activists in oppressive regimes — but it could also be used by a purveyor of child pornography, or even drugs and guns, to serve up their illegal product undetected.
Freedom Hosting allowed people to create "hidden services," in the Tor lingo, which are essentially websites ending in ".onion" (an allusion to the layered nature of Tor's security network) and only accessible via the anonymizing Tor network. What goes on in these hidden sites is difficult to say, but the hacker group Anonymous suggested in 2011 that dozens of child pornography sites operated through the Freedom Hosting service — a serious accusation that has never been proven. With Marques arrested and Freedom Hosting compromised, it might not be long before Anonymous is proven right.
There's even more to the story. Before Freedom Hosting went down, it began serving a highly targeted form of malware to all the visitors of the invisible websites it hosted. Not the kind of malware that serves up ads or slows down your computer, but a very specific exploit that caused affected browsers to reaveal their own location on the Internet (normally obscured by the Tor network) to a certain IP address.
And who does this IP address appear to belong to? A U.S. defense department security contractor called SAIC, found investigators at Baneki Privacy Labs.
What does it mean? Until the facts are out, it's impossible to say whether this is further evidence of NSA eavesdropping, a long-running FBI investigation, or vigilante action by the likes of Anonymous — or some combination of those. Woodward believes it to be the former:
"I think from analysis of the code that was used it is likely that it is a law enforcement operation," he wrote, "if only because the malware sent very little data back to its masters and that data would be of little use to criminals." He added, "All of this is highly suggestive of a government operation rather than hackers or hacktivists."
One thing that is clear is that users of the Tor network are shaken, although Tor itself was quick to point out that the issue was not with their network per se, but with an old version of Firefox it had been distributing some months ago.
Tor is normally thought of as a fairly reliable way to stay anonymous on the Internet, but this episode is a reminder that the network and services on it do rely on real, identifiable computers that are vulnerable to certain attacks. In this case, a trusted server turned out to not be so trustworthy, and thousands of anonymous browsers may have been identified and associated with whatever content they thought they were browsing secretly — whether it was child porn or something far more innocuous, but nevertheless private.
It all seems to support the notion that even with the latest and greatest tools, there's no guarantee of privacy on the Internet. And in addition, experts like Woodward are concerned that the criminal element, undeniable and abhorrent as it is, will be the ruin of a tool that could be a powerful agent for change.
"The really sad part of this whole episode," concluded Woodward, "is that something that could be used for good (giving a voice to oppressed groups) draws considerable attention from law enforcement agencies because criminals use the technology. I suspect it will always be thus."
Devin Coldewey is a contributing writer for NBC News Digital. His personal website is coldewey.cc.