Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 78 79 [80] 81 82 ... 249
1186
Security / Re: Is Ddoss even possible on tor?
« on: May 07, 2013, 10:45 am »
For the billionth time, DDoS and DoS are both possible against Tor hidden services. Not only can the actual hidden service be DDoSed by a botnet with http spam, but there are also Tor specific attacks that can be carried out. For one DDoSing introduction nodes leads to the hidden service they introduce for being unreachable, for two if the attacker traces to guard nodes they can DDoS them directly. Anybody who says it is impossible to DoS or DDoS hidden services clearly it not very read up on how connections to hidden services work.

1187
Security / Re: Socks5? Can someone please explain to me....
« on: May 03, 2013, 04:54 pm »
I will implement SOCKS5 for you for the low price of $100 !

just kiddng. SOCKS5 is a protocol. It can be implemented by anyone for free, in most programming languages. Your question really doesn't make a whole lot of sense. Most commonly SOCKS5 is used for connecting to a proxy that supports it. You can either use an application that is natively SOCKS aware, like firefox, pidgin, etc, or you can use an 'in between' proxy that can translate to SOCKS. For example, Polipo is an HTTP proxy that is SOCKS aware.

Your question could be interpreted to mean you want to actually implement SOCKS5, ie: make code that can be inserted into programs to make them SOCKS aware. You can do this for free, you just need to know how to program and read the specification! Or it could be interpreted to mean you want help configuring Pidgin with Tor. Or it could be interpreted to mean you want to make another persons program route through a SOCKS proxy without modifying the code. You really need to clarify.


1188
Newbie discussion / Re: Recent FUD about Atlantis on Silk Road
« on: May 03, 2013, 01:12 pm »
Quote from: p01yt0x on May 03, 2013, 10:12 am
well thats hard, you made so much work with the copy of the idea and now noone's using it?

Just FYI, the first online drug market similar to SR was The Farmers Market, and it predated it by several years. Counting smaller private drug trading platforms, online groups go back to the late 90s at least.

1189
Newbie discussion / Re: Odds of actually getting caught?
« on: May 03, 2013, 07:31 am »
straight out of my ass, assuming decent packaging, no bad practices (like checking tracking with Tor) and not massive weights, I would guess that the chances of a domestic interception are about 1:10,000 and for international probably more like 1:100 .

1190
Philosophy, Economics and Justice / Re: Which country has the most freedom?
« on: May 03, 2013, 07:22 am »
Quote from: jpinkman on February 18, 2013, 01:14 pm
Quote from: The Scientist on February 18, 2013, 04:38 am
i agree with you on everything, except the last paragraph. as i understand, the reason blacks are more likely to be in jail in the US  is because they commit more crimes than other groups; just as whites are more likely to be incarcerated compared with Asians - simply because white people are more prone to crime than asians. (I am not suggesting a racial proclivity to crime; tbe differing crime rates may be due to social and economic factors; but it doesn't seem to be due to institutional white racism.)

Socioeconomics will always play a supporting role, but to deny racism as the undisputed star behind the ridiculously lopsided incarceration rates ... well I think the empirical evidence clearly shows otherwise. Research has documented gaping disparities in treatment of blacks throughout the system starting from unequal enforcement on down to unequal sentencing. Whether the racism is "institutional" is a bit harder to pin down since its been made intentionally nebulous by design. But the reality is racism still pervades these institutions in practice even if it's supposed to be rid of Jim Crow in theory.

So let's start with how blacks are generally presumed guilty and subjected to far harsher treatment by LE than other racial groups. For instance, studies have shown they're much more likely to get pulled over and their vehicles searched even after adjusting for socioeconomic factors. The disparity of their treatment by LE has been so pervasive even that the DoJ had to step in with a number of local LEA's around the country for flagrant civil rights violations. LAPD and NOPD serve as prolific examples of institutional racism that have become commonplace in big city LEAs nationwide.

All the empirical data collected has concluded that all racial groups buy and sell drugs at the same rate. Not that blacks are somehow more prone to distribution and consumption of illegal narcotics. Yet somehow LE agencies disproportionately target blacks and black neighborhoods in their WoD. Why? This can be partially explained by socioeconomics. But it doesn't account for all of it. And do you need me to tell you how racist the crack laws on the books were and still are? In 2010 they were changed so that instead of sentencing at 100 times the severity than if a person were caught with the equivalent amount of coke in their possession, it's now only 18 times the severity. What a relief huh? So with such fucked up racist laws on the books, can you really say with a straight face that courts treat the inner city slinger to the same punishments as the suburban yayo dealer? The larger populations of black dealers languishing in prison received much stiffer sentences not because they commit "more crimes", nor is it because there are more black dealers than any other race. It's because they're doing 15-25 years for selling crack.

And don't get me started on the overwhelming evidence that shows the biggest indicator in determining whether a defendant will be given the death sentence in sentencing is the race of the defendant if the victim is white. A premium is placed on white life in this regard by the human juries in the "system".

Totally agree and this was my first thought as well. The cocaine - crack disparity is all anyone needs to know to realize that there is a prejudice against blacks that results in more of them being incarcerated. When black people essentially get 25 years in prison for the black person version of a drug that white people get a few months or years for, of course they are going to pile up in the prisons. It is also a poor - rich thing though, because even more so than being a black drug, crack is a poor drug.

1191
Security / Re: How to stop the DOS attack
« on: May 01, 2013, 08:11 am »
Quote from: goblin on April 30, 2013, 08:15 pm
This suggestion about using I2P is not in my opinion a starter, as it is much more difficult to get regular non-computer savvy people to make a go of it. It's one thing to download and install tor but just try to get them to install I2P, making sure all is going as it should. It's much harder.

My opinion anyway.

I2P is entirely out of the question anyway. Vendors leak their rough geolocation and I2P by default reveals the IP addresses of all users (just makes it hard to tell what the IP addresses are doing through I2P). It is not compatible with our threat model.

1192
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 04:36 pm »
Quote from: dbelle on April 30, 2013, 03:18 pm
OK that shines a slightly different light on things then.
The server out of resources error must be coming from the SR server and not the Introduction node as we thought earlier. The circuit to SR is definitely open and with the debug logging on I am sure that no request is being sent to the Introduction node. Could Apache crashing make tor report that error do you think?

If the circuit to SR is open that means that you see streams underneath a set of three nodes in vidalia.

node1,node2,node3
.
.
...dkn255hz262ypmii.onion:80 connecting

that is what an open circuit to the SR forums looks like in Vidalia, but the stream is not open it is connecting. If the stream fails to connect it will look like this

node1,node2,node3
.
.
...dkn255hz262ypmii.onion:80 closed

and then like this

node1,node2,node3

in this case, node1,node2,node3 is still an open circuit to the hidden service for a while, because if you hit refresh it will look like this again, with the same set of nodes:

node1,node2,node3
.
.
...dkn255hz262ypmii.onion:80 connecting

if you don't hit refresh for a good deal of time, it will attempt to do the introduction step again, and if it does this then a new circuit will be established that uses a different set of nodes.

1193
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 02:59 pm »
And the web server crashing will cause the open streams to close, and new streams to fail to connect in the first place. But the actual circuit is not to Apache, it is to Tor, and it will stay open even if there is nothing listening to the traffic after Tor redirects it to a port after receiving it. For the actual circuit to abruptly close, it would mean that the remote instance of Tor crashed, Apache crashing will cause the streams to abruptly close but not the circuit. 

1194
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 02:55 pm »
Quote from: dbelle on April 30, 2013, 02:43 pm
It seems that way astor.

Forgive me if I am mistaken, my understanding was that if the rendevous circuit that is established after intro is broken or closed that any new circuit to that server would then have to go through the introduction stage again.
Thats certainly what my client is doing and is what I understood from reading the protocol spec.

Be interested to know :)

Yes you are correct but there is a difference between a circuit and the streams that are routed through the circuit. In vidalia you can see the circuit as the series of three node names, and the streams are underneath the circuits and look like this : dkn255hz262ypmii.onion:80 open (or connecting, or closed). If the circuit that is established is broken or closed, then you need to go through the introduction stage again. But if the streams are broken or closed or never open, the circuit stays open until it is inactive for a period of time. By opening new streams through the circuit, you make the circuit active again, even if the streams going through it never connect.

1195
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 02:18 pm »
Quote
Those are the baseline ones I was talking about, the 3 hop circuits that it always keeps open and rotates every times minutes.

I mean the circuit to the hidden service through the rendezvous node. After that is established, it will stay open for about ten minutes of inactivity before you need to establish a new circuit to it and use the introduction nodes again.

Quote
Right, you're sending data through it. How often did you do that?

Well I have finally managed to get yet another circuit to the market. I will send more data through it right now. It is still connected, tries to open streams but they go from connecting to closed. Now I will wait a few minutes. Three minutes later I try again, and the circuit from before is still open, and the streams go from connecting to closed again. I waited another couple of minutes and this time I loaded the maintenance page, although immediately after I tried again and it went from connecting to closed. Now it keeps going from connecting to closed, but on the same circuit as before. I manually closed the circuit and try again, and now it fails to establish a circuit after multiple refreshes.

For another test I made a hidden service that redirects traffic to a port with nothing listening on it. A circuit is established to the hidden service, but of course the streams go immediately from connecting to closed. I will wait five minutes and try again. Yep, it is still using the same circuit, and the streams go from connecting to closed again. I closed the circuit and tried to connect again. New circuit is used of course, and established without any trouble because the introduction nodes are not under attack. The same behavior as before, a circuit is established but all of the streams go from connecting to closed.

1196
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 01:51 pm »
Quote from: astor on April 30, 2013, 01:45 pm
Tor is not going to keep empty circuits open other than the baseline ones it always keeps open.

Sure it will. Otherwise it would close a circuit as soon as a page is done being loaded. It keeps an established but inactive circuit open for about ten minutes before discarding it. You can prolong the life of the circuit by trying to open streams through it, even if the streams fail to connect it resets the remaining time to keep the circuit open. I was able to indefinitely keep the circuit to the market open despite never being able to establish an open stream through it, but after manually closing the circuit I wasn't able to establish another one, likely because the introduction nodes are being pwnt.

1197
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 01:42 pm »
Quote from: astor on April 30, 2013, 01:36 pm
If the actual service goes down, like the web server, then a TCP connection won't be formed and the circuit will (or should) be killed.

Nah, the circuit is to Tor and is entirely independent of the web server. If the web server goes down the circuit will still be just fine, but all the streams going through it will go from connected to closed.

1198
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 01:34 pm »
Quote from: bbbaac on April 30, 2013, 01:30 pm
yeah we gotta do em in like the cartels did... there family see their head on the 5 o clock and the rest of their body on the 6 o clock news.

probably scare off future attacks too ahaa

ahahahahahhhahahahahahahahahahahahahahahhahahahahahahahahahahahahahahahahahahahahhhahahahahahahahhahahahaha
no wait just kidding.

1199
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 01:31 pm »
I finally managed to establish a circuit to the market and it looks like Apache crashed, same as the forums did last night (circuit is open, streams through it fail). I wonder if the people establishing connections DO maintain their circuit through the rendezvous node, but Apache keeps crashing and coming back up, giving the impression that the circuit is failing when it is actually just Apache crashing. I have been maintaining my open circuit for several minutes now, but it took me like an hour of hitting refresh periodically before I was introduced. Of course the site looks like it is down, but it is likely because Apache has crashed because the circuit remains open.

1200
Security / Re: How to stop the DOS attack
« on: April 30, 2013, 01:27 pm »
Quote from: dbelle on April 30, 2013, 01:13 pm
Another thing that doesn't quite add up is in theory once you have got the introduction node to introduce you to the hidden service tor should build a seperate circuit for communication between client/server and the introduction circuit is discarded. This is obviously happening as we can occasionally connect. Whats a little odd though is that subsequent connections within a specified time period should reuse the previously created circuit. This is not happening.

Yeah after that the connections should be through the rendezvous node, and the successfully opened circuit should stay good for a decent period of time.

Pages: 1 ... 78 79 [80] 81 82 ... 249