Silk Road forums

You know I'm sorry guys, but telling a 15yr old (if that's true anyways) to do the research and be responsible about it is just broken and overshadowed by libertarian bias that displaces reality.

One of the biggest hallmarks, trademarks, traits whatever you wanna call it of the developing, pubescent brain is a marked incapability to properly evaluate risk and consequence.

So kiddo, if you are who you claim, give yourself time, there's no rush. Wait a few years until all the hormonal craziness of puberty is over or at least toning down. You say you are smart, then stay smart and give your brain the time it needs to develop a well defined personality. Then you can go and start meddling with your mind.

I starting using drugs when I was 14 and I always thoroughly researched everything before I took it and practiced as much harm reduction as I do now. Not all teenagers are dumbasses you know.

Would it be encouraged to use the Linux version of TBB on Liberte instead of Epiphany?

Yes. The Tor people actually strongly discourage the use of anything other than TBB, or the Tor FF Browser compiled independently of it. It uses a modified version of Firefox that has been hardened against anonymity compromising vulnerabilities.

I still advocate for air gaps they are an insanely powerful security technique. If your plaintexts / private keys / passphrases are never exposed to the internet then you don't have very much to worry about malware. You also do not need to type over every character, you can use disposable one time use media such as a CD to copy over from the machine without internet connection to the machine with internet connection, the only copying you need to do is to bring public keys from the internet connected machine to the isolated by air machine, as if you expose it to a CD that has been exposed to the internet it could be bugged and transmit back via the CD you use to transfer ciphertexts from it.

Using a live CD is not particularly helpful against malware, sure it protects from persistent malware but it doesn't do shit to stop an attacker from deanonymizing you or temporarily being able to eavesdrop on your keystrokes.  A live USB could even have persistent malware installed to it. The best solution is to layer isolation I believe, I am thinking that SElinux is the way to go about this. Of course making sure that you are taking full advantage of ASLR , and hardening your OS and browser, will also go a long way towards protecting you from malware.

scanned my system with the ESSET Online scanner as well as my system scanner which showed no results for any malware.

The thing to keep in mind about virus scanners is that they are a complete joke and if any half skilled attacker wants to they can circumvent them with a targeted payload that is not released into the wild. Making a virus that is not detected by any anti-virus software is a fairly trivial task, and you can easily confirm when your virus has reached such a state by running anti virus products against it until it becomes undetectable. Ninety nine out of a hundred times an anti virus program is not going to be able to detect a targeted payload that has not been released into the wild for the anti virus people to be able to get a copy of it. Also the first thing a good virus does is disable your anti viruses ability to detect it, so even if the anti virus company does end up protecting from a virus, it isn't likely to do you much good if you have already been infected.

I agree it's important, but at the same time it's a last resort defense, your primary defense should be your anonymity

Anonymity doesn't protect you from malware (generally speaking, although in some cases it can make life harder for an attacker), and malware can deanonymize you. I imagine you have heard of CIPAV?? You can use the best encryption algorithms in the world and the best anonymity network around and it is all going to do jack shit to protect your plaintexts or identity if an attacker roots you. Having strong data and location security without strong defenses from malware is similar to having a fortified door with an open window next to it.

In order to compromise a machine, they first need to know where it lives.

This is 110% wrong. In fact, they can find where a machine lives by compromising it. An attacker who manages to root SR and finds a multi-platform exploit for firefox could theoretically take over the computers of everyone using firefox to surf SR, by for example adding malicious javascript to it that exploits a vulnerability in firefox to take over its permissions, which (in most configurations) includes the ability to stop routing through Tor and deanonymize you, and very likely to spy on your plaintexts prior to encrypting them with GPG (through lack of isolation in X for example). In practice it might be more difficult for them to simultaneously pwn every single person here, because some might be using different browsers, some may have javascript turned off, some may be protected by default OS features like ASLR, etc...but it is entirely possible in theory for such an attack to be carried out. So far such things seem like they are far more common for intelligence agencies to do than police forces though.

This is not specifically about Silk Road, and more about TOR in general, and I'm really just looking for some confirmation of something I already think I understand.

Am I correct in saying that with the way TOR traffic is structured and sent around the network, if your ISP is keeping track of your data usage they would at best only know that you are connecting to TOR, and not what you are looking at exactly? I ask because there are proposed laws in at least one western country which will make all ISPs record all users traffic for the purpose of stopping cybercrime. So I guess it does relate back to Silk Road, but I'm more interested in my own privacy in this case.

Sorry if this seems obvious, but I basically want to make sure my understanding is correct (or have it corrected if it isn't already.)

That is what Tor attempts to achieve, however there are several scenarios in which it may not actually work out like that. For example, if you use Tor to browse a website that is hosted by the same ISP you use, your ISP would be able to tell you are visiting that website, if they have the proper equipment and such installed anyway. Tor is pretty damn good at giving anonymity, but it actually does not prevent an attacker who can see your traffic at two different locations from linking the traffic together as being the same. This is only a huge concern if the attacker can see the traffic originate at you and end at the destination server you are sending it to though. Tor anonymity comes entirely from having a big and widely dispersed network, preventing an attacker from watching enough of the network to have a high probability of seeing your traffic at two different locations on its route from you to the server that you communicate with. However, an attacker who owns enough high bandwidth Tor nodes or who can place a few well positioned wiretaps on networks that have a lot of Tor nodes, can still deanonymize Tor users. So in summary, Tor does an excellent job of providing anonymity from attackers who add a dozen or two high bandwidth nodes to the network, or who watch traffic at a few small ISP's, but as attackers get more powerful than this it does indeed start to increasingly fail in proportion to how much of the network a given attacker can watch.

I am not dead. I also no longer suggest that you use virtual machines in this way. Yes, it is a huge benefit to have firefox isolated away from Tor and external IP addresses. However, virtual machines are much easier to pwn than operating systems running on real hardware. If your virtual machine is easy to pwn, the attacker will just hack it and spy on your address as plaintext to deanonymize you, rather than breaking out of the VM after pwning firefox and getting your IP address to deanonymize you. And most people who are using virtual machines are not even using them in a way that offers any real security advantage, they are just running Tor and everything else in one VM. Xen seems better in some ways than virtualbox, it is used by Qubes after all and I do not think the person who made Qubes has no idea what they are doing, although Theo of OpenBSD fame and some other security researchers have said less than favorable things about the technique of isolating with virtual machines. However, even if the isolation by Xen approach is not inherently flawed, Xen lacks ASLR so even if it is less additionally vulnerable to being hacked than virtual box, you are still not going to be able to take advantage of all of the security of using real hardware. So in general, I believe in the majority of cases virtual machines should simply be entirely avoided. The only exception I would maybe make to this is using jails from FreeBSD.

Right now I am split between two techniques for isolating firefox and other non-tor network facing applications away from Tor and each other. The first would be to run Tor on one dedicated machine and firefox on another, then use a physical wire to connect them and route the firefox machines traffic through the Tor machine and Tor. This will give the exact same benefits as using virtual machines to accomplish this, without any of the disadvantages of virtual machines. The second technique is using SElinux sandbox for x level isolation and then writing a SElinux profile to prevent firefox from gaining access to external IP address in any way or doing geopositioning. Certainly using the two machines approach is a more all encompassing and foolproof solution though. Additionally, these techniques can be combined for a very high degree of isolation. Failing that you may still choose to use virtual machine based isolation, and it will certainly give you benefits, just be aware that it comes at a high cost and in some use cases the cost could actually nullify the benefits. I think for servers it is more suited than for people using firefox, but it still has the same disadvantages.

Quote from: Guru on July 27, 2012, 07:15 am

Quote from: Shannon on July 27, 2012, 03:32 am

the fbi has started several drug/carding honeypot boards throughout the years, but the admin team on all of them blocked access from tor exit nodes and the use of gpg

Why on earth would they do a thing like that, eh?  <snicker>

Guru

this thread has only one purpose - to give this forum appearance of place for stupid degenerated junkies. Who else can post such stupid title.  Well who is average drug user nowadays - middle 30s, well educated, good income. Obviously if this  place will look like society if idiots, such kind of customers will never buy anything here. Harm to SR trade done by this forum hard to estimate.

Problem here in forum engine it self. If SR is from future this forum engine is from no internet BBS past. Agents and CIs should no be given an opportunity to turn the forum representing SR into such disinformation and defamation platform as it is now.

Twitter type social engine, when fans of some vendor can follow him may be much better and moder social communication platform.

It is true that feds have run a drug forum before, but rather than requiring the use of Tor they banned it and said only scammers used it, and they also were unfavorable towards GPG as well. Feds have also run at least one carder forum although they have taken over several others.

I think phpbb is the best forum software around by far, although I like punbb for being lightweight and fast.