Silk Road forums
Discussion => Security => Topic started by: comsec on August 05, 2013, 06:02 pm
-
Besides making your own/buying your own Domain + email (can easily do this with Namecoin, or KatzGlobal, or any Iceland VPS provider like 1984hosting)
https://bitmessage.ch/ - has a .onion server, this forwards emails into bitmessage p2p network. Obviously use PGP. Give customers the email address it generates, and then they can mail you and it will be on the network for retrieval with regular bitmessage client (torify!) or retrieve it from them over .onion access. Bitmessage is highly experimental and flaws galore have been found in it, keep that in mind while using it.
I2p-Bote mail - is similar to bitmessage in that it's p2p/decentralized and doesn't expose headers like who the message has been sent to. Pretty sure Tails includes this in it's I2p panel (if they still have i2p)
https://privatdemail.net - has a self-signed cert, so at anytime can be MITM attacked. SSL/TLS is totally broken anyways. Always use PGP
http://security.resist.ca/create-nym.shtml Classic Nym address. It would be preferred to use a newsgroup in your reply block, like alt.anonymous.messages then retrieve your messages by downloading all of them on either a bitcoin VPS, or through a premium newsgroup service that offers https encrypted retrieval. This is as anonymous as you could get before bitmessages and i2p-bote mail. Always use PGP of course.
https://www.cotse.net/cgi-bin/mixmail.cgi for sending emails through a mixmaster. They also offer an email service, prob not suitable for business but they strip outgoing IP.
Jabber - only use Jabber with a .onion address. You can make your own:
https://www.torservers.net/wiki/setup/jabber
Countermail - risky, your account could be yoinked if some idiot rats you out with enough complaints. Hide it behind your domain name: https://countermail.com/?p=support#48 so register a bitcoin domain, then read their FAQ how to set it up. Has at least basic MITM attack prevention, but stupidly no .onion server to retrieve msgs.
EXPERIMENTAL - http://tox.im
A skype/social media encrypted and decentralized replacement put together by hackers on 4chan's /g/
TorChat - https://github.com/prof7bit/TorChat/wiki
I left out the bulk of .onion msg services because I don't trust them at all.
-
This is a good list for the short term, but for robust censorship resistance, we need decentralized services (including forums and markets and payment systems) so there is no central point of failure. Out of everything on that list, only Torchat doesn't rely on a central server. The trade off is it turns everyone into a hidden service, which in the default configuration makes users vulnerable to attacks that may identify them.
What we really need is better security for hidden services, and then decentralized services built on top of them.
We also need something like a Qubes Server Edition that has preconfigured LAMP and LEMP stacks with VM isolated components (web server vs mysql database, eg), plus VMs for Tor, ssh, any other services you would care to run (xmpp server, ircd, etc.). It would be like Tails / Whonix for hidden services, a complete out-of-the-box anonymous and secure server OS that would make it easy to spin secure hidden services.
-
I2p-Bote messages, bitmessage (the protocol/network.. not centralized bitmessage.ch front end) newsgroups/nym servers, and tox.im are all decentralized too.
VMs are not any good for any sort of popular Tor service, memory is eaten up by the all the encrypted connections. OnionCloud it appears is in early concept stages, not at all ready to go and they will undoubtedly vet services so they don't end up like the Freedom Hosting guy. It will do what you want though, PaaS application hosting so anybody can turnkey their own hidden service.
We need more stuff like GnuNetwork applications instead of Tor anyways, Tor was designed for usability not traffic analysis defense which wasn't important back in 2006 but now it is. There is a lot of decentralized software being built but it's heavy crypto engineering, which means these PHDs won't release it until after a year or so of testing. Just rushing something out ends up like Crypto.cat debacle.
-
I've been using countermail for years (with PGP of course). It's an excellent service for "business" transactions/correspondence.
-
I've been using countermail for years (with PGP of course). It's an excellent service for "business" transactions/correspondence.
Only because you haven't run into a psycho customer or aggressive competitor. Wait until they complain to admin@countermail.com that you are selling drugs, bye-bye account.
-
I'm almost 100% sure that the admins can't view the body text of messages, not to mention I encrypt with my own generated PGP key stored offline. They (the admins) have no way of decrypting the content to verify claims being lobbied at them by the other party.
I do recognize the danger in using it, though.... but it's still the best full fledged, semi-anonymous email client in my opinion.
-
I'm almost 100% sure that the admins can't view the body text of messages, not to mention I encrypt with my own generated PGP key stored offline. They (the admins) have no way of decrypting the content to verify claims being lobbied at them by the other party.
I do recognize the danger in using it, though.... but it's still the best full fledged, semi-anonymous email client in my opinion.
That's a different story, I'm talking about your account getting nulled through complaints, not them reading your emails. Remember though, Hushmail claimed they couldn't read your encrypted email either. They got around this when forced by the authorities by presenting the target with a MITM attack login screen. Instead of the usual login screen, you got one that leaked your password in the clear to the FBI. No reason countermail can't feed you the same MITM login to spill to the feds but you said you're using PGP on top of it so doesn't matter.
I used to use countermail (with PGP) and they killed my account when a junkie nutjob complained relentlessly confusing me for another vendor claiming I ripped him off of heroin, something I never sold. The admin sent me warnings, and then with no further communication cancelled the paid account I had.
-
I2p-Bote messages, bitmessage (the protocol/network.. not centralized bitmessage.ch front end) newsgroups/nym servers, and tox.im are all decentralized too.
That's true, but I2P is a weak anonymity network with little research, some of which recently revealed that users can be easily identified by attacks on the netdb:
Practical Attacks Against The I2P Network
http://wwwcip.informatik.uni-erlangen.de/~spjsschl/i2p.pdf
BitMessage has serious security flaws as well: https://bitmessage.org/forum/index.php/topic,1666.0.html
Nym servers are ok. kmf has talked about some the PIR methods that are information theoretically secure, so as long as they are implemented in safe ways, they can be a good alternative.
I hadn't heard of tox.im so quickly read up on it. It hasn't been released yet, but hopefully soon. It looks interesting in that it uses DHT, but it does not appear to be anonymous, ie it relies on finding a user's IP address. This is bad for most people in this community, who want to remain anonymous to each other. The only way to address people over Tor is with the onion pseudo-domain protocol, so maybe that will be added later.
VMs are not any good for any sort of popular Tor service, memory is eaten up by the all the encrypted connections.
Most hidden services are small and don't take up much memory anyway. Tor networking is CPU-bound because of the crypto operations. Relays max out their CPUs long before their bandwidth. But even if that weren't true, VMs provide orders of magnitude better security, which is a trade off worth making. Some well known hidden services have leaked their IP address because of misconfigured web servers and other services, including our very own Silk Road! DPR is just lucky the wrong people didn't see it.
The only way I would ever run a hidden service is in VMs so the service people interact with does not and essentially cannot know its public IP address.
-
That's true, but I2P is a weak anonymity network with little research, some of which recently revealed that users can be easily identified by attacks on the netdb:
Tails tunnels everything through Tor anyways though, so it's I2p peer connections only reveal Tor exit nodes if analyzed by a powerful adversary which is why it takes forever to gather peers. Again I admit I haven't used Tails in ages so I'm assuming they still torify everything.
BitMessage has serious security flaws as well: https://bitmessage.org/forum/index.php/topic,1666.0.html
Torify, and paste in PGP encrypted messages. You just need the delivery system but yeah, I wouldn't trust any crypto engineering that hasn't been vetted and tested for a few years bitmessages included. No other new decentralized crypto services will be ready anytime soon either, they need vetting and alpha/beta testing for a year or so at least. There's a mathematician working on PGP replacement which uses keyfiles and updates the protocol but the guy has been testing it with his crypto PHD analyst peers for a year still. He updates hacker news once in a while but like all crypto engineers is unwilling to release it until perfected because they have academic reputations to uphold so that takes a long time.
Nym servers are ok. kmf has talked about some the PIR methods that are information theoretically secure, so as long as they are implemented in safe ways, they can be a good alternative.
If I was any kind of mega dealer I would definitely be using a nym server/mixminion. JonDonym CD comes with mixminion if you want a live CD solution, it's an awesome Type III Anonymous remailer solution that still works today. You can tunnel Tor through Jondo mixmasters and then tunnel mixminion through both. You can buy Icelandic domains + email with bitcoins to forward your (PGP encrypted) customer emails too so nobody even knows you are using a nym server or mixminion, and reply with the Icelandic domain as your reply-to address. It's probably the best solution around because then trolls, pyscho customers trying to extort you with threats to your provider and aggressive competitors spamming you won't be able to kill your communications easily. Feds can never find you with anonymous padding, timing delay, plus Tor. At least in the carding game you get these kinds of customers and attacks from competitors, I'm sure it happens now too in the dope game.
I hadn't heard of tox.im so quickly read up on it. It hasn't been released yet, but hopefully soon. It looks interesting in that it uses DHT, but it does not appear to be anonymous, ie it relies on finding a user's IP address. This is bad for most people in this community, who want to remain anonymous to each other. The only way to address people over Tor is with the onion pseudo-domain protocol, so maybe that will be added later.
They have some sort of relay system planned. Over Tor this wouldn't be very fast, would probably be shitty VoIP quality. I haven't looked into it at all, I don't use skype the only voip I use is Redphone which also uses relays to avoid easy metadata tracking of who is talking to who.
Most hidden services are small and don't take up much memory anyway. Tor networking is CPU-bound because of the crypto operations. Relays max out their CPUs long before their bandwidth. But even if that weren't true, VMs provide orders of magnitude better security, which is a trade off worth making. Some well known hidden services have leaked their IP address because of misconfigured web servers and other services, including our very own Silk Road! DPR is just lucky the wrong people didn't see it.
The only way I would ever run a hidden service is in VMs so the service people interact with does not and essentially cannot know its public IP address.
If the host has properly DMZ'd/firewalled, it should only give up internal IP anyways. All the networks with real physical isolation I set up as a hidden service were using carp/pfsync to lock down traffic to Tor only and the web server/db back end and tor network facing daemon in the DMZ were just using internal IP with no way to break out of firewall rules to find real IP. If you custom build Nginx from source you can rip out the error pages that show IP but they should only show internal anyways (same as using a VM).
The smaller hidden services I set up used OpenVZ Debian VM to just run tiny private stores, but they would run out of memory all the time if traffic picked up. A lot of VPS software will limit the number of sockets available to each guest, which is usually a limit tor will run into quickly. A tor node handling a significant amount of traffic will start using ridiculous amounts of memory after running for a couple days. I solved this problem by buying a dedicated virtualization server and becoming my own OpenVZ host so I could configure the settings myself instead of every single host out there which seems to limit sockets. This was also many years ago, could be Tor had a bug back then I don't run the servers anymore I sold them and the idiot who bought them was busted in the carder.su sweep.
Could also be I was renting oversold VPS that was lying how much hardware and bandwidth was truly available.
-
Tails tunnels everything through Tor anyways though, so it's I2p peer connections only reveal Tor exit nodes if analyzed by a powerful adversary which is why it takes forever to gather peers. Again I admit I haven't used Tails in ages so I'm assuming they still torify everything.
I'm not sure if they do, but now we have the double requirement of getting everyone to use I2P and Tails just to use this messaging service. Kind of a nonstarter. :)
If the host has properly DMZ'd/firewalled, it should only give up internal IP anyways. All the networks with real physical isolation I set up as a hidden service were using carp/pfsync to lock down traffic to Tor only and the web server/db back end and tor network facing daemon in the DMZ were just using internal IP with no way to break out of firewall rules to find real IP. If you custom build Nginx from source you can rip out the error pages that show IP but they should only show internal anyways (same as using a VM).
The smaller hidden services I set up used OpenVZ Debian VM to just run tiny private stores, but they would run out of memory all the time if traffic picked up. A lot of VPS software will limit the number of sockets available to each guest, which is usually a limit tor will run into quickly. A tor node handling a significant amount of traffic will start using ridiculous amounts of memory after running for a couple days. I solved this problem by buying a dedicated virtualization server and becoming my own OpenVZ host so I could configure the settings myself instead of every single host out there which seems to limit sockets. This was also many years ago, could be Tor had a bug back then I don't run the servers anymore I sold them and the idiot who bought them was busted in the carder.su sweep.
Could also be I was renting oversold VPS that was lying how much hardware and bandwidth was truly available.
Yeah, VPSes are often too small, especially to run relays with the conntrack limits. The other problem is the host OS can see what the VPS is doing. Even if you rent the VPS anonymously, you run the risk of the provider noticing you're doing something illegal and canceling the service or notifying LE.
On the other hand, a lot of people can't afford multiple dedicated servers for physical isolation, or it's just not worth it for them. While physical isolation is better, one dedicated server with some VMs is still way better than running naked services over Tor, and it's within more people's budgets.
-
dedicated server with some VMs is still way better than running naked services over Tor, and it's within more people's budgets.
isn't that what Freedom Hosting was doing though? :) now there's one big target to go after and plant full of NSA phone home exploits because everybody is using it. i fear Onioncloud will suffer the same fate https://github.com/Miserlou/OnionCloud and just be a centralized point of spying unless they know what they are doing.
-
I am not really all that tech educated; much of what is being posted is over my head. I just thought I would ask you pros a question, though. Whatever email service is used, PGP/GPG is used only for the body of the email, correct? Or do you guys use it somehow for signing in, as well. I am pretty new at this. I haven't yet performed any transactions...Any clarification would be great. Thank you in advance.
-
I'm rather nooby but I'm pretty sure you'd just encrypt the body of a message. In order to encrypt your password, you'd need a public key from the provider... It's a cool idea.
My question is: considering thousands of people use the exact same password all over the web I would assume that le wouldn't really look at that. But what if several TORmail accts have the same obscure, rather complex passphrase? Would le be able to put 2 and 2 together? Do you guys know if the LEOs that have the TORmail severs would be able to see users' login info?
-
sub, please keep at it guys!
-
I'm rather nooby but I'm pretty sure you'd just encrypt the body of a message. In order to encrypt your password, you'd need a public key from the provider... It's a cool idea.
These are really two separate questions. A service provider could replace passwords by requiring you to upload a public key and encrypting a one time code to it, which you decrypt and give back to the service to log in. This would stop the insane amounts of phishing we see in onionland dead in its tracks, because the only way to compromise an account would be to steal a user's private key.
The reason it hasn't been more widely adopted is because it creates a huge barrier to adoption of the service. Something like 80% of SR users don't use PGP. If SR switched to this more secure system, it would be massive head aches and a massive user exodus.
But the vast majority of email providers don't offer this feature anyway. You only need to encrypt the body of your message.
My question is: considering thousands of people use the exact same password all over the web I would assume that le wouldn't really look at that. But what if several TORmail accts have the same obscure, rather complex passphrase? Would le be able to put 2 and 2 together? Do you guys know if the LEOs that have the TORmail severs would be able to see users' login info?
Why does LE need the account passwords if they have the hard drive in their possession and can read unencrypted emails right off the disk?
-
Why does LE need the account passwords if they have the hard drive in their possession and can read unencrypted emails right off the disk?
But could it help them link two separate tormail accts to the same person...assuming they had one linked to a guy.
I guess it's kind of a moot question.
-
Found some more options
http://www.rayservers.com/e-mail Rayservers has email + Tor access and they accept digital gold currency probably bitcoin too if you ask or just convert bitcoin to Gold Globals somewhere. They're also Pecunix exchangers. Rayservers is pretty security competent, all their servers are in Panama and running openbsd and everything is encrypted on the server (but you're using PGP anyways right?) http://www.rayservers.com/blog/rayservers-mail-server-features-and-faq I don't see anything about removing the outbound IP, but who cares you're connecting with Tor and removing IP isn't foolproof anyways. The important part is everything is encrypted and you're staying .onion so no MITM attacks.
If you buy your own domain and use it w/Rayservers (anon whois), it will be harder for a troll customer to shut you down than using <name>@countermail.com where they can war complain to abuse all day long to shut you down. Your rayservers email will be hidden, customer will only see domain address vendor@domain.su
Don't pick a stupid name like LSDman@iselldrugs.com use something that doesn't automatically identify you as a drug dealer.
You can use a domain w/Countermail too I think, but I don't like that java signup. and no .onion access
-
Sub'd for later research.
Thanks op
-
I found two more email services that haven't been mentioned here.
For anonymous communication, there's a Tor-only email provider at this address
http://365u4txyqfy72nul.onion/mail/
You can't send email to clearnet addresses and there is no web interface. You have to configure a desktop email client like Thunderbird.
If you need a throw away clearnet email address for registering on web sites, receiving bitcoins, etc., there's Yandex Mail
https://mail.yandex.com
It's run by a Russian company with servers hosted in Russia.
You can register over Tor and with JavaScript disabled, but you need to enable JavaScript to use the webmail interface. However, you can configure a desktop email client to use the POP and SMTP servers without logging into the webmail interface. Make sure you configure Thunderbird to connect over Tor.
-
Found another one, called Pond.
https://pond.imperialviolet.org
It isn't email. It's an independent messaging system, kind of like BitMessage, but hopefully it will be more secure. It is designed to run over Tor exclusively, and instead of being a true p2p messaging system like BitMessage, it relies on central nodes. Although, it still isn't as centralized as getting your messages from a single provider.
Really the old model of email is insecure, outdated and needs to be replaced by a different kind of messaging protocol.
-
How do you set up Privatdemail?
-
Privatdemail.net gives untrusted connection warning when accesed through tor...
:-\
vmail.me sign up is temporarily disabled?
:-\
-
How about these guys?
http://wi7qkxyrdpu5cmvr.onion/en/services/mail.html
Anything wrong with them?
-
How about these guys?
http://wi7qkxyrdpu5cmvr.onion/en/services/mail.html
Anything wrong with them?
That's the hidden service for Autistici: http://www.autistici.org/en/index.html
They are supposed to be a strong pro-privacy hosting provider, but I've never used them.
Doesn't make much sense to use a hidden service when the location of the servers is known, unless you just want to protect against accidental IP leaks, but there are better solutions for that, like Whonix.
-
good points
-
A service provider could replace passwords by requiring you to upload a public key and encrypting a one time code to it, which you decrypt and give back to the service to log in. This would stop the insane amounts of phishing we see in onionland dead in its tracks, because the only way to compromise an account would be to steal a user's private key.
The reason it hasn't been more widely adopted is because it creates a huge barrier to adoption of the service. Something like 80% of SR users don't use PGP. If SR switched to this more secure system, it would be massive head aches and a massive user exodus.
Switch isn't the only option. SR could offer both login methods, and let the user choose which method to use on each login.
Maybe in the beginning only 20% of us would use the crypto method and be thus protected from phishing, but that same protection would always be offered to the other 80% if they would only receive it. And for those who will not, the login process will be exactly as it is now, no harm done.
And in the longer term it might encourage a few more people to start using PGP. Small steps.
(sorry this post has nothing to do with email, but the subject of crypto login was brought up in this thread, not by me. Should I move this to Feature Requests?)
-
Sub
-
I stumbled across bitmessage.ch the other day, anyone have any experience with them? They're accesible via .onion, squiremail interface ... an very long, randomly generated alpha-numeric login name, but overall it looks sound ... ?
pb.
-
Switch isn't the only option. SR could offer both login methods, and let the user choose which method to use on each login.
Maybe in the beginning only 20% of us would use the crypto method and be thus protected from phishing, but that same protection would always be offered to the other 80% if they would only receive it. And for those who will not, the login process will be exactly as it is now, no harm done.
And in the longer term it might encourage a few more people to start using PGP. Small steps.
But the people who choose the PGP method are least likely to fall for phishing scams anyway. In fact, I would go so far as to say that only the people who never use PGP will fall for phishing scams. :)
-
Yes. And if there's a better alternative to the now-gone Tormail I haven't found it.
The alpha-numeric login is actually a Bitmessage address. So people can use the Bitmessage client to send you e-mails instead of using e-mail. It's pretty cool.
I stumbled across bitmessage.ch the other day, anyone have any experience with them? They're accesible via .onion, squiremail interface ... an very long, randomly generated alpha-numeric login name, but overall it looks sound ... ?
pb.
-
I've pretty much given up on email, it's an ancient and dying protocol we don't need anymore. Most of my communication is with textsecure and OTR chat.
-
Yes. And if there's a better alternative to the now-gone Tormail I haven't found it.
The alpha-numeric login is actually a Bitmessage address. So people can use the Bitmessage client to send you e-mails instead of using e-mail. It's pretty cool.
Thanks Baraka!
Seems this might provide a viable alternative to tormail.
-
I've pretty much given up on email, it's an ancient and dying protocol we don't need anymore. Most of my communication is with textsecure and OTR chat.
This.
Any time you're talking about a protocol (SMTP) that sends the message payload, and all metadata (sender, recipient, headers, subject) between two known clearnet points, and want to know how to do it fully anonymously, the correct answer is "You can't." It's trivial for anybody who can see the message traffic to build really impressive lists of who you know, how often you talk to them, how big your messages are, and save all the ciphertext against some point in the future where they either get your keys, or just break them themselves.
Before somebody throws out "What about TLS and SMTP?", anybody who has actually set it up before realizes that it's a total crapshoot as to whether it will reliably encrypt SMTP connections every time, and 99% of the time, it's not configured by both ends to give you Perfect Forward Secrecy even when it *is* working. I'm glad public mail servers are hopping on that bandwagon (any change that raises the cost of monitoring cheers me up) but it doesn't actually solve the core problem.
Long-term, things like Pond (CLEARNET https://pond.imperialviolet.org/) and other technologies may turn into something usable, but for now, it's OTR-chat, or other systems where both sender and recipient are both online and connected and you can remove the need to actually store the message at rest while it's in transit.
-
While some people used Tormail to email clearnet recipients (and could use many clearnet email providers over Tor to do the same), the majority of Tormail users used it as an internal messaging system. Something as simple as TorPM could be an effective replacement, as long as it is stable and easily accessible (bonus if you can add attachments to messages).
The down side is that you have to trust the operator of a centralized system to not read your messages or look at the metadata of who you are communicating with if you use PGP, but a messaging system like TorPM is easy to set up. I'm surprised a replacement hasn't come along yet.