There was once such a disgusting villain “Brian Keel” Hernandez. Who was engaged in blackmailing, threatening, and extorting money from young women and children. He sent them threats of rape, explosions, and mass shootings in schools. In general, he was a real freak. The villain communicated with his victims through the social network Facebook. And Hernandez also did not forget about anonymity. He carried out his dirty deeds using the Tails operating system.
Of course, he did not install it on his computer, he worked from a flash drive, kept the system up to date, anonymized connections through Tor, in general, had fun in full.
And it is also worth recalling that Facebook has its own mirrors in Tor.
Hernandez’s creepy atrocities have caught the attention of the FBI and Facebook. Who took up his deanonymization.
Facebook has developed an automated system for tagging newly created accounts that have exchanged messages with minors, and has made Hernandez detection a priority for its security teams. They also paid a six-digits to a third-party contractor to help develop a zero-day exploit in Tails: a bug that allowed him to get the real IP address of a person browsing Facebook.
And of course, the anonymous mask immediately fell off Hernandez’s face. He was captured and pleaded guilty to 41 cases, leaving him to spend the rest of his life in prison.
And now for the most delicious:
Facebook has never notified the Tails team of a vulnerability it found – breaking a long-standing industry tradition of information disclosure, in which relevant developers are notified of vulnerabilities before they become public. The Tails update was supposed to remove the vulnerable code, Facebook did not, although the social media company had no reason to believe that the Tails developers had ever discovered this bug.
It is not known how many times the FBI may have used the exploit in other cases or may have transferred it to other federal agencies.
And also we will never know how many such exploits have been developed for deanonymization, and how many backdoors present in each operating system for now.
The moral of the whole fable is as follows:
– Do not be a greedy man blackmailing little girls.
– Do not be naive. Do not think that by going through Tor, I2P or anything else to social networks, no one will rip your mask off, even if you have thought everything over and taken into account.
– If three-letter services are looking for you, they will find you.