If you haven't heard about the Dark Web in a while, it's a sometimes-seedy part of the Internet where criminals, drug lords, and child porn purveyors hide behind encrypted Web browsers like Tor to conduct their business behind a virtual closed door.
All that terrible stuff raises some dicey issues when it comes to the federal government spying on people. If they're on the Dark Web sharing child pornography, should the government be able to spy on them? Or, do these criminals also deserve their privacy?
It's not a hypothetical question and, as unlikely as it seems, this directly affects you. One year ago, the FBI hacked into the Dark Web site Playpen, a child porn website. They used a method called Network Investigative Technique (NIT) to get into the site, ultimately using what they found to charge 137 people with child porn-related crimes.
That's good. But, the FBI used an unreleased flaw in the Tor browser to get in. The problem is that the Tor browser is built on the Firefox Web browser, which about 10% of Internet users have installed.
Meaning, the vulnerability that the FBI exploited in Tor is probably also a vulnerability in Firefox. The FBI has so far not revealed what the flaw is.
Here's what Firefox-creator Mozilla told the site Motherboard:
"We are always looking for potential vulnerabilities in Firefox but, without more information, we cannot investigate whether the FBI used a specific vulnerability. When we become aware of vulnerabilities, we aim to fix them in a timely fashion.