Freenet, a P2P network routing traffic across multiple nodes to hide people’s IP when filesharing, and often cited by the media as part of the dark web, appears to have been broken by law enforcement.
Court records related to Paul Bradley Meagher, a University of North Dakota police officer arrested for downloading child porn from the “anonymous” peer to peer network Freenet, reveal that the North Dakota Bureau of Criminal Investigation had been running an undercover operation in the network since 2011, planting their own nodes inside Freenet to be able to log people’s IPs and trace the final destination of users downloading illegal material.
The Dakota student news site relates how Investigating Officer Jesse Smith managed to get hold of Paul Bradley’s laptop still switched on and running Freenet on the Wifi network, law enforcement discovered child porn images during the preview before seizing the laptop, arresting the suspect, whom, at that point refused to talk with the investigators. Paul Bradley has now been charged with 10 counts of possession of child pornography and can be sentenced to up to 5 years in prison for each count, facing a possible 50 years in jail.
Freenet network jSite
The Grand Forks Herald from North Dakota cites detective Jesse Smith in the affidavit as admitting to her department running nodes in Freenet to be able to track people downloading files included in a list of known child porn file hashes from the police database.
Unsurprisingly, when a journalist contacted the Bureau of Criminal Investigation of North Dakota they declined to make any comment about the story, so little is known about how they track people. It could be because Freenet has far less nodes than Tor, or because Freenet code has some bug (it requires Java to run).
With further research I found that the ICAC Internet Crimes Against Children Task Force, in 2014 ran a Freenet workshop for law enforcement to present what they called the “Black Ice Project“. Quoted on their website as “This session will describe the basic functioning of Freenet, how persons exchanging child abuse material, the system’s vulnerabilities and how the Black Ice project exploits them.”
References:
“Child predators use technology, but law enforcement does too”
“Bail set for UPD officer”
http://dakotastudent.com/7191/news/bail-set-for-upd-officer/
AB
It looks like the user downloaded large amounts of files with known content over a long period of time, which is pretty much the DO NOT activity if you want maximum anonymity in Freenet. It’s like using Tor to download large files with BitTorrent and expecting anonymity.
The more secure way of using Freenet is the friend-to-friend structure which exists since 2007 but still finds too little use.
It depends on your friends telling you if they get contacted by law enforcement, which might be a little hard if they suspect that you might be using the connection to them for downloading child porn.
hacker10
Hello AB,
Your plan doesn’t make any sense sorry. When the police takes over a computer they also take over the identity of the person logged in, you have no way of knowing if it is really your friend behind the computer or somebody else.
The only way to protect your anonymity is by making sure that nobody, friend or stranger, has ever access to any traceable information, your computer IP, real email, phone, etc. I would only trust Tor for this.
Martin Glaubitz
It is a strange case for several reasons. Such a “big story” with “breaking freenet” is carried out by a local law enforcement of North Dakota, not the FBI? If vulnerabilities in freenet were so obvious as the “Black Ice Project” suggests, then why just 1 guy caught by now and not hundreds or thousands nation wide and world wide? Even more strange is that local law enforcement catches a local guy while freenet is running all over the globe.
This leads to some plausible scenarios as how it could happened:
A. They logged the IP addresses of freenet opennet peer contacts for an opennet node that they placed until they found a local IP to fall within their jurisdiction. Here they could contact the ISP and install some local surveillance, then record all his internet traffic and understand when it contained criminal content. This could even be traffic from outside freenet as they now had access to all his traffic. It would be plausible that this could be a strategy for local law enforcement rather then federal agencies.
B. They placed a darknet node and by this came close to their victim. Though this could have been strategy of FBI, too, it could be facilitated via local, meaning real world, contacts. One should consider other arrests regarding this kind of crime before. Imagine they caught someone before for other reasons outside of freenet and discovered that he was a freenet darknet node, then take over this darknet node to investigate its connections. That guy could have been caught for other reasons but after they realized the value of the darknet node, they focused on this.
Anyway, as long as during the maybe next 6 months there will not be a lot of further busts amongst freenet users it is likely that this is a story of more unique circumstances than a vital and fundamental threat to the freenet network as a whole.
Hacker10
Hello Martin,
I disagree with you. The article talks about how law enforcement used child porn image hashes to track down who was downloading them, this means that they have their own computers in the network, there is no other way to do it.
I can see two huge flaws in Freenet, one is that the number of nodes is small, this makes tracing people easier, and two is that in Freenet your own computer becomes part of the network helping pass content around, too dangerous for me sorry. I would advise people wanting real anonymity to use Tor.
Red
ABSOLUTELY!!! I tend to think like Bugs Bunny. He is a wise talking rabbit who would never be stupid enough to click on a freenet link in the FIRST place!!! The truth is, you have NO way of knowing who ( or “what” if it’s some type of computer exploitation “bot” ) it is you’re DEALING with!!! They bust internet pedophiles who try to meet up with kids this very same way!!! You have NO way of knowing WHO is on the other end of the line!!! And when you reach your cyber destination, you will have shed any disguises you may have been wearing!!! It;’s like walking blind-folded and entering a room full of COPS!!! By the time the lights are switched on, it’s too late, and your sorry ass is HASH!!!
All you have to DO is go into Freenet, do a questionable search, and download the images to your hard drive!!! The services are very very slow, but other than that, it really is simple and easy to DO!!! Just go on in, pull up the file you want to view, and hit the download!!! Hint: YOU’LL BE SORRY!!!
Fat Albert
Hey hey hey. Spot on, Red. 1. Non-police related child porn is so rare, it is almost impossible to find. GOOD RIDDANCE. 2. The authorities are on the internet ( both dark-web and visible web. ). Don’t kid yourself. They number in the hundreds of thousands!!! They have state of the art cyber- sleuthing computer tools and programs that are at least 30 years more advanced than anything “we” possess. Our very best efforts to dodge their radar screens will inevitably FAIL. Frankly, I wouldn’t touch Freenet with a 37 foot pole!!! Not worth it.