Silk Road forums

If I use a different neighbors router each time, would they be able to trace me from a spectrum analyzer?

For example: I connect to house A which is 1.5 miles away. The LE set up there. I then connect to house B which is 1.75 miles away in the same direction.

Would they be able to grab that signal and trace it back to me, and if they did that, they would have to be monitoring my end node also to see what I am doing

But, the only way they would set up one of thse analyzers is if they get the go ahead from the NSA to find out who is using whichever wifi.

I suggest you read about the carder iceman I think his name was. He liked using WiFi from hotels and such as one of his primary sources of anonymity. By the time the police were narrowing in on him, they saw that the IP addresses used by him all came from the same neighborhood. He was at this point hopping between wireless access points, from his house. The police simply went to that neighborhood with spectrum analyzers and they were able to pinpoint him and kick his door in etc. So hoping between different neighbors wireless is not going to save the day if the police are after you. To get the most from WiFi anonymity you need to always be using a different hotspot, but then there are attacks like okay let's pull all the data from the license plate cameras and see if any of these connections we traced back to hotspots correlate with a specific car in the area, or let's pull the list of all people registered at these hotels and intersect them. So even when it used properly, over time WiFi based anonymity can fail you. A single session traced to a single hotel, they are not going to have luck. Multiple sessions to multiple hotels? Okay they might have luck. You would think that being anonymous rather than pseudonymous would help, and in some cases it might, but there is still pattern left to analyze. Okay we traced some suspect to this hotel in this area doing something like downloading CP for ease of example. Okay this happened again in the same area, let's do intersection attack and see if there is anybody to be suspicious of. The technical trace fails but a suspect can still emerge from the crowd.

I have an idea, it is very likely not original but I have never read about it before. The problem is that Alice wants to ask Bob if he has a certain item in his database, but Alice doesn't want Bob to know what she is interested in. The solution is for Bob to run a bloom filter, adding items as normal. When Alice does membership query, she already knows the hash of the item she is interested in, and she knows the parameters of Bobs bloom filter. So Alice needs to do PIR to get each bit from the bloom filter where it will be set to 1 or 0 (1 for all if the item is in the database, probabilistically). So this is really cool but for it to be really really cool it needs a low bandwidth single bit PIR (not sequential block PIR). I only know one PIR scheme really well (the Pynchon Gate PIR), and it would work for this but it would be even worse than simply sending Alice the entire database (Since Alice's query size grows by 1 bit for each message in the database, and in this case each message is 1 bit). Does anyone know a good PIR protocol that would work well with this for low bandwidth anonymous membership query?

If LE trace up to an access point that you are no longer using, and it has only  your spoofed MAC address, the trace is essentially dead. They will never directly tie that connection to you, in the vast majority of cases. The problem is that if the police have traced up to your neighbors house, it is very simple for them to set up shop with spectrum analyzers. While you are connected to a hotspot you send and receive signals. Receive is fine and cannot be traced, send is where the problem is. Something that is sending a WiFi signal can be pinpointed very quickly with the right equipment. When the thing stops transmitting a signal, the trace can no longer continue. So if you use a random persons internet from a park that you go to one time with a spoofed mac address, and you leave before the cops come, not even the NSA is likely going to be able to determine that *you* are the one who used the access point at the time it comes into question. If you set up shop in the park for months on end, or get in any sort of pattern, that is where the attacks come from. If you always use your neighbors internet for illegal shit, yeah the trace will first go to your neigbhor but it will only be a short amount of time before it goes to you from there. Another thing is that even if the trace is at a technical dead end, there are other things to take into consideration. Perhaps the trace goes to a hotel, from that point on it is dead, it could have been anyone at the hotel at that time. Okay, but then you have this same thing happen to five different hotels, and now the FBI does an intersection attack of the people registered at the hotels at that time and your name pops out. they didn't technically trace you but they did trace up to the hotel that you were at multiple times, and saw you are by far the most likely suspect (I guess you should have registered the room with a new fake ID each time, preferably not from celtic !).

Usually people leave their router password at a default setting and you can take full remote control of the wireless router. I have done this in the past to erase MAC address logs. Hell some routers you can even completely root remotely, it is very very rare for people to have a password on their router and if they do it is almost always the default for the model.

VOTES! The politicians where just doing what the voters where telling them to when they started the drug war. That doesn't mean it was right. Majority rule is not fair or just. Its ninety-nine wolves and one sheep deciding what to eat for dinner. The scenario I described about the drug regulator wasn't a example of corruption but one in which it is in his best interest to serve the seen over the unseen. Everybody will see the flipper babies and everyone will demand that someone be held responsible for approving the drug. When the regulator errors on the side of caution the only people he hurts are all the people dying from the disease without the drug and of course the drug company's workers and shareholders. Those that do harm by producing a bad drug may be sued for damages in class action suits and I think that's about all the rules you really need. As for the other departments of government you could make a case for environment and defense but I think everything else is unnecessary and harmful.

Actually it is incorrect to think that the politicians were just doing what the voters told them to do. That is an extremely superficial understanding of the war on drugs. In reality first propaganda was distributed, in the case of marijuana in particular the government had to be creative as people already knew about cannabis and thought it was fine. So they started to call it marijuana and demonize it, and people who were just fine with cannabis were then terrified of this new Mexican drug called marijuana, so it isn't like they really told the politicians to make cannabis illegal but rather they were tricked into accepting that marijuana was to be made illegal. In the case of the synthetic designer drugs in particular, less than 1% of the population even know about the majority of the ones that have been made illegal, so it isn't like they have had any say in making particular designer drugs illegal. It is bullshit to absolve the government of responsibility for starting the war on drugs and keeping it going, because in reality it was not something that was started by the masses and it is not something that would be kept going by the masses if they actually knew the truth about drug prohibition and drugs. Your notion of freedom and democracy is an illusion.

It makes a big difference in use cases. We will never attend key signing parties. We don't upload our keys to key servers. The web of trust as envisioned by the PGP developers doesn't work here.

Yeah that is true. We use GPG significantly differently than many others do.

Tails takes care of this problem but there are other solutions as well. I think isolation of the working environment from Tor and external IP address is an even better solution. And then there are things like Qubes that let you automatically open files in untrusted virtual machines without internet access.