Silk Road forums

Well I can remember events visually, although not particularly well. I can solve simple math problems in my head purely visually. I can imagine 6 apples, then imagine them cut in half with half discarded and the other halves combined together into 3 full apples. That is thinking about division without using language. I have a much easier time thinking in language than I do visually though. Different people are different though, some people can think better visually than they can verbally. It is kind of hard to differentiate to some extent though, for example somebody thinking in sign language is thinking visually but they are still thinking with language. I guess you really need to precisely define what you mean by thinking and what you mean by language.

I hope you realize people don't need to trace you through Tor if you tell them the VPN you enter into Tor from

I think the primary thing that public school teaches is the importance of social hierarchy and politics. I had friends when I was homeschooled, but they were mostly the kids of my parents friends and all of them were also homeschooled (amazingly none of us were fundamentalist christians!). We acted like little adults compared to our public school peers, and we generally were quite accepting of each other. In public school kids act more like kids and there is much more competition for popularity and for social dominance. It is a culture shock to go from cooperating with your peers to ruthlessly competing with your peers, it is also a culture shock to go from having more adult like peers to having more child like peers. A simple example I can think of is how we would talk on instant messaging programs. I always typed my sentences out properly, capitalized and with punctuation marks ("What are you doing today?"). When I talked with my public school peers on instant messaging programs they were more like 'wut r u doin 2day' and I am sure they perceived me as fucking weird for writing properly. I wrote like an adult, they wrote like kids. I tried to be cooperative and they tried to be competitive. It took me a good while before I could adjust to this new environment. Now on the one hand you could argue that it is better for kids to act more mature and to come across as educated etc, but on the other hand you really miss out on having a more traditional childhood and you also don't learn the lessons of social hierarchy, social interaction and politics, and you may have a harder time to realize just how competitive the real world actually is.

Another huge thing I learned from public school is the importance of your appearance in how you are perceived. Wearing the right clothes became much more important to me, prior to attending public school I mostly just considered clothing to be things to wear, in public school clothing took on a totally different role and became something that defined who you are and broadcast it to the world. And that is an important lesson too, because even in the adult world the way you present yourself plays a big role in how you are perceived. When I was home schooled nobody ever taught me that, when I went to public school nobody taught it to me but it became readily apparent. When I was home schooled I wore generic shoes and a lot of generic polo shirts and button up shirts and khaki pants. Of course that didn't blend in *at all* with what people were wearing at public school, and clothes were really important socially at the school I went to anyway. So I started wearing brand name everything, a lot more tee shirts with brand name logos on them and jeans and basketball shoes.

I would probably have a better impression of home schooling if I went to public school for my earlier education and was home schooled for my later education. I would probably have a better impression of home school if I was in home school for all of my pre university education. But going from home school for my early education and then switching to public school for my later education left me overly prepared academically and under prepared socially (or perhaps I was overly prepared socially as well, depending on how you look at it. I certainly had no problems interacting with adults, but was awkward with my peers). The course work was boring (I was testing at an early high school level when I was in middle school, about three grades ahead) and I stopped doing it which led to me failing classes out of apathy rather than out of inability (I always scored high enough on tests to move up in grade levels, despite failing all of my classes due to general lack of participation), the social environment was abrasive and hard for me to navigate (and I spent most of my effort trying to navigate the social environment rather than doing course work that was below my level. Public school was almost entirely social education for me, learning how to fit in with regular kids).

Quote from: astor on June 13, 2013, 07:01 pm

I create a web site that isn't indexed by any search engines. I post the the link on this forum so only SR community members know about it. Like all web servers, mine records the IP address of everyone that accesses my site. I filter out the Tor exit nodes. Now I have a list of SR members' real IP addresses.

Astor can you clarify this for me...first of all...this is a hypothetical situation you are describing...correct...?

Now my confusion is about your use of "filtering" out tor exit nodes...what do you mean by that...?...I assume you just pick those out and set them aside...so that you are left with real IP addresses...?

That filtering out does not somehow imply that you can get the real IP address from those who accessed the site through tor...?...does it...?

Regards,

Topper...

You filter out proxy IP addresses and you are left with the IP addresses of everybody who opened the site in a regular browser because they were misled by the asinine ********************OH MY FUCKING GOD IT IS CLEARNET1111111!!!!!oneoeneonegrejgje89gj8349gj8934jgu34jg8u34jg8u3*************************** warnings

But it can't be; here's their description of hidden services:

Quote from: Section III

The Tor hidden service architecture:
1. Internet service which is available as Tor hidden service;
2. Client, which wants to access hidden service;
3. Introduction Points, tor relays chosen by the hidden service and which are used for forwarding management cells necessary to connect the Client and the Hidden Service at the Rendezvous point;
4. Hidden Service directories (HSDir): Tor relays at which the hidden service publishes its descriptors and which are communicated by clients in order to learn the address of the hidden service's introduction points;
5. Rendezvous point (RP): a Tor relay chosen by the client which is used to forward all the data between the client and the hidden service.

That's... not, quite accurate.  It's leaving out guards, which is what had me thinking it was the protocol before their introduction.  But sure, maybe they skimmed over it (or I missed it in my own skimming).  But further on, they clearly state:

Notice that they left out the entire Tor circuit, I assume because they imagine we have a basic idea of how Tor works, but might not know the intricate details of the hidden service specific algorithms.

Quote from: Section III

In order to establish a connection to a given hidden service Alice's OP [note: onion proxy] first builds a rendezvous circuit (step 4).  It does this by establishing a circ uit to a randomly chosen Tor relay (OR)  [note: onion router], and sending a RELAY_COMMAND_ESTABLISH_RENDEZVOUS cell to that OR.  The body of that cell contains a Rendezvous cookie (RC).  The rendezvous cookie is an arbitrary 20-byte value, chosen randomly by Alice's OP... ... ... Alice builds a separate circuit to one of Bob's chosen introduction points, and sends it a RELAY_COMMAND_INTRODUCE1 cell containing the IP address and the fingerprint of the rendezvous point, the hash of the public key of the hidden service (PK_ID), and the rendezvous cookie (step 5).

If the introduction point recognizes PK_ID as the public key of a hidden service it serves, it sends the body of the cell in a new RELAY_COMMAND_INTRODUCE2 cell down the corrsponding circuit (step 6).

When Bob's OP receives the RELAY_COMMAND_INTRODUCE2 cell, it decrypts it using the private key of the corresponding hidden service and extracts the rendezvous point's nickname as well as the rendezvous cookie.

Sure, that's all well and good... except they STILL haven't mentioned the fucking guards?  It's like they're analyzing the network before guards were introduced.  Now in fairness they go on to talk about them when detailing their next attack, but there's weirdness there.  Before skipping to VI A though, this line in V A caught my eye:

They probably have not mentioned guards yet because so far they are completely irrelevant to what they are discussing, which is the hidden service protocol. All of the circuits utilized make use of guard nodes, but there isn't any particular reason for them to point this out yet.

Quote from: Section V A

Just like any Tor client, an attacker is able to compute the descriptor IDs of the hidden service for any moment in the future and find the fingerprints of expected responsible HS directories.  After that she can compute the private/public key pairs so that SHA-1 hash of the public keys would be in-between the descriptor ID and the fingerprint of the first responsible hidden service directory.  The attacker then runs Tor relays with the computer public/private key pairs and waits for 25 hours until they obtain the HSDir flag.

I thought you could only calculate the descriptor IDs 24 hours in advance, but whatever, skipping that: how can this be possible at all, since even assuming they get to the point of impersonating the HSDirs in question due to the properties of the distributed hash table... they still won't have the private key for those servers that the 6 (is it 6?) authoritative directories will be checking for, and so will be ignored anyway?

They are not impersonating hidden service directories, they are making it so that they are selected as the hidden service directories. 

Last bit I actually skimmed; I'm sick of quoting this paper, but again:

Quote from: Section VI A

In order to confirm that an attacker controls a guard node of a hidden service she needs to control at least one more Tor non-exit relay.  In the attack, the hidden service is forced to establish rendezvous circuits to the rendezvous point controlled by the attacker.
...
If all the conditions are satisfied, the attacker decides that her guard node was chosen for the hidden service's rendezvous circuit and marks the previous node in the circuit as the origin of the hidden service.

I skipped over some stuff because I"m tired, but I don't understand how this is possible, unless you're running Tor over Tor...?  How can a guard ever be chosen as an introduction point for a hidden service -- the guard knows what hidden service it's a guard for, why in God's name would it blindly say "sure, I'll be the rendezvous point for my pal there!" 

This is a slight modification to the attack from 2006 that caused guard nodes to be introduced in the first place, essentially they are saying that if they are selected as the hidden services guard node they can deanonymize the hidden service by making it open a circuit to their malicious rendezvous node (which actually isn't even required, since they can just be the client, which is in itself enough for 1/2 of a timing attack). It doesn't say anything about introduction points.

I still have not read this paper but it seems that they are talking about two different attacks. One attack works to censor the hidden service, and also to position yourself for 1/2 of a timing attack against the hidden service and/or its clients, but the other attack is for enumeration of all hidden service .onion addresses, which can then be used in combination with the 2006 attack to deanonymize some percentage of the identified hidden services. In the 2006 attack they brute force circuits by making the server open new circuits to rendezvous node until they own its entry node, in this attack they 'brute enumerate' hidden services in the hopes that they own some of their entry guards.

Quote from: psychedelicmind on June 13, 2013, 11:38 am

Good read.

If we're not buying drugs on Silk Road in 5 years, like the author states, i'd be very surprised

What the author is saying is there will be better alternatives and SR will be left behind if they don't innovate.  It's the natural progression for many market originators who enjoy a monopoly for a long time.

I can tell you that there are a lot of people thinking of ways to completely decentralize online marketplaces. It is a technically challenging endeavor to say the least, but I wouldn't be surprised if in five years there is a massive, leaderless and fully decentralized marketplace. Of course anything would be available, it wouldn't be drug oriented, but drugs would be on the list of available items. I will be surprised if in five years we are not using something based on Bitcoin, but I will also be surprised if in five years we are still using a centralized marketplace.

I wonder if people who are born deaf ever vocalize in their minds. I mean, just because they cannot hear doesn't mean they cannot think sounds, it is just that the sounds they think will not be related to the sounds of any language. Or maybe since they never hear any sound their brains are incapable of imagining a sound, and they cannot talk to themselves even in a language they make up.

Once I got a batch of 'ketamine' that produced extremely mild psychedelic effects, and that was impossible to k hole on. The most pronounced effect was a total numbing of my tongue and throat. It was not very pleasant. I complained to the vendor, who is a friend of mine, and he said that he actually had been scammed on a kilo of ketamine and it was some other drug related to ketamine but not actually ketamine. I want to say norketamine but I cannot remember with certainty what it was called. Anyway he refunded me and eventually gave me some real ketamine. Hearing your report of throat and tongue numbing reminded me of that, but it seems that you got decent psychedelic effects still. When I got that bunk ketamine it was like 98% numbness 2% trippy.