Silk Road forums

Discussion => Security => Topic started by: m00tp00 on December 26, 2011, 04:21 am

Title: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: m00tp00 on December 26, 2011, 04:21 am
background:

What happens, When navigating normally through the tor network to none .onion addreses nothing seemed to change. But as soon as I headed to silkroad. I get a pop up. Saying something along the lines of "Microsoft would like to send a sample of your program for further review....blah blah" "Un check this to not send this sample". The app listed was showing tor vidalia bundle. I found this very interesting as I have never had that message until today, and sure enough; A update was installed today.

New update, Definition Update for Windows Defender - KB915597 (Definition 1.117.1627.0)

Installation date: ‎12/‎25/‎2011 6:53 PM

Installation status: Successful

Update type: Important

i know i am paranoid hippy .. but i think everyone should be just a careful. I will be doing some network analysis of this and try to see if my hypothesis is correct... Im asking everyone to not install this update in the mean time.

Im also asking if other people  to let me know if the see any similar message. This is very very important for me to help look into this.



And remember

1. Disk encryption  > truecrypt   --- Or use live cd.
2. File shredders
3. tor :P
4. Use different forum name than your SR login. and pass
5. Ironkey flashdrives - check em out. good for clean truecrypt partition. . <--recommended.
6. Always delete messages after read. ---in case of break into database
7. PGP emails!!!
8. If yous l33t ... l2 proxy chains
9. What happens on the net, stays on the net.
10. Wait a day or so until you open your product. Trust me, this does help even though it sounds ghey. :P
11. If your a dealer, Use latex gloves when handle products / envelopes ext. DEA does create accounts to place orders so they can try to get DNA off of goodies. In fact. DEA reading this right now, and taking note :P. ...   
 
12. Change bit-coin address through sr profile management. Send bitcoins from your exchanger to instawallets         

      12a.(pro status = break up amounts to different  instawallets. Send all the funds from all the different instawallets into another instawallet and send here. 

ex. {
5btc
mtgox  2 btcs > instawallet1
mtgox 3 btcs >instawallet2

instawallet1 2 btcs > instawallet3
instawallet2 3 btcs > instawallet3

instawallet > SR wallet

rinse and repeat for every transaction. make new accts, etc...
}
* if you are really paranoid you can just create your own style. but this is how i get my btcs.
13. Another thing that helps, break into neighbors wiFi, or use cafe shops / any public internutz.
14. Also, rename your computer every once in a while.
15. Optional, read up on counter surveillance/ anti forensics.



Wanna help / questions ? PM me

be safe.
have fun.


Long live silkr0ad.




Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: envious on December 26, 2011, 05:14 am
Seems a bit odd to me. Windows defender is Microsoft's antivirus program. Maybe you are infected with a virus that infected your vidalia installation?
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: m00tp00 on December 26, 2011, 05:36 am
Trust me, I am not infected. This was a alert from windows defender. And im running win7 on vbox. Only things installed are wireshark, and visual c++ with my written programs. Very highly doubtful that i am infected.

 I did a system restore to dec, 16. last time this vb was on. Updated again, and got the same message. only after the update was installed.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: SuperDimitri on December 26, 2011, 07:53 am
Haven't had any recent DL's, and no pop-ups, either. But I will keep an eye out.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: TravellingWithoutMoving on December 26, 2011, 08:15 am
- someone who is familiar with windows support could
          - extract the kb, maybe apply it...
          - monitor network connections and perhaps work out "whats changed" ..
          - use regmon to log what changes to registry and files when opening sr in a browser..
- irrespective, would you have trusted ms anyway?!
 
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: mito on December 26, 2011, 05:03 pm
fuck dea
fuck microsoft

long live SR!
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: envious on December 26, 2011, 05:37 pm
m00t were you able to reproduce this popup? I have tried on a windows machine and cannot get it to happen, even with the 12/25 update installed.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: SierraRS on December 27, 2011, 12:43 am
Most likely after antivirus definition update the vidalia setup was found as suspicious. As the setup file is identical for all users, it's not a problem. But never use automatic updates, the windows genuine advantage was good example why not.

1. TrueCrypt is silver bullet. Use it on System Drive! LiveCD is inconvenient. That's my opinion, your requirements may vary.
2. No need for shredders if drive is already encrypted with TrueCrypt. Shredding alone is not guaranteed to remove all traces of activity.
3. Tor!
4. Pass different, name the same. Even sellers use the name on forum. Helps build reputation.
5. I will never trust proprietary hardware encryption devices. There already exist examples of badly implemented crypto on usb sticks. TrueCrypt are cheaper and safer.
6. You should never send any personal info without GPG encryption. The database can be compromised anytime... or never!
7. PGP e-mails!
8. some proxy chains are in fact honeypot or otherwise insecure. Tor will do the job!
9. What's anonymous and encrypted, stays anonymous and encrypted! Where is the Las Vegas?
10. Bad advice. If you will receive unexpected package from unknown person, you will no try to know what's inside? Wait for a few days so cops can get the warrant and visit your house with weed still sitting in a package? Better receive packages at some other address. Make a hobo do the job for you.
11. Yes, smart sellers already are using gloves etc. DEA, as you read this, try to enforce a baton up in to your ass!
12. Instawallets are web service, who can log all the transactions at will. Sending coins to your computer keeps the recipient (your) address even more secret.
13. Good. Change the MAC address of your WiFi network card, so the router logs will show the fake address.
14. Use a popular and generic name, such as computer or admin. Renaming computer can sometime cause all sorts of problems.
15. True, good starting point are http://www.anti-forensics.com/
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: ArnoldLayne on December 27, 2011, 12:50 am
yet another reason to use Linux
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: m00tp00 on December 27, 2011, 12:55 am
Ok, the error message came about when i right-clicked tor and ran as admin. The message has yet to pop up since i clicked the do not send radio button. Also , i tried looking for the message computer management. ( Right click computer -> manage) , nothing was found. Once / if i can replicate this error, i will upload ss.


-- Thanks for the adds/ commentary SierraRS.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: drugfather on December 27, 2011, 01:11 am
yet another reason to use Linux

Mac OSX > Linux > Windows

-DF
drugfather
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: m00tp00 on December 27, 2011, 01:19 am
Slackware 13.0 ftw :P
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: quinone on December 27, 2011, 11:35 am
A VPN should add some measure of security shouldn't it?
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: m00tp00 on December 27, 2011, 06:20 pm
A VPN should add some measure of security shouldn't it?

Only if you want that extra layer of security. Could affect performance. Im asking people if they would be interested in having me write a guide about several topics like truecrypt ... anything security related. I know that there are many guides out there. But I was thinking about making a couple custom how-tos for this forum board / wiki.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: racidacid on December 27, 2011, 09:37 pm
A VPN should add some measure of security shouldn't it?

Only if you want that extra layer of security. Could affect performance. Im asking people if they would be interested in having me write a guide about several topics like truecrypt ... anything security related. I know that there are many guides out there. But I was thinking about making a couple custom how-tos for this forum board / wiki.

I would love for you to do this, honestly. Although that list is basically what I was looking for in anonymity, some elaboration on those things you said would be very, very helpful matey :)
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: DigitalAlch on December 27, 2011, 09:50 pm
yet another reason to use Linux

Mac OSX > Linux > Windows

-DF
drugfather

I think you mean
Linux > Mac > Windows
Haha : )

Peace,
DigitalAlch
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: drugfather on December 27, 2011, 10:48 pm
yet another reason to use Linux

Mac OSX > Linux > Windows

-DF
drugfather

I think you mean
Linux > Mac > Windows
Haha : )

Peace,
DigitalAlch

I have a love / hate relationship with Linux. I primarily like Mac over Linux because I do quite a bit of graphic design and make iPhone / Mac apps from time to time  8)

-DF
drugfather
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: tinydancer on December 27, 2011, 11:10 pm
Mito, you have command of the English language!  I am with Mito, his post made me smile!
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: TravellingWithoutMoving on December 27, 2011, 11:45 pm
A VPN should add some measure of security shouldn't it?

http://dkn255hz262ypmii.onion/index.php?topic=6275.msg58502#msg58502
- previous thread discussing vpn
Title: Re: Microsoft Helping DEA crackdown on silkroad? - windows defender
Post by: TravellingWithoutMoving on December 28, 2011, 12:06 am
- it wouldnt be advisable to install / use microsoft windows defender {windows and windows} as its their product and they are likely to put in and introduce exceptions
  when it suits them, exceptions for processes and modules that they would like to continue subversively do whatever the module has been designed to do. Nobody
  outside of microsoft are going to be able to keep tabs on this as they are both "controlled" by microsoft.
                    - if using another anti-virus product (on windows) you at least have another vendor independant of the OS working on the product hence why you see
                       other vendors anti-virus / firewall products suddenly detecting "suspicious" modules which is less likely to occur when wanting an all "microsoft" solution.
                       (unless the 2 vendors are specifically working in cahoots to achieve a common goal without the user realising..sooner or later one something won't
                         quite work and they will be found out and will be all over the papers..)
- the same goes for workstation firewalls, in this case on windows; backdoors can very easily be written into either OS or firewall code when it suits them.

- microsoft have an absolute crap track record when it comes to security, they don't care nor have much skill in coding securely especially protocols, history tells us this.

- solution is use the best of these components, zonealarm for example, downside is you might have to deal with the odd incompatibility quirk -but then that depends
  on whats important to you...

 ;)
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: abuttelmao on December 28, 2011, 01:28 am
Windows defender is bullshit anyway, i turn it off on every single computer i use
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: SpaceChimp on December 28, 2011, 05:25 am
I didn't think Microsoft liked the government much, don't take them for the sort to willingly work with the feds.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: onlythebest on December 28, 2011, 06:57 am
Fuck the DEA , Everyone take precautions and be careful as OP has said
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: abuttelmao on December 30, 2011, 07:47 am
if you really want to be safe you shouldn't be using windows anyway.  at the very least use a linux live cd/usb stick
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: Mr Stilt on December 30, 2011, 08:05 am
Please don't use Windows.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: Horizons on December 30, 2011, 02:54 pm
if you really want to be safe you shouldn't be using windows anyway.  at the very least use a linux live cd/usb stick

Exactly. If it's too much of a hassle to reboot whenever you want to work securely, just use a VM. I carry out all my illegal online activities Through a VM with an encrypted filesystem that routes ALL traffic through Tor (even stuff like system updates). But the LiveUSB solution has the great advantage of being portable.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: drugfather on December 30, 2011, 04:40 pm
Please don't use Windows.


Amen.

-DF
Drugfather
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: abuttelmao on December 30, 2011, 07:05 pm
Everyone should read the OVDB forum on here - some of the best information ever posted on SR is in there.

This thread explains how to use an Ubuntu VM with Tor on a host machine: http://dkn255hz262ypmii.onion/index.php?topic=7833.0
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: SuperDimitri on December 30, 2011, 07:13 pm
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: drugfather on December 30, 2011, 10:33 pm
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?

Basically  :P

-DF
drugfather
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: 100% American on December 31, 2011, 02:23 am
The DEA isnt cracking down on SR. The DEA is supposed to be something but I doubt it.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: abuttelmao on December 31, 2011, 07:04 pm
So, I have Windows Vista, with Norton running,not the windows protection. What else should I do? Get a new computer?

Vista is terrible and Norton is terrible - you don't have to go as far as getting a new computer though, as long as you run a more secure operating system inside a virtual machine.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: Red Flag on December 31, 2011, 10:29 pm
I doubt Microsoft is helping the DEA.
Title: Re: Microsoft Helping DEA crackdown on silkroad? (Read Me!)
Post by: Looker on January 01, 2012, 12:07 am
For the purposes of SR as long as you take some reasonable security precautions (TrueCrypt to paranoid levels and limit your SR interaction to a portable VM on a USB stick) the OS doesn't really matter if they can't access the filesystem (i.e. TrueCrypt) to retrieve forensic data. While lots of network traffic is monitored using things like tor as well as https everywhere make it fairly useless to try and police peoples internet activity given the amount of resources it would take on behalf of the DEA.

Long live SR!!! :)