Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 50 51 [52] 53 54 ... 208
766
Security / Re: Possibility of Market Server Location?
« on: July 09, 2013, 05:51 am »
Even better would be a decentralized messaging system to replace Tormail. :)

Who admins a decentralized forum anyway? Do you create your own subforums and become the mod, kind of how IRC channels work?

767
Security / Re: Tor and state surveillance
« on: July 09, 2013, 12:51 am »
As he pointed out, because the government is not a lean, efficient monolithic entity, it's a vast bureaucracy. The Department of Homeland Security was created after the 9/11 attacks specifically to bring these agencies into closer cooperation, but they still do a piss poor job of data sharing.

If you get a sneak and peak, it will be by the FBI, not the NSA.

768
Security / Re: Rivals to Tor?
« on: July 09, 2013, 12:37 am »
I2P and Freenet are the main ones. They have 1/50 as many users as Tor, and there are positives and negatives to using them. Here's a good explanation of the three networks:

http://dkn255hz262ypmii.onion/index.php?topic=170508.msg1216201#msg1216201

769
Security / Re: Possibility of Market Server Location?
« on: July 08, 2013, 11:54 pm »
So I asked some I2People about it, and here's what they said.


me> Is it useful for running services, like a web or database server, or only for backups?

i2person> backups, you can't really run a web server through tahoe, just store files. so you can make a pseudo website, but only with html and js/client side stuff, no server side scripting

i2person> and yah its slow. frankly i don't think tahoe should be used for file sharing / distributed datastore. its really more like an open source personal nas cluster, it can be used to store files on multiple disks/computers, but for mass file upload/download/sharing its just not going to scale well


So it sounds suitable for Freenet, but not a live server environment like SMF.

770
Newbie discussion / Re: SR name change/deletion?
« on: July 08, 2013, 11:15 pm »
The way I understand it, you can't change your account name, but you can create a new one.

The info associated with the old account gets permanently deleted after some amount of time. I believe messages after 3 months and transaction information after 4. At a certain point, like 4-6 months after your last login, it gets "archived", whatever that means. The only thing I know about it is that you can't log into it anymore. It appears to be deleted. At that point it should have no info associated with it anyway.

Make sure you remove ALL BTC from the account and don't log into it.

771
Security / Re: Hosting a server for hidden services
« on: July 08, 2013, 06:52 pm »
Quote from: CityLights on July 08, 2013, 06:38 pm
I'd rather host everything from home, at least in the early stages while I'm still learning. If I could keep everything at home long term, that would be nice, but I wouldn't mind paying for space in a datacenter if my service took off. Is my ISP likely to notice anything?

If it's a busy hidden service, they might notice more continuous up than down traffic, but it's unlikely it will be that popular.

Quote
I'd be starting off with completely legitimate content but I want to perfect the setup as much as practically possible so that I could graduate on to other things- not child pornography, for the record.

So you want to host a potentially insecure hidden service that you're using to learn security -- in your home? That seems like exactly the kind of thing you'd want an anonymous disposable server for. Actually in that case a cheap VPS would be fine.

Even if you're not hosting anything illegal, do you really want to risk someone doxing you (at least your IP) as the operator of a hidden service?

Quote
I could get another machine to act as a gateway if that would be more secure, but what makes two separate computers better than one computer with two virtual machines?

Harder to break out of a baremetal server than a VM, but a VM is probably fine.

Quote
I'll run Nginx and hardened Gentoo and route through Tor twice like the Securing Hidden Services thread discussed. I'm hoping to learn how to do this myself instead of relying on Freedom Hosting. Thank you all for the responses.

Sounds good, and you're welcome. :)

772
Security / Re: Tor and state surveillance
« on: July 08, 2013, 05:57 pm »
Quote from: kmfkewm on July 08, 2013, 05:43 pm
Of course it appears that the NSA is probably also monitoring Tor traffic between US nodes, which most people thought they were doing as well, but it appears that they are actually doing it legally now whereas before people assumed they were doing it illegally. The moral of the story is that the NSA is the most powerful signals intelligence agency in the world, and they are beyond a doubt the best positioned signals intelligence agency in the world. Using a low latency network to try to hide from the NSA is not a good idea.

Yeah, I was just thinking about this. The internet isn't really a web, like a spider web, it's more hierarchical, like a tree, where the major backbone infrastructure is the trunk and large branches, so to get from any leaf (node) to another, all paths go through the major branches. If you live in a small town that is an hour away from a major city that has an IX, all of your traffic goes through that IX, and thus all of your connections to US Tor entry points can be watched. If the destination is one of the major service providers near San Francisco, where there is also conveniently an IX (or maybe a few?), all proxies including Tor could be useless.

773
Security / Re: Tor and state surveillance
« on: July 08, 2013, 05:28 pm »
Quote from: kmfkewm on July 08, 2013, 05:10 pm
This doesn't factor in the reality that Narusinsight boxes can be made to only target traffic from specific IP addresses, and that the list of Tor relay IP addresses is public. If they want to attack Tor they don't give a shit about the terabytes of data per second crossing the border, they just hone in on *Tor* traffic crossing the border. A single Narusinsight box can monitor 1GB/s of targeted traffic, and there are dozens of these things installed at major internet exchange points across the USA, and they are capable of analyzing the monitored traffic in real time. The conclusion that the NSA can do major damage against Tor seems quite obvious to me. Tens of thousands of simultaneous circuits don't matter because they are all involved only a few thousand IP addresses, and those IP addresses can be targeted, and it is obvious that a single Narusinsight box is capable of monitoring 100% of US Tor traffic that passes through it.

Time to switch to some permanent US bridges. :)

774
Security / Re: Possibility of Market Server Location?
« on: July 08, 2013, 05:13 pm »
Yeah, I remember during the early development of the Freedombox (what happened to that anyway?), there was talk of using Tahoe-LAFS as the filesystem, and Zooko himself chimed in to say that it's too slow for running services and is designed to be more of a backup solution. That may have changed or I may be misremembering the specific reason, but they ultimately decided not to go with it.

775
Security / Re: Tor and state surveillance
« on: July 08, 2013, 05:05 pm »
Quote from: pakchoi23 on July 08, 2013, 03:38 pm
You're right, it is interesting.

Isn't the guy basically saying that clearnet is bad and TOR is a little better.  I think he is being naive assuming his net activity may be safer on the clearnet due to volume of users vs percentage of info grabbed by "the bad guys".

The first poster's argument is basically that bouncing your Tor circuits around the world exposes you to more intelligence agencies than direct clearnet links would, especially when some network resources are geographically close, so Tor is less safe than clearnet. The second poster argues that the vast majority of clearnet sites pull ad, tracking and analytics stuff from all over the internet, exposing you to many intelligence agencies as well.

776
Security / Re: Tor and state surveillance
« on: July 08, 2013, 05:01 pm »
Quote from: kmfkewm on July 08, 2013, 04:30 pm
If your Tor circuit has an entry node in Sweden a middle node outside of Sweden and an exit node in Sweden and a destination outside of Sweden, the Swedish signals intelligence agency can certainly link you to your destination.

Certainly there are many circuit constructions that are essentially known to be insecure against specific intelligence agencies without them having any need to cooperate with foreign governments.

This is bad because a majority of clearnet sites are hosted in the United States. So if you select an entry guard in Sweden, which you keep for a month, the chances are extremely high that you will use an exit node in Sweden several times before rotating that entry guard, and most if not all of those times, the middle node will be outside of Sweden. There's been a lot of talk about circuit path selection based on ASes. Considering the recent revelations of state intelligence agency surveillance, perhaps path selection should be based on border crossings as well.


Quote
It is deceptive to say that Tor withstands all but global external adversaries. In reality it is more accurate to say that Tor completely fails in the face of a global external adversary. Anybody who can watch entry and exit traffic of a specific circuit can defeat Tor in that instance. Simply looking at open circuits is enough to demonstrate that traffic sometimes takes a path that makes it vulnerable to single intelligence agencies. If the intelligence agency is the signals intelligence agency of Russia or China or Japan then you can see that very rarely will they be able to compromise a Tor circuit from an external position, without cooperation of foreign intelligence agencies. But if the attacker is the USA, or Germany or Sweden or the UK, then you can see that they can compromise a large percentage of Tor circuits, especially the NSA can.

This doesn't factor in the reality of the vast amounts of data that they have to deal with. There are probably terabytes per second crossing the borders of the United States. The Tor network is currently pushing 2.5 GB/s so about 1 GB/s of that is crossing the US border, second after second, day after day. Tens of thousands of simultaneous circuits. I suspect it's incredibly difficult to pull anything useful out of that.

Our biggest protection is that we are needles in a haystack.

777
Security / Re: Possibility of Market Server Location?
« on: July 08, 2013, 04:25 pm »
The main problem with multihoming is syncing the servers. Static sites are trivial to multihome, but how would you do it with this forum, for example? People would post to the same thread on different servers, so when they returned to the thread later, they would see posts before theirs that didn't exist before. Someone deletes his post on one server and another person replies to that post (quoting it) on the other server. How do you handle that? It would be chaos.

One solution is to use 3 servers. Server A and Server B run SMF. Server C runs the database. A and B are connected to C as a remote database hidden service. This would add a few seconds latency to each page load, but that's a trade off that could be worth it in some situations, like if you're using sketchy Russian hosting providers with frequent power failures and you need multi-homing. A and B also store local copies of the database which they don't normally use, but if C goes offline, then B shuts down and everyone uses A until C comes back up.

People on B would still experience brief downtime that might be indistinguishable from routine Tor network fuck ups.

The market would be easier to multihome. The main problem I see is when listings get low on stock, people on different severs may buy the last sample. This could be handled by displaying a message when the listing goes below 5 items, which says that you have tentatively purchased the item, and it may or may not complete within an hour (or however often the servers sync), and the buyer will be notified of the result. Or it could be handled with 3 servers as above.

778
Security / Re: Possibility of Market Server Location?
« on: July 08, 2013, 03:29 pm »
A good use case for multi-homed hidden services.

779
Newbie discussion / Re: The newbie forum is a burned-out wasteland
« on: July 08, 2013, 03:27 pm »
Quote from: HenryC0833 on July 08, 2013, 01:47 pm
... full of the empty husks of worn-out threads, roads to nowhere, brownian motion of the mind.  It's the downtown Detroit of this forum.  Block after blasted block of abandoned buildings, pointless real estate, with the occasional vegetable garden. 

Is there such of thing as randomness?  Is there order in this chaos?

50?  Really?

The Newbie section is serving its intended purpose. Other than the "spam to 50" threads, this shit was spread out all over the forum. Now it's all concentrated here.

780
Off topic / Re: Bruce Campbell
« on: July 08, 2013, 02:49 pm »
Quote from: BruceCampbell on July 07, 2013, 09:46 pm
But in all seriousness, fuck you Joywind. You aren't worth the attention you seek for some unknown reason. Nobody likes you; nobody drinks secret toasts to your health before bed, or holds you in any high regard whatsoever. You had the opportunity to create an identity free from yourself in every conceivable fashion, completely anonymous and untethered, and you chose to exercise this privilege by posting wanton and trivial bullshit. Nobody gives a fuck about you, your bestiality fetish, or your weird uncle that turned you into the seething ball of racist, misogynistic, sexually confused sadness, frustration and failed dreams you call yourself when you aren't on TOR.

You should be a writer. I enjoy reading your posts. :)

Pages: 1 ... 50 51 [52] 53 54 ... 208