Silk Road forums
Discussion => Security => Topic started by: m00tp00 on December 26, 2011, 04:21 am
-
background:
What happens, When navigating normally through the tor network to none .onion addreses nothing seemed to change. But as soon as I headed to silkroad. I get a pop up. Saying something along the lines of "Microsoft would like to send a sample of your program for further review....blah blah" "Un check this to not send this sample". The app listed was showing tor vidalia bundle. I found this very interesting as I have never had that message until today, and sure enough; A update was installed today.
New update, Definition Update for Windows Defender - KB915597 (Definition 1.117.1627.0)
Installation date: 12/25/2011 6:53 PM
Installation status: Successful
Update type: Important
i know i am paranoid hippy .. but i think everyone should be just a careful. I will be doing some network analysis of this and try to see if my hypothesis is correct... Im asking everyone to not install this update in the mean time.
Im also asking if other people to let me know if the see any similar message. This is very very important for me to help look into this.
And remember
1. Disk encryption > truecrypt --- Or use live cd.
2. File shredders
3. tor :P
4. Use different forum name than your SR login. and pass
5. Ironkey flashdrives - check em out. good for clean truecrypt partition. . <--recommended.
6. Always delete messages after read. ---in case of break into database
7. PGP emails!!!
8. If yous l33t ... l2 proxy chains
9. What happens on the net, stays on the net.
10. Wait a day or so until you open your product. Trust me, this does help even though it sounds ghey. :P
11. If your a dealer, Use latex gloves when handle products / envelopes ext. DEA does create accounts to place orders so they can try to get DNA off of goodies. In fact. DEA reading this right now, and taking note :P. ...
12. Change bit-coin address through sr profile management. Send bitcoins from your exchanger to instawallets
12a.(pro status = break up amounts to different instawallets. Send all the funds from all the different instawallets into another instawallet and send here.
ex. {
5btc
mtgox 2 btcs > instawallet1
mtgox 3 btcs >instawallet2
instawallet1 2 btcs > instawallet3
instawallet2 3 btcs > instawallet3
instawallet > SR wallet
rinse and repeat for every transaction. make new accts, etc...
}
* if you are really paranoid you can just create your own style. but this is how i get my btcs.
13. Another thing that helps, break into neighbors wiFi, or use cafe shops / any public internutz.
14. Also, rename your computer every once in a while.
15. Optional, read up on counter surveillance/ anti forensics.
Wanna help / questions ? PM me
be safe.
have fun.
Long live silkr0ad.
-
Seems a bit odd to me. Windows defender is Microsoft's antivirus program. Maybe you are infected with a virus that infected your vidalia installation?
-
Trust me, I am not infected. This was a alert from windows defender. And im running win7 on vbox. Only things installed are wireshark, and visual c++ with my written programs. Very highly doubtful that i am infected.
I did a system restore to dec, 16. last time this vb was on. Updated again, and got the same message. only after the update was installed.
-
Haven't had any recent DL's, and no pop-ups, either. But I will keep an eye out.
-
- someone who is familiar with windows support could
- extract the kb, maybe apply it...
- monitor network connections and perhaps work out "whats changed" ..
- use regmon to log what changes to registry and files when opening sr in a browser..
- irrespective, would you have trusted ms anyway?!
-
fuck dea
fuck microsoft
long live SR!
-
m00t were you able to reproduce this popup? I have tried on a windows machine and cannot get it to happen, even with the 12/25 update installed.
-
Most likely after antivirus definition update the vidalia setup was found as suspicious. As the setup file is identical for all users, it's not a problem. But never use automatic updates, the windows genuine advantage was good example why not.
1. TrueCrypt is silver bullet. Use it on System Drive! LiveCD is inconvenient. That's my opinion, your requirements may vary.
2. No need for shredders if drive is already encrypted with TrueCrypt. Shredding alone is not guaranteed to remove all traces of activity.
3. Tor!
4. Pass different, name the same. Even sellers use the name on forum. Helps build reputation.
5. I will never trust proprietary hardware encryption devices. There already exist examples of badly implemented crypto on usb sticks. TrueCrypt are cheaper and safer.
6. You should never send any personal info without GPG encryption. The database can be compromised anytime... or never!
7. PGP e-mails!
8. some proxy chains are in fact honeypot or otherwise insecure. Tor will do the job!
9. What's anonymous and encrypted, stays anonymous and encrypted! Where is the Las Vegas?
10. Bad advice. If you will receive unexpected package from unknown person, you will no try to know what's inside? Wait for a few days so cops can get the warrant and visit your house with weed still sitting in a package? Better receive packages at some other address. Make a hobo do the job for you.
11. Yes, smart sellers already are using gloves etc. DEA, as you read this, try to enforce a baton up in to your ass!
12. Instawallets are web service, who can log all the transactions at will. Sending coins to your computer keeps the recipient (your) address even more secret.
13. Good. Change the MAC address of your WiFi network card, so the router logs will show the fake address.
14. Use a popular and generic name, such as computer or admin. Renaming computer can sometime cause all sorts of problems.
15. True, good starting point are http://www.anti-forensics.com/
-
yet another reason to use Linux
-
Ok, the error message came about when i right-clicked tor and ran as admin. The message has yet to pop up since i clicked the do not send radio button. Also , i tried looking for the message computer management. ( Right click computer -> manage) , nothing was found. Once / if i can replicate this error, i will upload ss.
-- Thanks for the adds/ commentary SierraRS.
-
yet another reason to use Linux
Mac OSX > Linux > Windows
-DF
drugfather
-
Slackware 13.0 ftw :P
-
A VPN should add some measure of security shouldn't it?
-
A VPN should add some measure of security shouldn't it?
Only if you want that extra layer of security. Could affect performance. Im asking people if they would be interested in having me write a guide about several topics like truecrypt ... anything security related. I know that there are many guides out there. But I was thinking about making a couple custom how-tos for this forum board / wiki.
-
A VPN should add some measure of security shouldn't it?
Only if you want that extra layer of security. Could affect performance. Im asking people if they would be interested in having me write a guide about several topics like truecrypt ... anything security related. I know that there are many guides out there. But I was thinking about making a couple custom how-tos for this forum board / wiki.
I would love for you to do this, honestly. Although that list is basically what I was looking for in anonymity, some elaboration on those things you said would be very, very helpful matey :)
-
yet another reason to use Linux
Mac OSX > Linux > Windows
-DF
drugfather
I think you mean
Linux > Mac > Windows
Haha : )
Peace,
DigitalAlch
-
yet another reason to use Linux
Mac OSX > Linux > Windows
-DF
drugfather
I think you mean
Linux > Mac > Windows
Haha : )
Peace,
DigitalAlch
I have a love / hate relationship with Linux. I primarily like Mac over Linux because I do quite a bit of graphic design and make iPhone / Mac apps from time to time 8)
-DF
drugfather
-
Mito, you have command of the English language! I am with Mito, his post made me smile!
-
A VPN should add some measure of security shouldn't it?
http://dkn255hz262ypmii.onion/index.php?topic=6275.msg58502#msg58502
- previous thread discussing vpn
-
- it wouldnt be advisable to install / use microsoft windows defender {windows and windows} as its their product and they are likely to put in and introduce exceptions
when it suits them, exceptions for processes and modules that they would like to continue subversively do whatever the module has been designed to do. Nobody
outside of microsoft are going to be able to keep tabs on this as they are both "controlled" by microsoft.
- if using another anti-virus product (on windows) you at least have another vendor independant of the OS working on the product hence why you see
other vendors anti-virus / firewall products suddenly detecting "suspicious" modules which is less likely to occur when wanting an all "microsoft" solution.
(unless the 2 vendors are specifically working in cahoots to achieve a common goal without the user realising..sooner or later one something won't
quite work and they will be found out and will be all over the papers..)
- the same goes for workstation firewalls, in this case on windows; backdoors can very easily be written into either OS or firewall code when it suits them.
- microsoft have an absolute crap track record when it comes to security, they don't care nor have much skill in coding securely especially protocols, history tells us this.
- solution is use the best of these components, zonealarm for example, downside is you might have to deal with the odd incompatibility quirk -but then that depends
on whats important to you...
;)
-
Windows defender is bullshit anyway, i turn it off on every single computer i use
-
I didn't think Microsoft liked the government much, don't take them for the sort to willingly work with the feds.
-
Fuck the DEA , Everyone take precautions and be careful as OP has said
-
if you really want to be safe you shouldn't be using windows anyway. at the very least use a linux live cd/usb stick
-
Please don't use Windows.
-
if you really want to be safe you shouldn't be using windows anyway. at the very least use a linux live cd/usb stick
Exactly. If it's too much of a hassle to reboot whenever you want to work securely, just use a VM. I carry out all my illegal online activities Through a VM with an encrypted filesystem that routes ALL traffic through Tor (even stuff like system updates). But the LiveUSB solution has the great advantage of being portable.
-
Please don't use Windows.
Amen.
-DF
Drugfather
-
Everyone should read the OVDB forum on here - some of the best information ever posted on SR is in there.
This thread explains how to use an Ubuntu VM with Tor on a host machine: http://dkn255hz262ypmii.onion/index.php?topic=7833.0
-
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?
-
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?
Basically :P
-DF
drugfather
-
The DEA isnt cracking down on SR. The DEA is supposed to be something but I doubt it.
-
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?
Vista is terrible and Norton is terrible - you don't have to go as far as getting a new computer though, as long as you run a more secure operating system inside a virtual machine.
-
I doubt Microsoft is helping the DEA.
-
For the purposes of SR as long as you take some reasonable security precautions (TrueCrypt to paranoid levels and limit your SR interaction to a portable VM on a USB stick) the OS doesn't really matter if they can't access the filesystem (i.e. TrueCrypt) to retrieve forensic data. While lots of network traffic is monitored using things like tor as well as https everywhere make it fairly useless to try and police peoples internet activity given the amount of resources it would take on behalf of the DEA.
Long live SR!!! :)