Silk Road forums
Discussion => Security => Topic started by: zasx123 on May 30, 2013, 05:23 pm
-
Hello,
I have tails with persistant volume on a usb stick so nothing is saved on my harddrive. Of course i use tor with tails. I was going to a restaurant with public wifi to go on tails when i was using tor to do things i want to keep ''secret''. Is this neccesairy? because it really sucks to go to a public place to check my messages and it costs a lot of time. I also changed my mac adress every time.
Is all of this necessairy? Or is just tails with tor on my own wifi untraceable?
-
Hey if you can spend the time to use a public wifi I say go for it. It's not 100% untraceable though, but nothing really is. With more technology comes less security. Ever since the camera and the computer were invented, criminals have it harder. Everything is logged, recorded, captured, what have you. So say you use tor at this place. Also, say the place has cams (maybe it doesn't - if it doesn't, you're a smart man). This place's ISP knows the dates and times at which every connection was made via the place's wifi. Now, if they just so happened to zone in on one particular connection that they know was a tor one (from what I've heard ISP's are able to do this), and they know the date and time at which it happened, and they have cameras....well, you get the picture. Now, can they prove anything based on that? Well, I doubt it, unless the camera was, say, perfectly positioned to view your computer screen. But then how is this different than at-home browsing? It's really not. With enough effort, and the right setting (say a small coffee shop where only 1 or two ppl are on laptops), they can get a pretty narrowed down view of who was doing what if they really looked into it enough. However, on the flip side, if your name is on an ISP connecting to tor (and the ISP can tell), that can be even less anonymous. Also, assuming you've found a place with no cams (or where cams are not at all facing you), and where there are a bunch of people already on their laptops, then that is clearly the better choice. People mostly browse at their home for the sake of convenience, and they justify it with the VPN and the tails and the tor, sure. But the problem with at-home browsing is that it's readily identifiable. If we all could magically teleport to public places with no cams that had wifi to surf tor then I'm sure everyone would. But we can't, so we maximize our security in the most convenient setting, hoping that it is enough.
Side note: There are also papers (being discussed on this forum, lately) that indicate tor may not be as secure as we think. It's been shown that it's possible to deanonymize hidden services and users, but of course there are plenty of issues and little nuances with the attacks themselves.
-
Is all of this necessairy? Or is just tails with tor on my own wifi untraceable?
No, it's not necessary. For buyers it is massive overkill. For vendors it may be useful, but really the chances are slim that LE is going on a fishing expedition for random Tor users, or performing a correlation attack like this:
http://dkn255hz262ypmii.onion/index.php?topic=159722.msg1129048#msg1129048
Bridges may be just as effective at hiding your Tor use. You can get IPs here: https://bridges.torproject.org
-
Well it is not about buying anything physical but ''personal information'' so my adress is never posted. Also the way a vendor can get busted is not possible because i am not sending anything with the mail.
Lets say hypothetically if i buy 20 creditcards online every week and send them to somebody without doing anything with them myself, from home using tor i can't get caught?
And the public wifi place has lots of people with laptops and no cams, but it is really annoying to go there everyday just for checking messages and sending messages
-
While there are attacks on the Tor network that can identify Tor users, it's never happened that I know of. On its own, Tor will not leak your IP or home address, if that's what you're worried about. You are far more likely to be identified through unsafe behavior or attacks unrelated to Tor.
-
Ok, but if i don't click stupid downloadlinks and only use messages for business how can they bust me? Because i want to make the chance as little as possible.
I also changed my macadress every time i was going to the public wifi, but at home this makes no sense right? Does this decrease my safety? And is it smart to use bridges?
-
If an attacker owns your entry guard and an exit node that you use, he can determine that you accessed a specific clearnet site. If you don't use HTTPS, he can see what you are doing.
If an attacker owns your entry guard and an HSDir, or an intro point, or a hidden service entry guard, he can determine which hidden service you are accessing. If he owns your entry guard, theoretically he could use fingerprint analysis to determine which hidden service you are accessing.
You'll notice the common threat in all of these attacks is that the attacker owns your entry guard. Since you keep the same entry guards for about a month, it would take a long time and a lot of resources to perform these attacks, unless you are incredibly unlucky, which is why I say the chances of getting pwned are miniscule and not something I would worry about unless I was an extremely high value target.
These attacks are better at pwning a few random (unlucky) people among a really big group, rather than targeting specific people.
Changing your mac address doesn't make a difference at home. If you go through a router, that's all that your ISP sees anyway. Also, yes, using bridges increases your safety. In fact, as long as they are stable and running, they can be permanent entry guards, so unless you are extremely unlucky in picking a malicious bridge, you would probably never get pwned by these attacks.
-
Ok, so what i have to do is:
*DBAN my harddisk because there is unencrypted shit all over it
*only access ''secret'' things from tails (tor) with bridges and using a persistant volume with long password for sensitive information
This way i don't have to encrypt my harddrive and its clean. And i can use my home wifi this way right? Or is the public wifi still beter (i hope not because it is really annoying)
Am i missing anything with security this way?
And thanks astor!!!
-
Ok, so what i have to do is:
*DBAN my harddisk because there is unencrypted shit all over it
*only access ''secret'' things from tails (tor) with bridges and using a persistant volume with long password for sensitive information
That's a good setup. I think there's an issue with Tails remembering bridges after a reboot. Not sure as I haven't done it myself, but there's a thread or two about it on the forum.
This way i don't have to encrypt my harddrive and its clean. And i can use my home wifi this way right? Or is the public wifi still beter (i hope not because it is really annoying)
For your use case, I think it's unnecessary. In fact, repeatedly going to the same wifi hotspot can make people suspicious. You won't draw attention to yourself as long as you are home and don't abuse your internet connection (torrents, hacking, etc).
Am i missing anything with security this way?
Looks good to me.
-
So everything i do on tor is anonymous then? Because if there is no evidence on my devices how can i be caught, if tor does not leave traces? Or is there no way except for fucking it up yourself?
-
I want to ask a question about bridges since we are here:
They have to be periodically changed/updated or you can use some permanently? In the case you should update/change them what's the usual lapse of time on which to check for new ones periodically?
I'm sorry if this is a dumb question but there are certain points on which I'm still a noob here. I'm slowly gathering information to bring my security at the best level possible for an usual home personal user buyer as I am.
-
So everything i do on tor is anonymous then?
That's a broad question. Like I said, there are lots of ways to be deanonymized besides an attack on the Tor network or your TorBrowser. If you tell someone your name, there's nothing Tor can do to protect you. Someone could social engineer you into giving up your identity. You could get drunk and give out too much info. You could talk to someone frequently and give out little bits of info, which they are able to connect to your read identity. If you use a unique username on this forum that you use on clearnet sites, someone could connect them and figure out your identity. You could download malware or open a document that phones home to someone's server and deanonymizes you.
Rewording the question more narrowly: will Tor in its default state deanonymize you? The chances are extremely small. And remember, it's still your best option among all proxies -- at least if you want to access clearnet.
Because if there is no evidence on my devices how can i be caught, if tor does not leave traces?
Tor on its own doesn't leave traces of your browsing activity, but that's again something you can screw up through unsafe actions, such as saving bookmarks. Unless you live in some place like Iran or Syria, it's not illegal to use Tor. Having TBB on your computer isn't evidence of a crime. Neither is a link to Silk Road on its own. Lots of people, like journalists and bloggers, browse the site and don't buy anything. However, it can be evidence against you in the right context. If LE intercepts a drug package, raids you, and finds a link to SR on your computer, it'll be harder to deny that the package was yours when there's evidence on your computer that you were visiting drug sites. But that's also the case if they find drug paraphernalia in your house, or a lot of cash.
If you leave TBB in the default configuration and don't compromise your identity through your behavior, you should be safe.
Or is there no way except for fucking it up yourself?
The chances of Tor fucking you over are extremely small. You are far more likely to do it yourself. :)
-
They have to be periodically changed/updated or you can use some permanently? In the case you should update/change them what's the usual lapse of time on which to check for new ones periodically?
You can use the same bridges for as long as they are running. In fact, you probably should. It's safer than rotating them, assuming you didn't get malicious bridges in the first place.
-
They have to be periodically changed/updated or you can use some permanently? In the case you should update/change them what's the usual lapse of time on which to check for new ones periodically?
You can use the same bridges for as long as they are running. In fact, you probably should. It's safer than rotating them, assuming you didn't get malicious bridges in the first place.
interesting insights - many thanks!!
... quick question about bridges. Is this a better strategy than anonymous VPN? Can the two be used together to good effect?
-
Yes, they can be used together. Honestly I think it's a toss up if the threat you're worried about is "being identified in a fishing expedition". Both options protect about the same amount against a very unlikely threat.