Silk Road forums

The Metadata Anonymisation Toolkit will remove metadata from PDFs, but the library they use to do this creates huge PDFs (like 10 times bigger) as output. You may have better luck with it though.

https://mat.boum.org/

The Choas Computer Club of Germany hosts an annual conference in the week between Christmas and New Year's. The next one starts tomorrow. There are lots of interesting talks, and they are streamed live as well as archived online if you want to watch them later. The talks are streamed as OGG video, so you can watch them over Tor.

I've gone through the schedule and pulled out some English language talks that would be relevant to our community. All times are local German time, UTC+1.



2012-12-27  11:30

Not my department
On the topic of resistance.

Jacob Appelbaum (of the Tor Project)

http://events.ccc.de/congress/2012/Fahrplan/events/5385.en.html

----------

2012-12-27  20:30

Enemies of the State: What Happens When Telling the Truth about Secret US Government Power Becomes a Crime
Blowing the Whistle on Spying, Lying & Illegalities in the Digital Era

William Binney (former NSA agent) and others.

http://events.ccc.de/congress/2012/Fahrplan/events/5338.en.html

----------

2012-12-28  17:15

The Tor software ecosystem

Jacob Appelbaum and Roger Dingledine (of the Tor Project)

http://events.ccc.de/congress/2012/Fahrplan/events/5306.en.html

----------

2012-12-28  20:30

Defeating Windows memory forensics

Luka Milkovic

http://events.ccc.de/congress/2012/Fahrplan/events/5301.en.html

----------

2012-12-28  23:00

Stylometry and Online Underground Markets (<-- I'm really interested in this!)

Aylin, Rachel Greenstadt, Sadia Afroz

http://events.ccc.de/congress/2012/Fahrplan/events/5230.en.html

----------

2012-12-29  18:30

Russia's Surveillance State (<-- could have relevant info for surveillance everywhere)

Andrei Soldatov

http://events.ccc.de/congress/2012/Fahrplan/events/5402.en.html

----------


There's another Tor related talk in German:

2012-12-30  14:00

Proximax, Telex, Flashproxy oder Tor Bridges
Übersicht über aktuelle Zensurumgehungssoftware

Jens Kubieziel

I have extensive experience with many psychedelics, and my ultimate all-time favorite hands-down at any dose (high or low) is 2c-e.

That's interesting, because 2C-E is my least favorite psychedelic. Way too intense. It wasn't all that colorful and everything was spinning insanely out of control. I'll never touch the stuff again.

The Cleaned Hidden Wiki

http://3suaolltfj2xjksb.onion/hiddenwiki/index.php/Main_Page

I just accessed it. Get a new identity and try again.

one thing to keep in mind as well is that it doesn't matter if the NSA can't passively spy on 100% of the internet so long as they can passively spy on 100% of Tor. That might be a lot easier for them.

Tor relays are spread across about 75 countries. Entry guards and exits are spread across different sets of about 35 countries. The thousand or so published bridges are probably spread across a few dozen countries. Then there are an unknown number of private bridges spread across an unknown number of countries, which presumably even the NSA doesn't know about. I do not believe that the NSA has the ability to monitor 100% of the Tor network, since nobody knows where all the Tor relays are, not even the Tor Project, and jurisdictional problems make it highly impractical to impossible to monitor all of the known relays.

However, they have the ability to monitor a substantial fraction of the Tor network. I downloaded the Tor relay information a while ago and did some simple stats. 94% of Tor traffic goes through the top 500 relays and about 60% goes through just the top 100 relays. 30% of Tor traffic goes through relays in just 3 countries: DE, NL, US. A more important stat, which I didn't calculate at the time, is the percentage of entry guard bandwidth and estimated percentage of users who use entry guards in DE, NL, and US. Let's assume that number is also 30%. It wouldn't be difficult for the governments of those 3 countries to collude, and then they could pwn 30% of Tor users for as long as they use those entry guards.

That's not good enough to target specific individuals, but it is good enough to pwn a lot of people and destroy the credibility of Tor.

I believe CCC got a bit higher than 55% accuracy but I cannot recall the exact figure. Needless to say it was better than random chance. Tor is more resistant to this sort of attack than most other solutions are, for example many VPNs have had their traffic fingerprinted with accuracy that approaches 100%.  However the accuracy of fingerprinting attacks against Tor has continued to rise. Recently there was some research of the effect of hidden markov models being used by traffic classifiers to aid in their ability to fingerprint sites, I have not yet read this yet but I am certain that using this technique will significantly increase the accuracy of fingerprinting Tor traffic.

True, which is kind of scary, but in the same paper they use a simple padding technique as a countermeasure and the detection rate drops to 3%. There are known, effective defenses, but they haven't been implemented on the live Tor network, mainly for performance reasons. The Tor folks choose usability over absolute safety in a lot of design decisions. I guess the rationale is that these attacks are unlikely to be occurring, and it's more important to get a lot of people to use Tor (which itself enhances security).

Yeah, it seems out of place in that thread

http://dkn255hz262ypmii.onion/index.php?topic=30938.msg682432#msg682432

Only thing I can put together is it had the newest comment in that section at the time (I posted minutes before, refreshed and saw hist post).