Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 62 63 [64] 65 66 ... 208
946
   Ok so like many of you I've been glued to every shred of legit info on PRISM. I have been looking for serious debate as to just how Tor could be compromised/improved.

From what I read there really isn't all that much that can be done to Tor. Except for these three scenarios:

Your activity on Tor could be seen at an exit node. Meaning that if I connect to an unencrypted clear net site like Amazon.com or what have you. I think your activity could be tracked from that point forward but not where you were previous to that exit node?

Your activity can also be monitored leading up to the entrance node. I take it this means that an ISP could easily see that yes you are connecting to Tor but they will not know what you are doing past that point?

A third way is that LEO could gain insight into Tor would be to use the "bad apple" method. Whereby LEO/Gov sets up a Tor server and they can monitor all the information coming in and going out.

I was reading about these three on Tor's Wikipedia page. I want to know if my understanding is correct?

Is there anything we can do to beef up our anonymity at these weak points (nodes)??


Tor users are generally safer than hidden services. Since clients can initiate connections to hidden services, and because of the complex nature of the protocol to establish those connections, there are a variety of attacks on them.

As you mentioned, the attacks on Tor users involve either the entry guard or exit node, or both. The main problem with exit nodes is that they can read unencrypted traffic. So if you send identifying info, they can correlate your identity with your activity. The defense against this is to use SSL to the destination server, or don't send identifying info. That is is the case for clearnet sites. Connections to hidden services are encrypted end to end.

Some attacks can be performed when the adversary controls your entry guard, however he also has to control one other relay. He could control an exit node, and thus correlate your identity (at least your IP address) with your activity at the other end of the network. He could control a hidden service's entry guard, or its HS directory, or one of its entry points, and determine that you are accessing that hidden service.

The theory behind defending yourself from attacks based on an entry guard being compromised is that you should keep your entry guards for as long as possible. If you cycled them every 10 minutes like other relays, and an attacker operated some percentage of relays in the network, you would select one of his relays in a relatively short amount of time and get pwned. That's why Tor clients keep entry guards for a month at a time, so the attack takes 8600 times as long to perform. You could change the Tor source code to keep entry guards longer, for 6 months or even a year, but then you would stand out more, reducing your anonymity in a different way. If you are worried about attacks involving entry guards, it's better to use bridges as permanent entry guards.

You can also reduce your anonymity by making your circuit behavior on the network more noticeable. Some people feel the need to exclude nodes in whole countries. For example, someone living in the United States may not want to connect to relays in the United States. If an attacker operates one of his entry guards, he might notice that this person never connects to relays in his own country, meaning he's trying to get extra protection, making him a subject on interest. If the attacker were LE, he might start investigating that Tor user.

Similarly, by changing TorBrowser's defaults, for example by installing add-ons that change web pages in unique ways (such as ad blockers), a Tor user could be fingerprinted across web sites.

Some attacks are specific to SR users. I've mentioned in other threads that vendors are weak to an attack where LE orders a product from them, obtains their city, then performs a type of intersection attack, correlating their message / post times to when users in that city are connected to the Tor network.

There are theoretical non-technical attacks on SR users that involved Tor. For example, a lot of vendors check buyer addresses on Google Maps and similar sites to see if they are valid (to avoid issues with products not arriving and having to go into resolution). They make these searches over Tor. If LE wanted to go on a fishing expedition, they could ask Google for all searches over Tor and hand those addresses to local LE for increased surveillance and inspection of incoming packages.

Long story short, there are a variety of ways that Tor users, and especially SR users, can be attacked.

There's really not much that you can do to "beef up" your anonymity beyond what Tor provides, except to use bridges, both to hide your Tor user from a local observer, and to maintain permanent entry guards. Most other things that you would try to do would make you stick out more and actually decrease your anonymity. There are many bad behaviors that can decrease your anonymity, so mostly what you can do is avoid the bad behaviors.

947
Another reason for vendors to have PGP keys is that it's their proof of identity in a pseudonymous community. There was a case where a vendor's market and forum accounts were hacked. He had to create a new forum account to inform his customers about it, and the mods requested that he sign a statement with his PGP key. There are a variety of situations where a vendor would want to prove his identity, and a PGP key is the best way do it.

948
1024 bit key will probably be crackable within 5 years, and by that I mean that a computer cluster might be able to crack them in a few months.

It's probably too much effort for an SR vendor, but 1024 bit keys are still considered weak.

949
Also here :)

http://dkn255hz262ypmii.onion/index.php?topic=99520.msg699299#msg699299

950
Thank you! I just googled ATA erase on clear-net and there is a wiki tutorial using command prompt on how to do it. I will probably do that! I assume this will erase my operating system as well?

Yes, everything will be gone.

951
Check if your hard drive has ATA Secure Erase. That's the best option. If it doesn't, download, burn, and run DBAN:  http://dban.org

It will write random data over your whole hard drive twice, than one write of zeroes to make it look like it wasn't securely erased.

952
Also, this should be a red flag about his own operational security:

You are too paranoid and stupid

No one has ever regretted being too secure, but stories of arrests are littered with people who wished they had done more.


953
He's absolutely right about this part:

Quote
Go to another vendor

954
Off topic / Re: Hey, come chat with us!
« on: June 20, 2013, 11:16 pm »
HEATfan, you're not late. The party's just getting started.

Ro-Jaws, if you're running Pidgin in Whonix, you don't have to configure the networking with Tor/Privoxy at 127.0.0.1:9050. Just run it normally, with no proxy stuff, the Gateway automatically proxies it. If it still doesn't connect, it will probably because you're trying to access an onion address.

You need to get on the Gateway and add this to the end of /etc/tor/torrc

mapaddress 10.10.10.10 silcroadg3c3mtu6.onion

Reload Tor: sudo /etc/init.d/tor reload

Then in Pidgin set the server to 10.10.10.10 instead the onion address.

955
Security / Re: PGP, does everyone use it and why?
« on: June 20, 2013, 11:09 pm »
Why would you not take the couple of hours it takes to learn PGP?

Most people complete my tutorial in under 15 minutes. It is really unfortunate that more people don't use PGP.

956
Security / Re: HELP with gpg4usb PLEASE!!??
« on: June 20, 2013, 08:08 pm »
Ok, good luck.

957
Security / Re: PGP, does everyone use it and why?
« on: June 20, 2013, 07:15 pm »
How many folks out there don't use this extra layer of encryption?

Surprisingly few people PGP encrypt their addresses. I've seen vendors quote numbers ranging from 50% to 95% of their customers don't encrypt their addresses, with a median probably around 80%. We have a biased view, since most SR users are not on the forum. The people who register and post on this forum are going to be more engaged and proactive about their security, and that's even more true of people who post in the Security section. Some SR users are incredibly lax with their security, using regular browsers to access SR over clearnet, through Tor in-proxies like onion.to. They probably have no security in their bitcoin practices either, sending BTC straight from exchanges (linked to their identities) to their SR addresses.

Quote
Seems conflicting information about the need to use it abounds.  Who are we attempting to evade by using PGP? NSA, FBI, or just plain cops?

Anyone who compromises the server. It would most likely be a big three letter agency, but it could be hackers who then use that information to blackmail people.

Quote
If I had the computer skill to figure it out in under two days I would not ask this question but so far even two days has not been enough for me to crack this nut.  I suppose if somehow LEO could capture everything going to SR they could put the data stream through some sort of decryption program.  But then what does SR mean above about 'fully encrypted and unreadable'? My thinking here is encrypted and I seem to have lost the key to make sense out of it all. 

It means either that the SR server uses full disk encryption, or the data is encrypted in the database. The problem is that an adversary who gains physical control of the server may be able to steal the encryption key from RAM and get access to all the data.

The way I view encrypting my address, it's like wearing a seat belt. I may not get in a car accident in the next month or the next year, but in the unlikely event that I do, having a seat belt on could be incredibly important. And it costs me nothing to wear a seat belt, so I wear one every time I'm in a car.

The SR server may not be compromised any time soon, but if it ever is, the people with plaintext addresses will be the low hanging fruit that LE will go after first, especially if they have large outstanding orders. Encrypting your address costs you almost nothing -- maybe 30 seconds of your time -- so you should encrypt your address every time.

958
Off topic / Re: What ever happened to Nomad Bloodbath?
« on: June 20, 2013, 04:48 am »
Oh, I see. what could possibly upset him so much as too make him capitulate completely? I hope it wasn't over a post or something silly.

There was a guy named BlarghRawr with over 2000 posts who got into a spat in one thread and deleted his account. It was a shame really. I hope he's still here, posting under a different name, but he probably isn't.

959
Security / Re: HELP with gpg4usb PLEASE!!??
« on: June 20, 2013, 04:13 am »
Oh yeah, before importing it at the command prompt, you could save the key to a text file and try importing it that way rather than from the clipboard, but I fear this may be problem with the GUI in general.

960
Security / Re: HELP with gpg4usb PLEASE!!??
« on: June 20, 2013, 04:09 am »
Ok, it imported just fine for me, so it's not the key. Try to do it at the command prompt. If that doesn't work, you'll have to use something else.

Well, even if it imports, you may not be able to encrypt stuff in the GUI.

I'll see what I can dig up on GPG4USB crashes.

Pages: 1 ... 62 63 [64] 65 66 ... 208