Kiddie Porn – Anti-Tor Malware

U.S. v. COTTOM (December 22, 2015).

This quote tweeted April 27, 2016 by Anonymous:


Dr. Matt Edman also testified at the hearing. Id. at 84-101. In the Fall of 2012 he was employed by the Mitre Corporation as a senior cyber security engineer assigned to the FBI’s Remote Operations Unit. Id. at 84. He testified he has a bachelor of science degree in computer science from Baylor University and a Master’s Degree and Ph. D. in computer science from Rensselaer Polytechnic Institute. Id. at 85. He essentially corroborated Smith’s testimony. Id. at 85-89. He stated he adapted and configured the application found on Decloak.net to collect the limited set of information from a user’s computer (a unique identifier, the user’s operating system type, version, and architecture) and then send that information to the FBI-controlled server. Id. at 89. He wrote the source code and called it “Cornhusker.” Id. at 87. He stated there was no other functionality installed. Id. He further testified he did not plant porn on anyone’s computer. Id. (emphasis in the Anonymous tweet but not in the original decision)

Without more context, I was puzzled why that portion of the opinion was significant to Anonymous?

Mystery solved this morning when I saw: Former Tor Developer Created Malware for FBI to Unmask Tor Users by Swati Khandelwal.

From Swati’s post:

According to an investigation, Matthew Edman, a cyber security expert and former employee of the Tor Project, helped the FBI with Cornhusker a.k.a Torsploit malware that allowed Feds to hack and unmask Tor users in several high-profile cases, including Operation Torpedo and Silk Road.

I say “mystery solved,” but not really because I still fail to see the complaint about Matthew Edman working on anti-Tor malware?

No one claims Edman did poor work on Tor in hopes of a future exploit.

He was a former Tor employee working for Mitre, who had a client requesting anti-Tor malware.

Who should Mitre have tasked with that job?

Someone who had never used Tor or perhaps someone with greater familiarity with it?

For another take on this issue, see: Gamekeeper turns poacher? The ex-Tor developer who unmasked Tor users for the FBI by Paul Ducklin.

Paul writes:

…Edman is nevertheless being pilloried in the media, as though he were some sort of “gamekeeper turned poacher”, and as though, having once worked on Tor, he ought to have turned his back on law enforcement for ever.

What do you think? Is Edman some sort of turncoat?

Or has he shown that you can be in favour of privacy while also supporting the uncloaking of users when investigating serious crimes?

My answer is: Next question?

Edman was hired and owed his client in each case his best efforts.

What more could anyone ask?

Comments are closed.