Silk Road forums
Discussion => Newbie discussion => Topic started by: ingloriouslibertine on June 14, 2013, 08:14 pm
-
Long time lurker, first time poster!! Spent a while checking out the site and reading these forums, but held off on registering until I had a clean machine to work with. As I type, I sit behind a fully torrified (all traffic, not just browsers) linux VM workstation which connects to another VM gateway, which connects via NAT to VM with an entirely different OS, which is THEN finally connects to my Host, which is a fresh install of yet another type of OS on a brand new hard drive.
I've spent countless hours getting this setup to work just right, and if anybody on this thread is concerned about anonymity issues I'd be glad to spend some of these first 50 posts helping others make sense of the craziness I just waded through in order to get here.
I'm getting started trying to understand the ins and outs of PGP now (and finding a suitable BC site I can purchse w/ cash in my country).
We have 50 posts to go, let's leave some insight for the next wave of neophytes.
Cheers all
-
In addition to the above, I forgot to mention two other programs I've thrown into the setup listed above...for anyone who hasn't heard of these or similar tools, sandboxie (quasi-VM machine) and truecrypt (incredibly powerful encryption for files, partitions, and whole drives).
------------------------------------------------------
Here's an interesting discussion going on in the security forum about potential dangers opening clearnet sites w/ tor. This is actually the first I've heard of this, and it seems to be a bit controversial as to whether or not it is in fact bad practice. I'll do some digging and post my findings here.
http://dkn255hz262ypmii.onion/index.php?topic=171993.0
-
+1 OP. I like intelligent threads like this... Well done.
If I might add anything you need to know can be found here, it doesn't hurt to ask. I hate to see all the people lurking not registered missing out... Damn shame...
Anyways...
Staying low key, encryption, physical awareness, all play a part.
-
Another thing people might not be aware of is to never check USPS tracking on Tor. From what I here it might raise a red flag.
-
+1 OP. I like intelligent threads like this... Well done.
If I might add anything you need to know can be found here, it doesn't hurt to ask. I hate to see all the people lurking not registered missing out... Damn shame...
Anyways...
Staying low key, encryption, physical awareness, all play a part.
Ty for reply and for the awesome noob guide in your sig. I'll read the whole thing in a little bit here. Agreed on the lurker sentiment, but also kudos to those who do like me and make sure to get a bit of a grip on things before diving in. I know if I had registered in the first week or so of discovering the whole hidden services thing, a month or two from now I'd be freaking out about what I might have done to de-anon myself from the very beginning. This site and all that goes into conducting business on it definitely seems deceptively simple at first. Good thing we have resources like your guide to help make sense of it all when we do finally jump in.
-
someone should modify the tor software so you can chhose which nodes you want to use and so you can maybe even add some extra proxies ...??
-
Another thing people might not be aware of is to never check USPS tracking on Tor. From what I here it might raise a red flag.
Hadn't heard of this yet, but it makes sense. How then are we supposed to check tracking info?
-
Long time lurker, first time poster!! Spent a while checking out the site and reading these forums, but held off on registering until I had a clean machine to work with. As I type, I sit behind a fully torrified (all traffic, not just browsers) linux VM workstation which connects to another VM gateway, which connects via NAT to VM with an entirely different OS, which is THEN finally connects to my Host, which is a fresh install of yet another type of OS on a brand new hard drive.
So is all of that on a single box? What's the advantage of routing the traffic through the additional VM's? Which VM are you using (virtualbox, vmware, etc)? i'm about to set something up myself but haven't decided the approach to take quite yet. i'm thinking of setting up a vm on my local box and then connecting via vpn that i'd set up on a vps hosted internationally. i'm thinking of setting up my own vpn just to make sure no logs are kept
-
Another thing people might not be aware of is to never check USPS tracking on Tor. From what I here it might raise a red flag.
Hadn't heard of this yet, but it makes sense. How then are we supposed to check tracking info?
I would say don't unless you absolutely have to, and if you do, check it from the library or something.
-
So before I even start, all you sec pros out there can take my explanation of my setup as laymen's attempt at doing so. I've had no formal comp sci education, so this is sort of my understanding of how things I know to be working are actually runnign under the hood. My current setup is a combination of me having built it partially on recommendations from reputable sources (websites, forums, blogs etc) and partially due to my half-assed yet functional knowledge of computer networking that I've learned by process of osmosis having spent most of my life as a hapless nerd. So don't freak the fuck out over me using a wrong term here or there.
Each "layer" of protection provided by the gateway and subsequent VM machines it connects through on it's way "out" of my host PC make it that much harder to ever be able to trace my activity, pretty much regardless of how my machines or connection might be comrpomised. In addition, it makes it nearly impossible to find any physical traces of what I've been up to if my lappy were to ever be seized.
Honestly though, the main thing I like about using VM's instead of removable media is persistence. I can install whatever programs I like onto my "main" guest OS, keep bookmarks, etc. I'm pretty particular about my software "suite" when using different linux distros, so being able to customize on the fly is pretty much a necessity. Also, it's just nice to be able to alt+tab out of VM and into other guests, or to my host in between or during sessions. Not having to reboot to switch operating systems is also nice for testing different network configs and the like.
My guest VM images sit on different hidden volumes encrypted by Truecrypt and hidden throughout my harddrive. Multiple volumes would have to be cracked to get down to the very "bottom" guest OS that I actually work out of. In addition, some VM's can be run inside Sandboxie. Only connect to public wifi and throw in a VPN for good measure (and change your VPN provider monthly), and I think that's about as close to anonymous as you can get.
Here's a list of what I'm currently using. (I think I'll be switching out the order in which they connect, and probably swapping which OS's I use where for speed testing and such..so that'd be yet another layer of fuckery that the fucks would have to fuck with in order to fuck my shit)
*denotes my preferred programs so far
Hiding/encrypting data on host machine
----------------------------------------------
Truecrypt *
BitLocker
DiskCryptor
VM software
----------------------------------------------
VirtualBox *
VMWare
Sandboxie *
Linux Distros
---------------------------------------------
Whonix ****** (by far my favorite)
BackTrack/Kali
Liberte * (don't like Live distros but I enjoy using this one)
Tails (just in case)
Windows OS's
-------------------------------------------
Windows 7
Windows XP
...plus a veritable fuckton of apps and utilities, mostly unique to each different OS I use. I'm all over the place right now, but as I clean it up and make it more efficient, I think I'll end up with a pretty slick setup (and hopefully a pretty comprehensive guide for new users).
-
Make sure you use tor lulz
-
ok first of all how can we get better software for tor. I need to be able to choose my nodes (which is easily made in the config files) but still I would prefer to be able to do it straight in the GUI. I would also be able to choose a proxy(any kind) before and after my TOR nodes I am passing, which is doable with proxychains, but this would be a great upgrade for a super software.
Also I am interested of how I can torify all my connections from my virtualbox which is installed in a windoze 7 system?
And how to connect between different VMs inside my system..
-
Sounds like a pretty intricate setup, OP (but then again I'm a complete imbecile with regard to computers)! Also - White 0ut, your noob guide is fantastic - learning more on there in a few minutes than I have in a day or two of lurking the forums. Great thread all around!
-
12
-
sounds like a pretty full on set up dude
i spent like 5 hours the other day trying to work out PGP - and I think I finally got there
cheers, 26$
-
I'm glad to see this thread has helped a few people. I'm too tired to give you a decent reply atm Riks, but I will give you some pointers tomorrow. I also still plan on doing a more in-depth guide in the next few days.... If anyone has other programs to add, I'd like to play around with some alternate options and include them in my write-up.
Thanks for the replies guys, any other comments or questions are welcomed.
-
Its pleasing to know for a person like me who's not that much a Techy but has more or less done whats in this thread, good to know that a good read on the forums can easily steer you in the right directing.
bastard Governments have no right to know what I wanna do in my own time, pizzes me off so much, plus the mountains of Oxy i now buy is a bonus ;)
-
anonymity? you can buy details on here.
-
ok first of all how can we get better software for tor. I need to be able to choose my nodes (which is easily made in the config files) but still I would prefer to be able to do it straight in the GUI.
It's ok to do this once in a while, like if you need an exit node in a specific country, but if you are selecting your nodes all the time, that reduces your anonymity, since your circuit patterns will be different and noticeable.
Also I am interested of how I can torify all my connections from my virtualbox which is installed in a windoze 7 system?
And how to connect between different VMs inside my system..
Check this out: http://dkn255hz262ypmii.onion/index.php?topic=161335.msg1148298#msg1148298
-
Excellent use of the forums OP. And +1 ingloriouslibertine for all the information sharing.
-
I have a similar setup on my computer.
General/Hidden TrueCrypt Volume with the exact same files on both volumes different data though. and a VMWare VM on the Truecrypt hidden Volume running Gentoo with everything running through tor either direct or via local proxy. VMWare machine is NAT so it can't be seen on the local DHCP/DNS or in ARP.
-
My only concern with the setup you have posted OP is, if that lot is running on one machine, surely keylogging that one host will be enough to kull a lot of info for a variety of attacks?
Maybe you have already explained that or I've got the wrong end of the stick, or even that is your acceptable weak link, but interested to hear your thoughts if relevant.
-
Just wondering, i know it would be wiser to fully encrypt the whole computer, but what if you just got a burner computer, would it matter then???
-
My only concern with the setup you have posted OP is, if that lot is running on one machine, surely keylogging that one host will be enough to kull a lot of info for a variety of attacks?
Maybe you have already explained that or I've got the wrong end of the stick, or even that is your acceptable weak link, but interested to hear your thoughts if relevant.
you the same dude that's being accused of passing on details.
http://dkn255hz262ypmii.onion/index.php?topic=174172.0
-
My only concern with the setup you have posted OP is, if that lot is running on one machine, surely keylogging that one host will be enough to kull a lot of info for a variety of attacks?
Maybe you have already explained that or I've got the wrong end of the stick, or even that is your acceptable weak link, but interested to hear your thoughts if relevant.
Yeah, as far as I can tell being keylogged is about the only thing to really worry about. With the security software I run on my host machine, I'm fairly confident that I'm ok in that department, but if I was doing anything serious enough to merit the extra paranoia, I would be running my current setup on a tails livecd instead. As I'm getting more and more comfortable working with linux, I'm finding myself less and less reliant on alt+tabbing out to my host's native OS anyway, so I will likely be doing exactly that in the future.
I suppose an alternative would be to use a virtual keyboard at all times, but that would negate the convenience of running everything on my day-to-day pc anyway.
-
Just wondering, i know it would be wiser to fully encrypt the whole computer, but what if you just got a burner computer, would it matter then???
A burner computer would obviously be a good idea but I'd still take the same steps to encrypt everything on it that you would on your main PC. The main reason for encrypting local files (imo) is in the event that your computer were to be seized. I like the idea that if my computer were to be scrutinized, it would look like I'm not hiding anything at all. Having a separate machine that is totally encrypted, although not illegal in and of itself, still raises more suspicion in the eyes of LE. I think it'd be best if any machine you owned had the outward appearance of being used innocuously. Rather than a burner computer, I'd go for a completely encrypted USB stick or harddrive to store your anonymous OS on.
-
Long time lurker, first time poster!! Spent a while checking out the site and reading these forums, but held off on registering until I had a clean machine to work with. As I type, I sit behind a fully torrified (all traffic, not just browsers) linux VM workstation which connects to another VM gateway, which connects via NAT to VM with an entirely different OS, which is THEN finally connects to my Host, which is a fresh install of yet another type of OS on a brand new hard drive.
I've spent countless hours getting this setup to work just right, and if anybody on this thread is concerned about anonymity issues I'd be glad to spend some of these first 50 posts helping others make sense of the craziness I just waded through in order to get here.
I'm getting started trying to understand the ins and outs of PGP now (and finding a suitable BC site I can purchse w/ cash in my country).
We have 50 posts to go, let's leave some insight for the next wave of neophytes.
Cheers all
Wow, i dont even know what half that stuff is!
-
Very nice setup OP and kudos on bringing this subject up however you failed to implement the most important thing in your setup... a hidden spycam! All that security is for nothing if the cops break in when your not home and install a spycam over your pc to steal your passwords! lol... i'm just messing around but I'm kinda not though. If I went through all that like you did I'd put a hidden cam somewhere just as icing on the top :P