Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 34 35 [36] 37 38 ... 208
526
Security / Re: PGP knobhead
« on: July 30, 2013, 09:31 pm »
I think Freedom Hosting was down momentarily, earlier today, as I couldn't access anything on FH either. It's up now though.

527
Well, that's interesting, as I run Tails from a thumb drive, while maintaining a VPN connection. So it isn't totally impossible.

That is interesting. Can you explain to us how you did it, and did you confirm the VPN is going over Tor and not connecting directly?

528
JofSpades, that one is months old. I have an updated version here:

http://dkn255hz262ypmii.onion/index.php?topic=114141.msg1130505#msg1130505

529
I've appended the gpg.conf file as follows:

hidden-encrypt-to <my key id>
throw-keyid
use-agent
no-auto-key-locate
trust-model always
utf8-strings
no-greeting
no-emit-version
no-comments
no-mdc-warning
armor

The output looks like this <<I have redacted the key ids >>:

gpg -v Test.asc
gpg: public key is 00000000
gpg: anonymous recipient; trying secret key 18XXXXXX ...
gpg: anonymous recipient; trying secret key 2EXXXXXX ...
gpg: using subkey 2EXXXXXX instead of primary key 18XXXXXX
gpg: anonymous recipient; trying secret key 65XXXXXX ...
gpg: anonymous recipient; trying secret key 6CXXXXXX ...
gpg: using subkey 6CXXXXXX instead of primary key 65XXXXXX
gpg: anonymous recipient; trying secret key B1XXXXXX ...
gpg: anonymous recipient; trying secret key 6DXXXXXX ...
gpg: using subkey 6DXXXXXX instead of primary key B1XXXXXX
gpg: public key is 00000000
gpg: anonymous recipient; trying secret key 18XXXXXX ...
gpg: anonymous recipient; trying secret key 2EXXXXXX ...
gpg: anonymous recipient; trying secret key 65XXXXXX ...
gpg: anonymous recipient; trying secret key 6CXXXXXX ...
gpg: anonymous recipient; trying secret key B1XXXXXX ...
gpg: anonymous recipient; trying secret key 6DXXXXXX ...
gpg: encrypted with RSA key, ID 00000000
gpg: encrypted with RSA key, ID 00000000
gpg: decryption failed: secret key not available


Any help very welcome!

pb.

Looks like it tested all of your private keys, and none were the complement of the public key. Did you encrypt the message with your own public key? Or if someone else wrote it, did they encrypt it one of your public keys?

530
Security / Re: Tor / Onion privnote alternative - deadletter
« on: July 30, 2013, 02:28 pm »
It would be great if there was a Firefox / Tor Browser add-on that could generate a hash of a web site's JavaScript and store it, and if it changes, it would pop up a big notification, warning the user that the JavaScript has changed. Of course, then you would have to trust the add-on maker.

There are only four people that I trust in onionland, and they have all been around for over a year: DPR, the Bitcoin Fog admin, the Freedom Hosting admin, and maybe the Tormail admins. Any of them could go rogue or their servers could be taken over by LE in the future, but for now them seem legit. I don't trust random newbs who provide services, but I'm sure you'll find plenty of users among the Privnote crowd. A lot of people in this community don't care about their security and are willing to increase their attack surface with untrusted third parties (like you) for a little convenience.

531
Silk Road discussion / Re: Revenge heroin delivery/LE tipoff
« on: July 30, 2013, 11:56 am »
People on the forum have asked how anyone can know a bitcoin address belongs to SR. Here's your answer:


 I received assistance from Sara Meiklejohn, a graduate student at the University of California, San Diego who's been analyzing the role of bitcoin and anonymity on the Silk Road. Meiklejohn confirmed that the bitcoin wallet linked to in Fly's forum thread was indeed used to deposit two bitcoins into a purse controlled by anonymous individuals who help manage commerce on the Silk Road.

Meiklejohn and fellow researcher Damon McCoy, an assistant professor of computer science at George Mason University, have been mapping out a network of bitcoin wallets that are used exclusively by the curators of the Silk Road. If you wish to transact with merchants on the Silk Road, you need to fund your account with bitcoins. The act of adding credits appears to be handled by a small number of bitcoin purses.

"All Silk Road purchases are handled internally by Silk Road, which means money trades hands from the Silk Road account of the buyer to the Silk Road account of the seller,"  explained Meiklejohn, author of the paper, A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, to be released in October 2013 at the ACM Internet Measurement Conference in Barcelona, Spain.

"These accounts aren't visible on the bitcoin network though, so the only thing we can even hope to see by looking at the public transactions is when money goes into and comes out of the set of addresses that represent the collective account balances of all silk road users," Meiklejohn wrote in an email to KrebsOnSecurity. "By manually tagging a handful of silk road addresses (via direct interaction) and then bootstrapping using the heuristic I described to label many more (around 250,000 in total), we are able to achieve this second goal by identifying addresses in the network that are 'owned' by silk road."

532
Security / Re: Tor / Onion privnote alternative - deadletter
« on: July 30, 2013, 11:45 am »
It's a nice web site.

Your next job is to convince me that you are not the FBI.

533
It shouldn't check for revocations of an SSL certificate unless you are typing https at the beginning, and in that case it should fail to connect to the server (I just tried it myself).

idk, probably some bug. Obviously there are no SSL certificates involved, so checking for revocation doesn't matter.

534
I just searched the forum for " information you have entered is to be sent over an unencrypted connection" and found these threads:

http://dkn255hz262ypmii.onion/index.php?topic=177214.msg1275751#msg1275751
http://dkn255hz262ypmii.onion/index.php?topic=161015.msg1142441#msg1142441

You'll notice, I answered the questions too. :)

535
Security / Re: Anonymous Gmail when obtaining TOR Bridges
« on: July 29, 2013, 10:23 pm »
You can get them from https://bridges.torproject.org


536
Security / Re: Anonymous Gmail when obtaining TOR Bridges
« on: July 29, 2013, 09:49 pm »
How are Tor bridges linked to your Gmail account?

537
Off topic / Re: WHATS THE LINK FOR TORCHAT?
« on: July 29, 2013, 09:45 pm »
Those are fine too, although Google gives you better results. It's a pain to use over Tor, but that's life.

My point is that nobody here knows the URL for Torchat off the top of their head, and it's an easy question to answer. If OP had Googled it, he'd have the answer, but instead he expects us to do it.

People need to stop being so helpless and start doing their own research, especially for simple questions like this. If you want to know whether your ISP can fingerprint the hidden services you are visiting, that's a question for this forum, since the answer isn't readily available in a simple search engine query. But stuff like this is wasting our time.

538
Off topic / Re: Tor Mail Problems
« on: July 29, 2013, 09:24 pm »
It appears to be down. Again.

539
Off topic / Re: Silk Road chat via SILC now resides in IRC!
« on: July 29, 2013, 09:23 pm »
Some people are so helpless. :)

540
Off topic / Re: WHATS THE LINK FOR TORCHAT?
« on: July 29, 2013, 09:20 pm »
GOOGLE IT

Pages: 1 ... 34 35 [36] 37 38 ... 208