THE MAKER OF THE FIREFOX browser is wading into an increasingly contentious court battle over an undisclosed security vulnerability the FBI used to track down anonymous users of a child-porn site.
The FBI took over a dark web child-pornography site called Playpen last year and, rather than shut it down, used a secret, still-undisclosed vulnerability in the Tor Browser to install malware on the computers of more than 1,000 users that allowed the FBI to determine their locations.
But in Tacoma, Washington, lawyers for a school administrator caught in the dragnet have successfully demanded the right to review the malware in order to pursue their argument that it, rather than he, was responsible for the illicit material ending up on his computer.
The Tor Browser is a free browser that shields a user’s identity. It is also based on code from the Firefox browser.
Mozilla, the organization behind Firefox, has long worried that the Tor Browser vulnerability might still be out there, could be exploited by bad actors, and could exist in Firefox, which is much more widely used than the Tor Browser.