Silk Road forums
Discussion => Security => Topic started by: White 0ut on April 24, 2013, 07:38 am
-
FROM DPR:
UPDATE (04/24/2013 0714 UTC): The downtime of the past couple days, and especially the past 24 hours has been confirmed to be due to a deliberate attack from what appears to be an individual. There appears to be no security breach, only disruption of availability. The attack appears to be DoS in nature and is likely an exploit at the Tor network level. The site will be down or very slow until a solution can be found, which we will work tirelessly to find. Thank you for your patience.
Obviously someone is trying to throw us off course...
Where do we begin on our list?
Rival Sites?
Government?
Banks?
Random Hackers?
Thoughts!!?
Thank god security has not been breached but if SR availability is being affected I find it alarming on any level!
-
All of the above..
Could be big business hiring hackers to fuck it up and try to bring it down, or new sites owned now by big business's to try it soo we go the other way.. At this point iv been testing the waters of BMR always had it on back burner but half the vendor here are there too , it never seems to have any issues, or could just be i dont knw cause i never visit it like i do SR..
-
All of the above..
Could be big business hiring hackers to fuck it up and try to bring it down, or new sites owned now by big business's to try it soo we go the other way.. At this point iv been testing the waters of BMR always had it on back burner but half the vendor here are there too , it never seems to have any issues, or could just be i dont knw cause i never visit it like i do SR..
Honestly I don't think I could develop a deeper level of trust & love with a different site!
It would not be the same without my forum friends, admins, green camel, great vendors ect!
I think all is well. DPR would go down before he let this site go down. This is not only his job but his dream as well!
Not to mention the fact that there can always just be a rebuild.
There are systems in play that back up crucial information up to the working millisecond.
As long as they can always have us on UTD records to transfer it all to another address I think we are good...
Im also stoned...
-
It is entirely possible that it is not an intentional DoS attack but rather is a DoS from the non-malicious clients of SR. Hidden services scale horribly and once you get past 200 or so simultaneous users things really get sketchy in regards to reachability. I don't know why they have come to the conclusion that it is a DoS attack though. If it is naturally arising from Tor being incapable of coping with such a popular hidden service, one thing they could do is create a second .onion that points to the same thing. Freenode is a popular IRC network that recently had to do this because their original .onion had its introduction nodes DDoSed from all the legitimate users it had. Unfortunately it is really trivial for malicious attackers to make it impossible to reach a .onion though, I will spare the exact details of the attack though. This is really a design problem with Tor, and unfortunately it is not even very high up on the developers list of things to work on. Most of the funding and research going into Tor currently involves bypassing censorship attempts at the ISP level (ie: bridges, obfsproxy), hidden services are somewhat of an after thought, and the primary developer who was still maintaining hidden service code quit working for Tor Project quite a while ago.
-
There have been so many similar attacks on Mt.Gox the last weeks,
it was probably just a matter of time before (the same?) hackers would turn their attention to SR.
Bringing SR down for a few hours/days might have an impact on the value of BTC's.
So (maybe) the security of Mt.Gox is now harder for them to crack down and instead of attacking the trading site to devalue the BTC they try attacking the site where most of the BTC's are spent..?
I'm not sure about anything I'm writing above, it's just a theory...
-
is anyone getting the same timeout error as i am?
everytime i try and getting on i get a timeout error before i even reach the login page. its been doing this since the maintenance started:/ is it because so many people are trying to connect at the same time?
-
FROM DPR:
UPDATE (04/24/2013 0714 UTC): The downtime of the past couple days, and especially the past 24 hours has been confirmed to be due to a deliberate attack from what appears to be an individual. There appears to be no security breach, only disruption of availability. The attack appears to be DoS in nature and is likely an exploit at the Tor network level. The site will be down or very slow until a solution can be found, which we will work tirelessly to find. Thank you for your patience.
Obviously someone is trying to throw us off course...
Where do we begin on our list?
Rival Sites?
Government?
Banks?
Random Hackers?
Thoughts!!?
Thank god security has not been breached but if SR availability is being affected I find it alarming on any level!
Most likely a Government or multiple Governments who have employed very good hackers.
Silk Road will be targeted because it is the biggest and well-known. It is the same with everything.
We hear so many cases against McDonalds, but rarely hear of the smaller chains (KFC, Burger King, etc)
-
FROM DPR:
UPDATE (04/24/2013 0714 UTC): The downtime of the past couple days, and especially the past 24 hours has been confirmed to be due to a deliberate attack from what appears to be an individual. There appears to be no security breach, only disruption of availability. The attack appears to be DoS in nature and is likely an exploit at the Tor network level. The site will be down or very slow until a solution can be found, which we will work tirelessly to find. Thank you for your patience.
Obviously someone is trying to throw us off course...
Where do we begin on our list?
Rival Sites?
Government?
Banks?
Random Hackers?
Thoughts!!?
Thank god security has not been breached but if SR availability is being affected I find it alarming on any level!
Most likely a Government or multiple Governments who have employed very good hackers.
Silk Road will be targeted because it is the biggest and well-known. It is the same with everything.
We hear so many cases against McDonalds, but rarely hear of the smaller chains (KFC, Burger King, etc)
This is fucking rediculous . . .
Stay safe everyone
Much much love_ Mcrad!
-
Phish think we are underwater and they are in the air.
-
All of the above..
Could be big business hiring hackers to fuck it up and try to bring it down, or new sites owned now by big business's to try it soo we go the other way.. At this point iv been testing the waters of BMR always had it on back burner but half the vendor here are there too , it never seems to have any issues, or could just be i dont knw cause i never visit it like i do SR..
I don't know about other folks but it was a huge leap for me to make my first order on SR. I'd hate to have to go through that building up of trust again on another website.
-
I wonder what type of "Tor exploit" this is. The first thing that comes to mind is hammering the intro points. One solution would be to increase the number of intro points. There isn't a config option for that, so you would have to change the Tor source code and build your own version.
However, I don't think that's it, since that would only affect establishing a connection. After that all clients would be routed through rendezvous points distributed across the network, which doesn't explain the slow loading even after you're connected. kmf, any ideas?
OTOH, is he sure it's a Tor exploit and not a server exploit, resource exhaustion attack, or something like that?
-
I'm just thinking out loud here; I'm not trying to start anything but Atlantis seems to be getting a little more popularity lately. I heard whoever is behind that site is great at programming/configuring/etc. Also, Atlantis uses Litecoin which could give the Atlantis person/people motive to attack Mt. Gox as well.
I don't really know anything about this tech stuff though so I'll let the professionals discuss. I'd +1 you White Out but I already did when you burned JezuzWazaMushroom in that other thread lol. Even for reasons besides that thread, I grow fond of you White Out.
-
I'm just thinking out loud here; I'm not trying to start anything but Atlantis seems to be getting a little more popularity lately. I heard whoever is behind that site is great at programming/configuring/etc. Also, Atlantis uses Litecoin which could give the Atlantis person/people motive to attack Mt. Gox as well.
I don't really know anything about this tech stuff though so I'll let the professionals discuss. I'd +1 you White Out but I already did when you burned JezuzWazaMushroom in that other thread lol. Even for reasons besides that thread, I grow fond of you White Out.
Yeah, I have absolutely no problem with competition...
But when you are on SR forums promoting the growth of another business you are no better than the BTC Spam Scammers!
& Thanks
Someone needed to put that bitch in his place.
I just wish all the masterblaster's & JezuzWazaMushroom's would get the fuck out already...
I've become accustomed to seeing your handle around the forums as well, friend!
-
Maybe that means people will stop saying "upgrade TOR" and "it's your imagination".
There have been so many similar attacks on Mt.Gox the last weeks,
it was probably just a matter of time before (the same?) hackers would turn their attention to SR.
Bringing SR down for a few hours/days might have an impact on the value of BTC's.
Can't see it. Gox attacks seem like they were a deliberate attempt to crash the btc temporarily to enable quick buys before the rebound - and what a success story that was for them the second time they tried it. Panic selling as the wave of lag renders (stupidly) high buyers powerless to get out quick enough, and the thing cascades till they suspend the market. But SR? Maybe it's a gov agency, maybe it's someone doing it for the lols, but I very much doubt that crippling SR would have much short-term impact on btc. Too many speculators in to matter that much now. Cypress doesn't give a fuck.
-
this is sad news. I certainly hope this is resolved.
My best guess would be a governmental attack. I bet everything will get resolved but it will certainly take some time
Long live SR
-
man this is fucked!
hopefully DPR resolves all this soon
-
It is not a DOS attack. dkn255hz262ypmii.onion/index.php?topic=151778.0
-
It is not a DOS attack. dkn255hz262ypmii.onion/index.php?topic=151778.0
idk what the hell any of this means, english please!
-
It is not a DOS attack. dkn255hz262ypmii.onion/index.php?topic=151778.0
idk what the hell any of this means, english please!
Essentially, it is a denial of service attack anyway ... I cant access it ;-) No need to get technical
-
It is entirely possible that it is not an intentional DoS attack but rather is a DoS from the non-malicious clients of SR. Hidden services scale horribly and once you get past 200 or so simultaneous users things really get sketchy in regards to reachability. I don't know why they have come to the conclusion that it is a DoS attack though. If it is naturally arising from Tor being incapable of coping with such a popular hidden service, one thing they could do is create a second .onion that points to the same thing. Freenode is a popular IRC network that recently had to do this because their original .onion had its introduction nodes DDoSed from all the legitimate users it had. Unfortunately it is really trivial for malicious attackers to make it impossible to reach a .onion though, I will spare the exact details of the attack though. This is really a design problem with Tor, and unfortunately it is not even very high up on the developers list of things to work on. Most of the funding and research going into Tor currently involves bypassing censorship attempts at the ISP level (ie: bridges, obfsproxy), hidden services are somewhat of an after thought, and the primary developer who was still maintaining hidden service code quit working for Tor Project quite a while ago.
^ I'd probably listen to this guy :)
-
Editing title now, changing to just attack!
We'll see what comes of this in the aftermath.
For now,
WE'RE LIVE BITCHES!
-
DPR's P4 celeron processor on his dialup modem got DDOS's by the 100 people who use SR at any given time.
-
DPR's P4 celeron processor on his dialup modem got DDOS's by the 100 people who use SR at any given time.
Your mom's pussy gets ran up in by 100 people at any given time :D
-
I wonder what type of "Tor exploit" this is. The first thing that comes to mind is hammering the intro points. One solution would be to increase the number of intro points. There isn't a config option for that, so you would have to change the Tor source code and build your own version.
However, I don't think that's it, since that would only affect establishing a connection. After that all clients would be routed through rendezvous points distributed across the network, which doesn't explain the slow loading even after you're connected. kmf, any ideas?
OTOH, is he sure it's a Tor exploit and not a server exploit, resource exhaustion attack, or something like that?
Ah wasn't aware people were connecting but then having slow loading times. It could be DDoS through Tor, if that is the case they would quickly be able to determine it simply by looking at server logs though. That would lead to a slow down as well as unreliability of establishing a connection in the first place.
-
I know who is behind these DDos attacks. not the physical person but I know what they're after.
There's a mass extortion. So far I know of 15 servers that have been brought down by this guy, bitcoinstore was the latest to receive the threat. Making a post about it now
-
fucking mother fuckers!!!
-
fucking mother fuckers!!!
I agree 100%
-
Tell me about it. This guy or group is putting a serious dent into the way we all operate.
http://dkn255hz262ypmii.onion/index.php?topic=151987.0
-
My fave theory at the moment is that it's a basement dweller who probably got scammed by someone because they FE'd or with a moneypack and is blaming SR for not being able to sort out their fuckup. Either that or it's the US testing their new mode of attack. A few years ago I remember reading that they were moving into cyber attacks as a weapon against "hostile" governments.
Or it could just be those pesky reptiles that have taken over the world without us knowing.
-
My fave theory at the moment is that it's a basement dweller who probably got scammed by someone because they FE'd or with a moneypack and is blaming SR for not being able to sort out their fuckup. Either that or it's the US testing their new mode of attack. A few years ago I remember reading that they were moving into cyber attacks as a weapon against "hostile" governments.
Or it could just be those pesky reptiles that have taken over the world without us knowing.
CyberAttacks are the new method of warfare, if you can cripple a country's internet you can disable their economy, military, communication ect ect!
I personally would love to be 'deployed' to combat enemies via cyberhacking!
Shit would be legit, but then I would give SR all their secrets :D