top | item 22293149

(no title)

ohmygodel | 6 years ago

In this case, the main question is how the server was discovered, not how the operator was then deanonymized. As the article describes, after the server was discovered to be in France and run by OVH, authorities used legal treaties ("MLATs") to obtain the subscriber information, leading them to the person that recently plead guilty in court.

discuss

meowface|6 years ago

This seems incredibly naive. Who would register a VPS hosting different kinds of the most illegal content imaginable using their real name or IP address? Even if they thought hidden services were impenetrable, there are always other possible slip-ups you could make which could disclose the server's real IP, and of course they'd be ignorant to think any security measure is impenetrable, including Tor.

DPR made extremely careless mistakes, too, to the point that even a random amateur investigator could've identified him, using only Google.

It's shocking how many of these people aren't caught sooner when they don't even know OPSEC 101.

AlexCoventry|6 years ago

To people who were paying attention to the wishful thinking at the time about tor's security guarantees, it doesn't seem so incredible.