Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 171 172 [173] 174 175 ... 208
2581
If anyone is having issues using PGP and would like to look at a much simpler alternative I would like to invite you to try SMS4TOR, a free, anonymous and safe crytto-messaging service available right on TOR.   As simple as filling out a web form and in most cases just as secure as a PGP exchange message exchange

Are you fucking kidding me? DO NOT USE THIS SERVICE.

You will be sending your plaintext message/address to an unknown third party, most likely law enforcement.

The benefit of PGP is that you hold the secret key and only you can decrypt messages sent to you. This service isn't "just as secure" as PGP, that's a blatant lie. It's not even close to as safe as PGP.

2582
Security / Re: Concern about bitcoin safety
« on: January 01, 2013, 09:06 pm »
Since bitcoin transactions are all public, the more transactions can be linked to physical entities the greater the chance that the owners of these large accounts can be identified.

Correct.

Further more, if somebody owns a bitcoin account with a large number of bitcoins and then orders something from a compromized source having to give out their real address, wouldn't it also mean that this persons all previous transactions can now be traced as well?

It depends on how well they separated those transactions. All, some or none of their previous transactions could be linked.

They also seem to be able to join transactions that have gone through mixers. The paper states that it's quite easy to filter out large branches that are first separated and then joined back together into a lump sum of bitcoins - enabling them to assume that all the mixing nodes indeed belong to the same entity - as well as the ending node which is now connected to the starting node via all the branches inbetween.

The large coin transactions that they analyzed didn't go through the mixing services that exist today. It was much more crude. They were probably manually broken up into many addresses and rejoined. The better mixing services today use separate pools of addresses, so there's zero taint or linkage between them. A temporary ledger that keeps account of which coins go to which addresses is maintained in a separate database, and supposedly they delete that info after 6 confirmations.

However, it could still be possible to link transactions in separate address pools, assuming you can identify the addresses in them. If you know that a certain mixing service charges a 1.5% fee, and you see 100 bitcoins go in (in any number of transactions, from/to any number of addresses), then in the other pool you see 98.5 bitcoins come out (ditto), you could link the two. This is difficult with large mixing services and many transactions, but theoretically possible.

The defense is to buy more bitcoins than you need. If you need 30 BTC, buy 50, send them to the mixing service and then send 30 to SR and 20 somewhere else. That makes the coins much harder to link.

Since all of the transactions are public and can be analyzed in this way, how safe is the bitcoin system? Wouldn't it be possible to trace virtually all transactions ever made inside the system and connect them to outside events as the analysis tools for the public blocks database become more advanced?

Not all, because there isn't good data on a lot of purchases. Consider the people who use cash drops or buy through the mail. The addresses they use will always be hard if not impossible to link to an identity, and that's a matter of traditional detective work that no statistical analysis on the block chain can solve.

2583
Security / Re: Vendors - Possible attack vector.
« on: January 01, 2013, 06:35 pm »
Yes, if LE has other evidence linking Alice to criminal activity (and Tor use), then verifying that a person of interest uses Tor is quite damaging. That was the attack used on Hammond. OP's question was more about the feasibility of performing a "fishing expedition" to narrow tens thousands of suspects down to the criminals. I believe that is impractical. How many people visit their PO box a few times a week? How many people use Tor for non-drug activities? The cost-benefit ratio of this attack is very high.

2584
Security / Re: Encrypted message not showing PGP version
« on: January 01, 2013, 04:40 pm »
While I appreciate your point about the potential correlation attack, if you happen to be corresponding with an undercover cop, you've got a LOT more to worry about than a simple correlation attack.

True, and one thing I thought of after posting that is that if LE is looking at your computer and PGP program, they will probably find your PGP key. Matching the key ID will be much better evidence than the program version. Still, as I said, it's entirely avoidable. Publishing the version makes sense in the normal use case for PGP, which is distributed software development. Those people are not anonymous and have no reason to hide their PGP program. In that case, I understand the argument that posting the version can allow others to alert you if you are using vulnerable software. You have that benefit at no cost. In our case, the cost is a smaller anonymity set, sometimes down to a unique identifier.

Think of it this way, most people would not dare to post their first name (even without the last name) publicly. Somehow that's a scary proposition, even though there are millions of Johns and Daniels in the world. But they have no problem posting a PGP version with no more than 1/1350 market share, which is like publicly posting that your first name is Kolten, Jensen or Yurem.

http://babyfit.sparkpeople.com/baby_names_top1000.asp?page=2&gender=0

Not a good idea, in my opinion.

Frankly, the people who have the most to worry about in this list are those with the BCPG PGP versions. I'd wager half to three-quarters of them have 512-bit Elgamal encryption keys. Also the congenital idiot with the Hush 3.0 key really needs his head examined

I literally laughed out loud :)

2585
@tvaughn

-----BEGIN PGP MESSAGE-----

hQIMA1vZ7WGkaSk3AQ/+OJDPfbJ6+BZ2S2knTaOv/e7takvFhU0CvbJEPWvzD9cc
ikCMLFPA9B76RpJnbRaOpzzf6Ocz1eX9Dh7vGOzv206qDp3c5rCq5tM0TkdPzooh
Tr2gdxzYbG6ta5Zv814t+aP7f9Jyu9PH9rjZyzk33D8MHSIYc6EXjUtWwd3KQ5YV
WoruVRVdeCC6KSR+Vi3dKA6bdXemROJvWpYZy1qr+bPsD7zl7b1KulVT2ui5TPrk
4vftcyKhbOVmhFiSii9O98E2rbVM5vVX/gJ2tuMlfVLvYnzuycdUocGN9Sbx7G/4
WGxxr2I8y6c0e3hDWHG7AqZNkJAy8NZ0a+fP1sCC42F0dzZR1cJLeStJ3ZDqWFLv
kfiuDwiByX4E96Ht/ftncW+zFL1PT5U4dJfN+w/DwUT44jXwN0wY+JHDEHe3GEe7
qGpHk8f3LdwPalS9CuUs80cNMtuCbgfzM9FmbpyzhSK8sHSM1ZWypv8ncixXFJwP
F5SdFL8HwKHMhUSJV14NBjcvES97y1XwZ448wioUYAbHThl6qlhb8G/9ihf8MhGz
yeY4TIkKZpZpj9elZ4++FXrUyyHxEPgy8+KqZRdQ8s71jI06NUoaXnc6EKQCBq52
GfsjQG3kYhKQymB58Uydr3w2vHekB4Us2RoPzZoEX1Yrt1casnxwu6yYdsCu8nrS
hQHenbKG4X6M4JOZsCLsBPrqFRf1+9fcSMZbZ/iKIGwRP1gMjViPxqShcuKBIx0r
/FlRgSvmf0G2SbU49rMRAdmljZWIONNFA/KgHqcS7PeZ/fvpNr8CXtTcXnm435gA
jutUX7XvxXxU0Jl0PRScofcR9JehWJrSPmwZudV0Y9HFg6WyDyk=
=d+mO
-----END PGP MESSAGE-----

2586
Security / Prototyping Active Disk Antiforensics
« on: December 31, 2012, 10:17 am »
This talk from the recently held 29C3 has a lot of interesting content.

http://mirror.fem-net.de/CCC/29C3/mp4-h264-HQ/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264.mp4  [281 MB]

Prototyping Active Disk Antiforensics

This action-packed lecture presents the inner workings of the author's from-scratch implementation of a USB Mass Storage disk in user-land Python, along with some embarrassing bugs in operating systems that support such disks. The lecture concludes with an introduction to Active Antiforensics, in which a thumbdrive's own firmware can recognize and defend itself against disk imaging and other forensic tools.

USB is a lovely little conduit into the deepest parts of the kernel. Drivers are made to speak complicated protocols in hastily written C, leaving a goldmine of bugs and unexplored behaviors for a crafty attacker to exploit.

This lecture will show how a USB Mass Storage device was implemented from scratch in user-land Python for the Facedancer board. Along the way, we'll take a look at how to abuse a number of bugs in kernels, automounters, filesystems, and forensic utilities, all of which are easily confused.

As an example application of these techniques, the culmination of this lecture presents a prototype disk that actively resists forensics, wiping itself to an innocent state whenever it detects disk imaging, undeletes, access by the wrong operating system, or the presence a write blocker.

2587
good idea. i say time on newbei to limit starts but got smlamed by numnuts angry person. good luck u.

Ok, now I know this is an act. The guy can't spell a single normal word but he can perfectly spell Keep the Aspidistra Flying?

http://dkn255hz262ypmii.onion/index.php?topic=71621.msg693268#msg693268

You let one slip, buddy, and the gig is up.

2588
@loniax

-----BEGIN PGP MESSAGE-----

hQEMAz2++qUgQXfpAQf+JrgYli3jc5xkwZeBl++Iig02a/DCN0/of81bc5J8DfFF
RdoaVJC5tQ8yFRy6VLQcGdTGPcACYT4CZwFFWZbcTbIWdaUx0OjhUXxGhs7ChRsL
VkRPhToeR+OWcMwRf9YRuvA4JT0jD6jejI2IwvSVXzcWsoLN/LrA0unjPDK15Iph
4pYGFibFosr8m5xQE8JbAIHZUqtbwpPks7w7n2betwLIry5aRrFAggefZRlOWxEq
LFk4zpcjcksYJLNdOerGvtFyDPOp4ZocEeN8KLcxPqbdN7C/s/VFD1MNr10HYulr
YXgr+TJvThWRz/EwQLiH0IAxrVvzEj9Q8bt99I38VdK1Ac/7m3QpYT/EKzsAivYs
ZF6+3YCdlvnmX/LrOysPI7p/p/oWXe+kOiRC+tI1RYEliVE91yiITcmzPV2GCVJX
7cZp740TsxcMjOxRsnKOfKCLxN+IvS2IBnzXEQF6Y4sX00vRon6CuByHbOOPzqfL
f/bStjMTJwGMohkb9gPUiY3KQjmDl/94IY+wsIF2qnMdKXdv3A1nZ0Tdh7eFVhLz
85FKwp0njyMV8nyJHrcFka9PPIky/Q==
=V84D
-----END PGP MESSAGE-----

2589
Security / Re: Encrypted message not showing PGP version
« on: December 31, 2012, 06:41 am »
One side effect is leaking a little information (i.e. your OS) to a potential adversary, but the risk from this is vanishingly small.

Not necessarily. This guy downloaded all the public keys in the Post PGP Keys thread up to that point:

http://dkn255hz262ypmii.onion/index.php?topic=174.msg666607#msg666607

1356 keys total. So, I downloaded all the keys and filtered them by version.

Here are the results (I removed a few that were posted incorrectly):

Code: [Select]
grep -A1 BEGIN sr-2012-12-18-collection.asc | grep -v "^\-" | sort | uniq -c | sort -nr
    606 Version: GnuPG v2.0.17 (MingW32)
    106
     83 Version: GnuPG v2.0.19 (MingW32)
     67 Version: GnuPG v2.0.17 (GNU/Linux)
     65 Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
     61 Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
     60 Version: GnuPG v1.4.11 (GNU/Linux)
     60 Version: GnuPG v1.4.10 (GNU/Linux)
     41 Version: GnuPG v1.4.12 (MingW32)
     33 Version: GnuPG v1.4.11 (MingW32)
     30 Version: GnuPG v2.0.19 (GNU/Linux)
     17 Version: GnuPG v2.0.14 (GNU/Linux)
     15 Version: BCPG v1.47
     14 Version: BCPG v1.39
      8 Version: GnuPG v1.4.12 (GNU/Linux)
      6 Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
      5 Version: BCPG C# v1.6.1.0
      4 Version: GnuPG v2.0.18 (GNU/Linux)
      4 Version: GnuPG v1.4.2 (MingW32)
      3 Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
      3 Version: PGP Desktop 10.1.1 (Build 10)
      3 Version: GnuPG v1.4.9 (MingW32)
      3     Version: BCPG v1.47
      2 Version: PGP Desktop 9.0.2 (Build 2424) - not licensed for commercial use: www.pgp.com
      2 Version: GnuPG v2.0.16 (MingW32)
      2 Version: GnuPG v2.0.14 (MingW32)
      2 Version: GnuPG v1.4.9 (Darwin)
      2     Version: GnuPG v1.4.2 (MingW32) - WinPT 1.4.2
      2     Version: GnuPG v1.4.12 (MingW32)
      2 Version: GnuPG v1.4.12 (Darwin)
      2 Version: GnuPG v1.4.11 (MingW32) - WinPT 1.4.3
      2     Version: GnuPG v1.4.11 (MingW32)
      2 Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
      1 Version: SKS 1.1.1
      1 Version: PGP Universal 2.9.1 (Build 347)
      1 Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its affiliated companies.
      1 Version: PGP Desktop 9.9.0 (Build 397) - not licensed for commercial use: www.pgp.com
      1 Version: PGP Desktop 10.2.1 - not licensed for commercial use: www.pgp.com
      1 Version: PGP Desktop 10.2.0 (Build 1950)
      1 Version: PGP Desktop 10.2.0 (Build 1672)
      1 Version: PGP Desktop 10.1.2 (Build 9)
      1 Version: PGP Desktop 10.1.1 (Build 10) - not licensed for commercial use: www.pgp.com
      1 Version: PGP Desktop 10.0.3 (Build 1)
      1 Version: PGP Desktop 10.0.1 (Build 4020)
      1 Version: iPGMail (1.33)
      1 Version: iPGMail (1.29)
      1 Version: Hush 3.0
      1 Version: GnuPG v2.0.19 (Darwin)
      1 Version: GnuPG v2.0.19
      1     Version: GnuPG v2.0.17 (MingW32)
      1 Version: GnuPG v2.0.13 (SunOS)
      1 Version: GnuPG v2.0.13 (GNU/Linux)
      1 Version: GnuPG v1.4.5 (GNU/Linux)
      1         Version: GnuPG v1.4.3 (MingW32)
      1     Version: GnuPG v1.4.2 (MingW32)
      1 Version: GnuPG v1.4.12-SpecialBuild (MingW32) - WinPT 1.5.3
      1 Version: GnuPG v1.4.12 (MingW32) - WinPT 1.5.3
      1 Version: GnuPG v1.4.12 (MingW32) - WinPT 1.5.2
      1  Version: GnuPG v1.4.12 (Darwin)
      1 Version: GnuPG v1.4.12 (Cygwin)
      1 Version: GnuPG v1.4.11 (OpenBSD)
      1 Version: GnuPG v1.2.6 (GNU/Linux)
      1 Version: FileAssurity OpenPGP 2.0.2
      1         Version: BCPG v1.47
      1                 Version: BCPG v1.47
      1 Version: BCPG v1.45
      1     Version: BCPG C# v1.6.1.0
      1 Version: 6.5.8ckt  b9  http://www.mccune.cc/PGP.htm
      1 Version: 6.5.8ckt b9  http://cyberkt.tripod.com/
      1 Version: 10.1.2.50
      1 GnuPG v2.0.17 (MingW32)
      1 Comment: GnuPT-Portable 2.1.5.0
      1 Comment: Download: http://portable.gnupt.de


Windows is the largest anonymity set with over 50% combined share, and luckily the empty version is second most popular, though fewer than 10% of people use it.

However, about 40 people had unique versions, and a bunch more had versions with less than 1% representation (14 keys) in that sample. That creates a potential correlation attack. If you're sending messages to an undercover LEO and later they raid your house, finding a unique version string in your PGP program is pretty good evidence that they have the right person.

And yeah, I know some of those unique versions are created by offsets, but if that's what your PGP program does, that's forensic evidence.

In light of this data, your best option is actually to fake the most popular version string, since even the no-version option puts you in a rather small anonymity set. But the point is that we are needlessly being divided into, in this case, about 80 smaller anonymity sets.

2590
@loniax

-----BEGIN PGP MESSAGE-----

hQEMAz2++qUgQXfpAQf/clwxIEbYhMfsVHMjx8+RFtBVE/UOri63zRgaH55TfdkX
+2ckwCaprvSe1AIvRhsEvyQ8VazELYIZrnr5QpUVrJiiNfWqH9KwQED4iMvpEUQ5
98Yy0d4FganJc0ALW93YXXPIRYVMR6Qk4hnOeckMue68DP8M/bFzr7c7xU6oB2xq
d2b2O/3ih1ze2zeX353GHlhcSv49yQzRlpwBPo3t1c4ZF7lqbY/JZ3R7jBqyWFvE
IPs2erRk44lzUYP5fcaplHnlaRNNF8umjjleUvpKsffc94VOpjkC3Sm4XE+MdXJv
Bfck1CGCNsGN6rUYqacx9wwJRSR2UHxNnL60t1WqiNLANQG2WPaXqofcq24BXMxe
84pysnwom8x///ymjauZdgiJ7rApdZefBUKIDeT7rysAbJXG2W0epDBEDxX6BlAo
2RVdLTbhIBqeq3+bijoR8wPq3p4n/MaPCrJf5GUqRCnlv6AIvln8qUz4tp5bqND8
r6Zy3RQAdbRnGjC4davyB2+2A1yq5tQaXms+Z/5X/rXILeGtPSKcWdI8PH4ARraI
UATwNo3iBxc/AKkQeqa0Pw/MtFzyHB4mPom2W/QGBw/J8FQvSXbrMf+S+Ij0qwTy
ld1l1nMh9Og/PuJU35tyIUJ10lSqhE2b1E+/f8chnG6yfN90DiEt
=pzGj
-----END PGP MESSAGE-----

2591
It *always* happens around 4-5 am UTC. Can a mod schedule to be around at that time?

2592
Rumor mill / Re: HELP PLEASE, cant get to onion pic loader!!!!!
« on: December 31, 2012, 04:01 am »
Yeah, it got hacked. Why would you post this in the Rumor Mill when it was already covered in

Silk Road discussion
http://dkn255hz262ypmii.onion/index.php?topic=98150.0

and Off Topic
http://dkn255hz262ypmii.onion/index.php?topic=98098.0
http://dkn255hz262ypmii.onion/index.php?topic=97484.0

Short answer, use QicPic
http://xqz3u5drneuzhaeo.onion/users/qicpic/

2593
Off topic / Re: + KARMA
« on: December 31, 2012, 03:44 am »
+1 to BruceCampbell for achieving hero status, and a few people above that I didn't get before.

2594
Silk Road discussion / Re: need help finding tor image uploader link..
« on: December 31, 2012, 03:40 am »
A 60 MB jpeg? Can you really not reduce that? Decrease the size or quality? I have 2048x1536 pixel images that are under 1 MB.

2595
Silk Road discussion / Re: The SR Gaming Commission
« on: December 31, 2012, 02:41 am »
Maybe I should be charging people for that advice. Just pay me $1 and I'll tell you or anyone how to open a vendor account. :D

In that case, the problem is merely reversed. The real winners are the exchanges / exchangers who charge twice for the same coins. :)

Pages: 1 ... 171 172 [173] 174 175 ... 208