Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 133 134 [135] 136 137 ... 208
2011
Security / Re: Tor network compromised - cogent isp (dea, cia, nsa)
« on: February 18, 2013, 03:05 pm »
I'm with kmfkewm on this, quite frankly.  They have virtually unlimited resources

No, they don't. They have distinctly limited resources, in terms of money, manpower, intellectual capital, and internal and external political will.

An "infinitely" resourceful state adversary would have taken down SR by now. SR is still up because such an adversary doesn't exist.

The NSA is literally housed in a black box:

https://en.wikipedia.org/wiki/File:National_Security_Agency_headquarters,_Fort_Meade,_Maryland.jpg

Much of their operations are secret. It is the nature of human psychology that in the absence of evidence, wild speculations fly (you need only look at the explanations for weather phenomena in any pre-scientific society). That's basically what that blog post is about.

I submit that if we knew about their internal operations, they would be a lot more mundane than most people assume.

Also, all the resources in the world can't beat logic. While it's possible to compromise the Tor network, it is extremely difficult to do so in a way that won't get you noticed. You can spin up 10,000 exit nodes, but you can't do it without getting noticed. Take a look at the Trotsky section of this page:

https://trac.torproject.org/projects/tor/wiki/doc/badRelays

"Between 17-23:00 (UTC) 226 exiting relays, all with largely identical nicknames ("trotsky*") and exit policies were added to the tor network. No family or contact information was set, and the IPs came from several countries (mostly eastern European) making it look like a potential botnet. They disappeared roughly a week later.

On 10/2/10 between 21-20:00 (UTC) another 383 exit relays were added, this time more gradually. Others have periodically appeared outside these windows. These relays appear to be on residential connections, most having very poor connectivity (rransom reports that some are dialup)."

There is zero evidence that Cogent is a front for American law enforcement or intelligence agencies, and there aren't even that many relays on Cogent autonomous systems. Frankly, I'd be more concerned about Torservers.

2012
Security / Re: Tor network compromised - cogent isp (dea, cia, nsa)
« on: February 14, 2013, 03:11 am »
You all have got to be kidding me.

It's FUD. Notice how there are no specifics?

This company operates a vast number of TOR servers and in combination with other fronts, I believe they control enough servers to enable these agencies to track to origin any network request they desire.

The relays are all public, so why doesn't he give us some more details about the ones hosted by Cogent? How many are there exactly and which ones are they?

The claims can be verified with these search tools: 

https://compass.torproject.org
https://atlas.torproject.org

Quote
Cogent communications is an ISP, which I believe was formed by one or more agencies of the US government i.e. Navel Intelligence, CIA, DIA, or NSA.

Right, which he "believes" but provides no evidence for. That's a nice laundry list of LE agencies to sound alarm bells among the tin foil hat crowd, though.

2013
I was reading about this yesterday. The main feature is that it scrapes publicly available content, like public Facebook profiles. I don't know why people are continually surprised that stuff they post publicly on the internet can end up in someone's database. :)

If you don't want to be profiled by government agencies and LE, don't post public content. Actually, don't post to any social media in an identifiable way.

2014
Newbie discussion / Re: OVDB
« on: February 13, 2013, 02:25 am »
Here's a repost of when he was discussing making a decentralized forum, but I guess that never happened.

http://dkn255hz262ypmii.onion/index.php?topic=7882.0

Somebody else wanted to create a decentralized market called BitWasp, but apparently that hasn't happened yet either.

2015
Newbie discussion / Re: OVDB
« on: February 13, 2013, 02:14 am »
The server that hosted OVDB got rebooted and admin was away. It was using full disk encryption so it had to be booted manually. At that point admin was busy / away or something and had already been having thoughts of shutting it down. Basically he just let it go. This was November of 2011 or so. Some of the old OVDB members came to SR forum which is why there's a subforum for that now (look all the way at the bottom).

OVDB admin has been posting as kmfkewm on this forum.

2016
Security / Re: PGP question on decryption
« on: February 13, 2013, 02:05 am »
Damn, jurder, you're a bit sensitive.

Sorry to hear about your health problems, but I didn't criticize you or anything. I literally just pointed out exactly what happened.

Chill mate.

2017
Security / Re: VPN vs Bridge vs ISP
« on: February 13, 2013, 01:48 am »
Congratulations, you just suggested a 5-hop proxy circuit. Why stop there, you could rent out 100 VPN's in every country hostile to yours and make it super difficult for anyone to locate the source of the connection, and by the time they figured it out your first packet would have just made it through. Tor was made as to get past the age old method of proxy chaining (the same method botnet owners use to control their botnets anonymously), and without having to sacrifice ones sanity waiting for the connection to go through.

It's interesting that you mention that, because Tor Project member Jacob Appelbaum, who has a well known state adversary, has admitted to using multiple layered VPNs to access Tor.

Again, depends on your threat model. LE is unlikely to spend as much resources on a low level drug dealer as on an associate of Julian Assange.

2018
Security / Re: VPN vs Bridge vs ISP
« on: February 13, 2013, 01:44 am »
Yes, but my point is that if you're trying to hide the fact that you're using Tor, a VPN adds a layer of obfuscation, but a determined adversary can still get around it.

They look at your internet connection and see you connecting to a VPN provider in Sweden. They contact Swedish LE who send a request to log your activity. They get logs which show you are connecting to Tor relays.

That may not be your threat model. Maybe LE doesn't want to put the work into figuring out what you are accessing through that VPN if it means spending months negotiating with foreign LE. Maybe they ordered packages from you (an SR vendor) which were postmarked in your town, so they asked your ISP for accounts that were accessing Tor, and naturally since you were using a VPN, your account info was not turned over. Maybe that lead them to waste time investigating other people.

Each layer is a barrier that makes LE's job harder, but keep in mind my original point. It's not a perfect solution and a determined adversary, especially with the force of the state behind it, can get around a VPN.

Just ask those Anonymous guys who were using HideMyAss.

2019
Security / Re: VPN vs Bridge vs ISP
« on: February 13, 2013, 01:08 am »
Neither a bridge nor a VPN offer perfect security, because

1. Bridges can be identified (although it is difficult to enumerate all of them because of the way they are distributed)

2. VPNs can see your entire connection, who you are (your IP address) and where you're going (the destination IP address). Even if they don't log right now, they could be compelled by LE to log your activity.

However, the way to look at it is that each piece offers an additional layer of security.

So, VPN + bridge + Tor > bridge + Tor  or  VPN + Tor > just Tor

For the best (but not perfect) hiding of your Tor activity, get a VPN in a foreign country (to maximize jurisdictional issues), AND configure your Tor client to use an obfsproxy bridge.


Actually, there's an even better solution, but it's more difficult to implement. Rent a VPS anonymously in another country and turn it into a private (unpublished) obfsproxy bridge. Someone watching your local internet connection won't know what the hell it is. It won't show up in the list of bridges if they enumerate those, and won't show up as a known VPN or proxy provider. The connection won't even look like a Tor connection (although the hand shake will, at least until obfs3 comes out). It will simply look like a box at a random hosting provider.

2020
There are lots of other channels that vendors could use.

http://3suaolltfj2xjksb.onion/hiddenwiki/index.php/Main_Page#Web_Hosting

Freedom Hosting http://xqz3u5drneuzhaeo.onion  --  Requires invite, but they are floating around
TorHost http://torhostg5s7pa2sn.onion  --  Free if you just want to put up a text file with your key
OnionHosting http://bj6sy3n7tbt3ot2f.onion  --  Costs 5 BTC but is your security worth that much?

You can also create a Wordpress.com account over Tor and post your key there, and at some other clearnet blogging service.

Post your key to 2 or 3 of those places before you put it in your profile. Create an account on the forum and introduce yourself, referencing the other places where your key can be found.

2021
Security / Re: Maximum security, need help!
« on: February 12, 2013, 08:06 pm »
Here's how to do it on an OpenWRT router:

https://forum.openwrt.org/viewtopic.php?id=27354

Which is cheaper than a second computer. I just don't like the idea of having the middle box face the public internet. I would rather it go

public internet -> router -> anon middle box -> main computer

For that you need to custom build a computer with 2 network interface cards, then install Linux or a BSD, then configure the transparent proxy. There are lots of tutorials on installing Linux and Free/OpenBSD. To configure the transproxy, see here:

Linux
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#AnonymizingMiddlebox

BSD
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#AnonymizingMiddlebox1


2022
Security / Re: Anynomous VPN Alternatives for Mac???
« on: February 12, 2013, 05:17 pm »
This is one of the easier things to search for on the forum, because "VPN" is such a unique string. If you click that Search link at the top  and enter "VPN" in the search field, then check off "Search in topic titles only", you'll fine 30 threads, which include:

What VPN services would you recommend?
http://dkn255hz262ypmii.onion/index.php?topic=103654.msg716449#msg716449

Anonymous VPN?
http://dkn255hz262ypmii.onion/index.php?topic=94693.msg670290#msg670290

VPN advice
http://dkn255hz262ypmii.onion/index.php?topic=26419.msg284589#msg284589

As just a small sample.

You'll also notice me and others repeatedly saying that no VPN is truly secure. VPN providers can see who you are and the sites you visit. They may promise not to log, but you never know when they may get a request from LE to turn on logging which they cannot refuse (and may not be allowed to tell you about).

VPNs that promise not to log offer privacy by policy. Tor offers privacy by design -- ie, the design of the network is such that no entity has a view of the whole network. Your entry guards know who you are but not what sites you are browsing. The exit nodes know what sites you are browsing but not who are you.

It IS possible to run a VPN over Tor, if you want an IP address that isn't blocked by the destination web site, and if you can pay for it anonymously, like with bitcoins, that might be a useful option, but a VPN alone offers zero security by design.

2023
Security / Re: Maximum security, need help!
« on: February 12, 2013, 04:54 pm »
Once I finally get up and running properly is there a way to write over deleted stuff on my hard drive so I start a fresh using either liberte or tails knowing that nothing bad is on hard drive?

DBAN it and reinstall the OS.

http://dban.org

http://dkn255hz262ypmii.onion/index.php?topic=99520.msg699299#msg699299

2024
Security / Re: Maximum security, need help!
« on: February 12, 2013, 04:24 pm »
If you ask a specific question, like "I'm willing to do X, will that make me more secure?", then you can get a specific answer.

When you ask an open ended question like, "What can I do to be most secure?", you will most likely get answers (from me, at least :) ), that you are unwilling to implement.

For example, to be most secure, you should configure an anonymizing middle box. This would be a PC in a nettop or HTPC form factor with 2 network interface cards, running OpenBSD, which transparently proxies all connections from your main computer over Tor. Tails already transproxies all connections over Tor, but it can theoretically be rooted and the attacker can simply remove the iptables rules, shut down Tor, etc. With the transproxy on a separate physical box, you are much more secure, but are you willing to invest a couple hundred dollars in the hardware, as well as the time required to learn how to properly configure it? Probably not.

2025
Security / Re: Maximum security, need help!
« on: February 12, 2013, 03:22 pm »
I have recently bought a MacBook, I burned tails onto a disk and also I installed GPGtools nightly build (as thats what I was advised in newbie section) onto my computer and moved onto a USB stick hoping I could boot computer up with tails then open GPG from my USB stick but it didn't work and after googling it found out GPG wont work on tails as tails is linux?

GPG was first written for Linux and later ported to Windows and OS X. Of course it exists for Linux. However, "GPGTools" is a port specific to OS X.

Tails comes with its own GPG programs.

https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/index.en.html


Quote
What I have now is Tor browser stored on a USB which I open up from my desktop and also has GPGtools on it.

So with what I have now not using tails is safe providing you never get a visit from LE and laptop taken away right?

Well, if you never get a visit from LE, then it doesn't matter what you do.

The whole point of security measures is to prepare for the worst case scenario. If that thumb drive isn't encrypted, your identity and activity in this community could be revealed to LE.

Quote
If everything was booted through tails or liberte nothing would be found on my computer, browsing history, emails etc?

Correct. Tails is designed to be booted from read-only media and save nothing on disk. There is an optional encrypted persistent volume.

The Tor browser bundle doesn't store cache or browsing history on disk either, but if you save bookmarks or passwords, those will be stored on disk.

Quote
I'm an expert on computers and security so if anyone can advise me on how to be most secure would be great as I'm really struggling and stressing me out!

There's no simple answer to that question, because people operate with different threat models and computing requirements. Some people share computers with roommates or go to libraries and they can't implement certain security features. Also, from talking to hundreds of people on the forum, I've learned that when people ask to be "most" secure, they really mean some optimal trade off between security and convenience.

Are you using a 64 character password on your SR account? Well, why not? That's MORE secure than a 16 character password. The most secure would be whatever the hardcoded limit is for the password field, probably 256 characters. This feature is easy to implement, so if you're not using a max size password, you don't really want to be MOST secure, you want some convenience.

Pages: 1 ... 133 134 [135] 136 137 ... 208