1872
« on: October 21, 2012, 06:33 pm »
What this article tells me is that we really need to step up our security because we are going to be getting some more tech savvy LE trying to attack us. The most important step to take right now imo is for DPR to configure the server to use Tor via Tor so that it gets layered entry guards. Until the Tor people add layered entry guards by default it needs to be done manually. People greatly over estimate Tors ability to keep a server anonymous, this is fact. A large increase to anonymity is provided by having the hidden service use two instances of Tor, a hidden service instance and a client instance. This protects from a very serious attack and greatly increases anonymity for both the client and the hidden server.
Second we need to seriously look into isolation techniques. Running the web server in a virtual machine that only knows an internal IP address is probably a good idea, even better would be to use a dedicated Tor server and then the server for everything else connected to it and forced to route everything through it. Using the virtual machine technique has advantages and disadvantages, primarily the advantage is that it is easier to configure and the disadvantage is that it increases an attackers ability to pwn the web server in the first place (but decreases their ability to get the servers IP address after having rooted the server). The two physical servers solution has all the advantages of the virtual machine solution and the only disadvantage it has is the difficulty of configuring it (particularly remotely).
Vendors should also be concerned with isolation of web browsers and other network facing applications from their external IP addresses. This can be achieved in the same way as it is for servers, either with virtual machines or with two+ dedicated hardware machines. The advantages and disadvantages stay the same. People also need to make sure that they are hardening their browsers. First and foremost it is highly suggested that you either use the TBB (which unfortunately doesn't allow for easy isolation) or that you manually compile the browser from the bundle yourself (which unfortunately is a pain in the ass to do). Tor Browser has been hardened from various attacks and it is the only browser that is considered secure to use by the Tor developers. Additionally, I suggest entirely disabling javascript and leaving it off, or at least using NoScript or similar.
Of course you need to learn how to use GPG and start using it to send your address if you have not yet. Indeed, the more messages you encrypt the better, you should encrypt as much as possible. You should encrypt your full hard drive if you have not yet, for SWAP have it encrypted with a temporary random key if you need SWAP. Another technique that has some security benefits is to boot off a live CD without a hard drive, but I personally think it is better to have a proper persistent configuration (live CD's that I am aware of are not configured in such a way as to give you the most security possible).
Cash in anonymously when you obtain bitcoins, and then mix them as well. Mix bitcoins before you cash out, and cash out anonymously as well.
Avoid using shitty operating systems like Windows. Look into a security oriented distro of Linux, and I do not mean tails or liberte but rather actually installing and configuring Gentoo or something. OpenBSD isn't linux but it is nice. FreeBSD is nice also but it lacks ASLR so meh. The primary thing to be concerned with is minimalism.The less crap you have running on your box the less attack surface there is for an exploit to pwn you.
We really need to make sure that our security (of both the server / site and the individuals using it) stays tip top because we can expect to see increasingly skilled law enforcement trying to compromise us. Right now we largely have the advantage over them, but let's not get complacent and lose our edge.