Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 38 39 [40] 41 42 ... 249
586
Legal / Re: Countries where some drugs are legal
« on: August 08, 2013, 04:59 am »
Read point 21 from a few post below. THC is illegal in the Netherlands.

For a few years back at least and maybe still are, there were 4 countrys that sold benzo's like it was paracetamol. Turk&Cois, Myanmar, Afghanistan and the Seychelles. I have ni idea how it is today with their laws.
I did found on Turk&cois that a supermarket was distributor of the gpo diazepam made in Guyana.
I did not call them to ask if they did shipments to Europe.

I don't know what the law on it is in Serbia, but people there have little to no trouble buying benzos over the counter.

587
Security / Re: Short and simple: how to prevent future hacks.
« on: August 08, 2013, 03:51 am »
Astor, can you please explain in what specific areas having a whonix VM is superior to tails+bridges? Also, on what OS are you able to have the whonix VM? Could one pad tails with whonix?

To the group: do you or do you not recommend VPNs? I had always assumed the general consensus was that these were the major layer protecting the user from their ISP. Either that or bridges, and quite frankly I don't like the bridge concept very much (trusting random IPs for so-called "secure" connection does not sit well with me, especially when anyone can start one). And now a mix operator? I have never even heard of the concept. We need to come to a consensus on a basic list of security features the average user should have, and an advanced list for users whose security is worth more to them. Personally, however I can improve  my security, I will do it. I would simply like everyone to agree on what is the most superior security option(s).

I think at the end of the day nobody wants to endorse any one particular option as if we all end up with the "best security" we end up with no security as LE only had to figure out how to crack one system.

I will endorse Qubes, Whonix and manual isolation with virtual machines. These techniques are the current cutting edge of computer security IMO. Some people will disagree, but thing is even if you had javascript enabled on a vulnerable version of the browser in a Windows VM, feds wouldn't have been able to pwn you if you had it isolated properly. Isolation is the final strong layer of security that keeps you safe when all else has failed, and not having it means that when all else fails you are fucked.

588
Silk Road discussion / Re: Security warning and advisory
« on: August 07, 2013, 12:32 pm »
Quote
to our knowledge it is near impossible for "viruses" to jump from one partition to the next on your hdd so keeping any programs(.exe files) that may be susceptible to downloading or installing viruses should be stored and run from a separate partition to your o/s,
does a "exploit" work in a similar manner and will only infect the partition it is run from?

Wrong, virus can spread to different partitions, no idea why you think otherwise. Virus can spread from one computer to another without even using the internet, via USB memory sticks etc, many old school virus spread via floppy drive. No clue where you got this totally incorrect idea from. Exploits are used to remotely make a computer execute a virus payload (usually, the other dude who apparently named himself after the captcha as well explained this in more detail).

Quote
this paired with encrypting all your drives and running tor from a encrypted portable hdd with nothing else on it would effectively be sandboxing and would be as safe to use for SR as a program like oracle to virtualize a operating system to sandbox in(linux) or tails, provided you keep up with tor updates and have it on the correct settings?

Wrong, that is not sandboxing at all, encrypted drive is mounted wont protect from this sort of attack at all but isolating in a virtual machine properly could and would in most cases, again you have no clue what you are talking about.

Quote
( both tails and linux are written in unix to our knowledge see below, we have also neglected to mention a few more security measures involving ISP that are quite hard to do with any other o/s other then windows,
as it is not mentioned on these forums this is for our own safety:).....)

Tails is based on Debian which is a Linux distro, Linux is a Unix like operating system, BSD family is actually Unix based. 

Quote
"backdoors" are also written in linux using unix syntax, this the first thing a hacker will learn to do,
so why use any system written in unix as most if not all hackers are extremely well versed in how these operating systems work,their flaws and how to get around them?

Unix is not a language that you write things in, there are various linux/unix shells that have scripting languages associated with them, Unix based operating systems are actually considered to be some of the most highly secured (OpenBSD, FreeBSD), Linux operating systems are generally thought to be pretty secure to highly secure as well, almost all attack payloads like this are written in some assembly language and then put into memory and made to execute via a vulnerability in an application (like a buffer overflow in a C program) that is exploited with something like javascript.

Quote
a viruses main purpose is to replicate itself yes, but it can only do this inside the partition it is infected with this is basic computing knowledge.....

What magic property of partitioning makes it so virus cannot spread from one partition to another? There is absolutely nothing that inherently prevents a virus from going to one partition to another, you would need to have some access controls to prevent it from spreading in such a way, or you would need to have real sandboxing, or something else. Saying that a virus cannot spread from one partition to another is about as honest as saying a human cannot jump over an object, it entirely depends on the object, and in many cases a virus will have no trouble infecting files in all partitions.

Quote
saying tails is written is in unix more like saying a novel and comic are both written in English do u have any concept of syntax? and how that works? because that statement just shows how little you really know about computing....

Saying tails is written in Unix is more like saying something that is retarded, tails is based on Debian and uses the Linux Kernel and is written almost exclusively in C, and Linux is a Unix like operating system it isn't really Unix.

Quote
linux and tails are both unix based systems and malicious programs are easily written with the terminal of the operating system so we would say as would anyone else with computing knowledge that u can indeed write "stuff" with unix..

Tails IS a Linux distro, and neither of them are really Unix based they are Unix like. Look at Wikipedia: BSD = Unix https://en.wikipedia.org/wiki/Berkeley_Software_Distribution , Linux = Unix Like https://en.wikipedia.org/wiki/Linux

This exploit was probably written in Emacs or Notepad++.

589
Silk Road discussion / Re: Security warning and advisory
« on: August 07, 2013, 12:16 pm »
to our knowledge it is near impossible for "viruses" to jump from one partition to the next on your hdd so keeping any programs(.exe files) that may be susceptible to downloading or installing viruses should be stored and run from a separate partition to your o/s,
does a "exploit" work in a similar manner and will only infect the partition it is run from?

That's total bullshit. Spreading to different drives and partitions is what virii have been capable of since the very beginning of virus coding. It was their only mechanism to replicate and spread as the internet didn't exist in its current form.
An exploit doesn't infect anything. It's just a way to run a program with privileges you actually don't have. What the program does is up to you. Doesn't matter if it's malware, starts the calculator or installs the latest version of minesweeper. It can do anything the exploited process can. Also replicate itself and run itself as a distinct process.

this paired with encrypting all your drives and running tor from a encrypted portable hdd with nothing else on it would effectively be sandboxing

If you run something from an encrypted hard drive doesn't make a difference because a) most encryption happens transparently and b) it will not be encrypted anyways once it's been loaded into memory.
Also do you actually know what sandboxing is and how it works?

and would be as safe to use for SR as a program like oracle to virtualize a operating system to sandbox in(linux) or tails, provided you keep up with tor updates and have it on the correct settings?

If copying something to an encrypted partition would be just as safe as using isolated virtual machines why would people put effort into developing things like tails?

( both tails and linux are written in unix

dude... really?... That's like saying "novels are written in comics"

we have also neglected to mention a few more security measures involving ISP that are quite hard to do with any other o/s other then windows,
as it is not mentioned on these forums this is for our own safety:).....)

Assuming you mean IPS:
I don't see in which way windows would make intrusion prevention easier than other operating systems.

"backdoors" are also written in linux using unix syntax, this the first thing a hacker will learn to do,
so why use any system written in unix as most if not all hackers are extremely well versed in how these operating systems work,their flaws and how to get around them?

A "backdoor" with what I assume you mean a trojan can be written in any language that is suitable for the system it's to be installed on. Again you can't write stuff "in unix".
Open source software will always be safer and most likely more frequently updated than closed source software as flaws in open source software are easier to find for everyone and thus easier to fix.

You don't know shit about what you're saying here, go to some place where you can actually hear people when they laugh at you.

you have not really explained anything here and are just having a go man....
a viruses main purpose is to replicate itself yes, but it can only do this inside the partition it is infected with this is basic computing knowledge.....
saying tails is written is in unix more like saying a novel and comic are both written in English do u have any concept of syntax? and how that works? because that statement just shows how little you really know about computing....
linux and tails are both unix based systems and malicious programs are easily written with the terminal of the operating system so we would say that u can indeed write "stuff" with unix..

And no i meant ISP internet service provider...... you my friend are a complete fuckwit maybe should consider what you are saying before you post.

You are either a troll or fucking retarded

590
Bitmessage is the only email-like messaging app that uses 256-bit ECC, but no one here except me seems to like it or use it. Too bad I guess.  :(

BitMessage has a lot of problems with it

591
Security / Re: Short and simple: how to prevent future hacks.
« on: August 07, 2013, 09:55 am »
I made another two posts about this, but I made a mistake and then took a lot of time to explain it and kind of messed my thread up, so let me give this one more shot.

Quote
This guy seems intent on finding a Tor covert channel http://www.informatik.uni-trier.de/~ley/pers/hd/l/Ling:Zhen which means they would stamp your traffic from a compromised host like the FH bust, then look for it at the ISP level after it passes the other hops. Since we live in a fully Orwellian surveillance state now this is entirely feasible.

Usually those sorts of attacks are called watermarking or tagging attacks (the source of my original confusion and mistake), but I see now that watermarking attacks actually use covert channels, so it is not incorrect to call them covert channel attacks. In any case, watermarking attacks are not particularly worrying because the attacker still needs to see the watermarked traffic at entry and exit. On the Tor network, and most other low latency networks (all implemented ones afaik), passive traffic correlation attacks can be used to accomplish everything that active traffic watermarking attacks accomplish. In the past Tor Project officials have expressed the belief that people focusing on watermarking attacks against Tor are often confused, as they are not really adding new capabilities to attack Tor (since all watermarking attacks are no more effective than passive correlation attacks against Tor traffic).

Quote
Consider tunneling your Tor traffic through Jondonym mixmaster servers.

You are a bit confused, mixmaster is a high latency E-mail specific network. JonDoNym routing nodes are called mixes, but this is hotly debated terminology (nobody else calls them mixes) because they don't actually do mixing (mixmaster routing nodes, on the other hand, do indeed engage in mixing). That said, yeah JonDoNym is often seen as a better solution than most VPN providers.

Quote
A covert channel would be impossible to follow unless they could gain cooperation of all the servers in 3 different countries. Your ISP would see a VPN connection to Germany not any Tor traffic.

Here you are misunderstanding the goal of a watermarking attack. The attacker does not need to follow the traffic flow, if they had to follow the traffic flow through all hops there would be no real point to a watermarking attack. Watermarking attacks are so that in a scenario such as this:

Alice - Node 1 - Node 2 - Node 3 - Node 4 - Node 5 - Node 6 - Node 7 - Destination

Node 1 can watermark the traffic, and then when it gets to node 7 the watermark can be extracted. This allows the attacker who owns node 1 and 7 to link Alice to her destination without having to observe the traffic as it passes from node 2 to node 6. The watermark can be seen as being sent through a covert channel from node 1 to node 7, which is why I now see that it isn't really incorrect to call these covert channel attacks (but I don't think I have ever heard them that before, almost always watermarking attacks). The thing is though that if the same attacker owns node 1 and 7, they don't even need to insert a watermark at node 1, because all of the low latency anonymity networks are already weak to passive traffic timing correlation attacks.

592
Most popular EC algorithms based on Elliptic Curve Discrete Logarithm, I wonder if a solution for non elliptic discrete logarithm would work for them as well.

593
does this fbi exsploit work with tails 19

No for two reasons, for one the browser in tails 19 is patched from it and for two it had a payload that only targeted Windows.

594
Security / Re: Short and simple: how to prevent future hacks.
« on: August 06, 2013, 01:58 pm »
I agree with all of your points other than 7. Use Tor for everything that can not be linked to your real identity (ie: don't use it for facebook). I also would kind of say that javascript is the problem. I know people like to argue that javascript is fine and dandy and the browser or whatever is at fault, and technically that is true, but it is also true that not having javascript enabled makes you way less vulnerable to hacking attacks like this. Javascript should always be disabled, it is required for a lot of browser hacks to work, disabling it automatically protects you from a lot of potential 0-day attacks.

595
Legal / Re: Countries where some drugs are legal
« on: August 06, 2013, 01:50 pm »
I never said all drug use is legal only personal use. But I guess in Czech Republic it can actually get you a small fine. But in Uruguay personal use is totally legal, they don't even have a single law on the books against it, tho it is up to a judge to decide if an amount was personal use or not.

It is illegal in Uruguay until it is voted on in Senate in October. At the end of the year the law will be updated.

In Czech Republic it is a small fine, like a parking ticket, and not a criminal offence but a civil matter. This is de facto legalisation or "decriminalisation" i.e. not criminalised. You are not a criminal for getting a parking ticket. You are not a criminal for getting a fine for having drugs in your possession in Czech.

I think you are confused about Uruguay. Personal use of all drugs is already legal there, as in it has no law against it at all. They are voting to make it legal for the government to *sell* weed as well as for people to *produce* weed. All personal use drug use in Uruguay is as legal as can be, as in has no law what-so-ever against it.

596
Uhm. USPI is in the business of busting people ordering drugs through the mail. Maybe you should read about them.

Quote
It's just you!

This did not happen. Total exaggeration from you.

Also the OP is 100% correct. There are a bunch of paranoid losers in the forums that spread TOTAL BULLSHIT and are always wrong....like Astor.
You not read the news or read about javascript hack? Go check Tor Blog they talk about it.

597
Are we sure that the only way to be exposed to the exploit is visiting an FH website while running a non-recent version of firefox/Tor on a Windows computer?

That seems way too specific for me to believe it.

Unless people who look up CP all use the same setup. It sounds like theyre just trying to round up the low hanging fruit because all of this is easily avoidable with even a modicum of electronic security.

It seems the vulnerability itself is exploited with javascript, so that is why only users with javascript enabled are affected. Who knows why they only targeted Windows, the same exploit works theoretically against Linux as well but the payload was analyzed and it makes several Windows specific OS calls and will not work on Linux. The attack is not a 0-day but rather an exploit that was published a little over a month ago, which explains why the most recent browser is not affected. It is entirely possible that they didn't want to release a 0-day for analysis, and most people using Tor are thought to be using outdated Browser Bundles on Windows. The attacker was probably pretty sure that whatever attack they used would be analyzed to hell and back by a shit ton of security researchers. Also, 0-day attacks are usually used for really really high priority targets, they are more likely to burn one of those on somebody who has like kidnapped a child and is holding them ransom, or a suspected terrorist, than they are somebody who is running even the biggest CP site in the world.

I would add, based on my reading of the exploit, that you would have had to visit the FH main onion address, the Tormail web site, and perhaps some specific CP sites hosted on FH. The exploit set a cookie and had to be run from each site you visited to update your Tor Browser cookies with a specific ID. I haven't seen any evidence that they served the exploit on all onion addresses that were hosted on FH.

I think the bigger issue for this community is all the intel they are going to gather from unencrypted Tormail messages.

To the best of my understanding they did indeed inject it into all sites hosted by freedom hosting.

598
It doesn't answer my question if a software firewall could have stopped the executable from accessing the internet.

it could have

599
What could they do, anyway?

You accessed a webpage that said "Down for maintenance".

Not a website that contained smut.

Surely, you can't get into trouble for accessing a webpage that contains nothing but "Down for maintenance", even if it was a CP website.

All they have evidence is that you accessed a webpage that had nothing on it when you accessed it.

In the past FBI has set up pages that had nothing at all on them, told people they were CP, and then busted any poor soul who happened upon them. They don't need to catch you in the act of having CP or distributing CP to be able to raid you for CP, at the very least they can make a good case against you for intent to possess CP. The thing to realize about CP is that in the process of loading a single CP page you have essentially broken a few hundred laws. Automatically you are guilty of at least attempt to download CP, attempt to transport CP, attempt to possess CP. If there are perhaps fifty images of naked 16 year olds on the page, for every one of those you will be charged and end up with 50 counts of downloading CP, 50 counts of possession of CP, 50 counts of transporting CP, 50 counts of viewing CP. If they really want to fuck you they will probably add 50 counts of importing CP and 50 counts of causing CP to cross state lines.nIf you used a proxy they will tack on evading the police, etc. If you use a proxy like Tor they might even triple your counts of transporting CP * 3 or * 6 to take into account each Tor node you caused CP to move through. Seriously, doing god damn anything with any amount of CP at all can be stretched out into hundreds of charges, it is absurd. Clicking a single wrong hyperlink and you can easily find that you are facing hundreds or even thousands of felony charges punishable by 5 years in prison each. Almost everybody who is fucked with CP in any context is facing a potential life sentence because of this. Now you are not likely to actually get a life sentence for a few reasons. The first is because the prosecution will drop 399 of your 400 charges if you plead guilty to 1 one of them, and there is an extremely high chance that you will do this, so you will only get 5 years maybe. But it depends on the type of CP you have, the amount you have, what you did with it, etc. The truth of the matter is that in 99% of CP cases, you WILL get whatever sentence the prosecutor and judge decide you deserve, and if you take it to a jury trial you will probably get life in prison. That is how CP works. In the vast majority of CP cases, you are facing 0 to life, and at the total mercy of the prosecution and judge. If you take it to a Jury trial you will probably get close to life. The USA has the harshest penalties for CP in the entire world out of all countries where any porn at all is legal.

Not only that but you will likely spend your time in prison being raped, beaten, tortured and generally degraded. Many people who take their case to a jury trial are sentenced to a life time of rape and torture. It is probably part of the reason why a large percentage of people arrested with CP end up killing themselves before it makes it to trial. That and the fact that even if the plead guilty and only serve a decade in prison, they will be registered sex offenders for the rest of their lives, none of their friends will like them anymore, they will be humiliated in their communities, forced to live in tiny ever shrinking zones to the point that eventually a lot of them just end up homeless living under bridges or in sex offender ghettos that are most similar to the ghettos the Nazis made the Jews live in. Nobody will hire them, they are banned from using the internet in many cases despite most of them being heavy to very heavy internet users prior to their arrest, they are humiliated publicly all the time, where ever they go, for the rest of their miserable lives.

Seems pretty fucking harsh for looking at some naked 16 year olds who are legal to fuck, but death to the nonces ahhhhhhhhh /me rips his eyes out and stomps on them screaming death to the pedophiles rolling around on the ground foaming at the mouth

600
Does anybody know if this was just in the past few days or could we have been exposed earlier?

I haven't logged into tormail for at least a month and def no other FH sites.  If I meet all the browser/java criteria could I have still been exposed that far back?
At least 2 weeks I have heard. But noone knows for sure.

I also want to say that there could have been another payload when the exploit was still undetected, as soon as the word spread they could have changed payload.
If you believe you might have exposed yourself earlier, wipe your comp and install a clean system with new encryption. It does not take much time and work to do it, and it's always better to take a few extra safety precautions then doing nothing.

Someone said they have put Tormail online again, and if you log in you can't log out properly. They might be fishing for people to decrypt their mails by logging in. So never visit tormail again.

Not likely to be more than one week.

Pages: 1 ... 38 39 [40] 41 42 ... 249