Written byPatrick Howell O'Neill
The man who was once in charge of overseeing Tor will soon turn to law enforcement in order to explain how to de-anonymize the service’s users.
Andrew Lewman, once revered as a giant in the world of hacking and privacy activism, is slated to headline the ISS World conference in Malaysia, a controversial surveillance tech and government trade show that features hacking heavyweights like Italy’s Hacking Team, Germany’s FinFisher and Israel’s NSO Group. Lewman will be attending as vice president of dark web intelligence firm DarkOwl (previously OWL Cybersecurity).
Although it’s one of the most contentious conferences in tech, Lewman says ISS World — also known informally as the “Wiretapper’s Ball” — isn’t nearly as bad as it’s made out to be by critics.
“I don’t think ISS World is controversial at all,” he said. “I think it’s a training exercise. If you’re working with law enforcement, that’s where they go to learn about the cool new technology.”
“It’s like RSA for law enforcement,” he said, referring to the RSA Conference, a heavily-attended cybersecurity event series held in Dubai, London, San Francisco and Singapore.
ISS World is similar, holding events in the Middle East, East Asia, South America, North America and Europe every year. A diverse slate of governments and private sector firms come together at each event to make sales and trade knowledge. It’s a controversial event for a number of reasons, not least of which is that many its top sponsors have been caught selling spyware to dictatorial and repressive regimes where the tools are used against dissidents.
The talks are open to all government and commercial crime investigators, but not press. ISS World’s administrators told CyberScoop they don’t “trust the press coverage of lawful interception and offensive cybersecurity.”
Lewman, who left the Tor Project three years ago, argues the event is more than that.
“I have no qualms about ISS World,” Lewman said. “It’s just a more public version of what I do when I work with law enforcement anyway. There are so few law enforcement and so many criminals, anything they can do to force multiplier and catch the criminals is fantastic. As crime goes high tech, the police are the ones trying to catch up.”
Lewman blamed the public ire directed at ISS World on Christopher Soghoian, formerly an ACLU technologist and now a staffer for Sen. Ron Wyden, D-Ore., who Lewman said wrote “bombastic, screaming articles” after he attended an ISS World.
Lewman joined DarkOwl earlier this year and, in an interview with CyberScoop said the “criminal use of Tor has become overwhelming.” That statement inspired plenty of blowback from the privacy community that once called Lewman their own.
The majority of Lewman’s talks are educational, focusing on training and case studies from dark web criminal investigations and prosecutions where the ex-Tor director has been involved. One of Lewman’s lectures will examine a possible future of dark web that he calls a “nightmare scenario.”
“Imagine a fully decentralized, heavily encrypted, peer-to-peer network,” Lewman said. “Tor is not their nightmare. Think of [something like] OpenBazaar, ZeroNet, InterPlanetary File System. Imagine you have a system where you can’t just take down one person, you have to take down every person running the network. The talk is based on the old adage that crime is like a water balloon. You’re never going to get rid of it, you’re just going to squeeze is somewhere else.”