Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 194 195 [196] 197 198 ... 249
2926
Security / Re: Jacob Appelbaum on Tor and GPAs
« on: May 03, 2012, 05:10 am »
Okay good to know it was a coincidence, I didn't notice his entire account was deleted just saw his post on this was gone and then he made another link to it under a different name saying the first had been censored by a mod,  then I hit refresh and saw that post was also gone

Unfortunately, I think you will find deleting accounts and banning people on an open registration and fully anonymous forum to be an exercise in futility.

2927
Security / Jacob Appelbaum on Tor and GPAs
« on: May 03, 2012, 05:03 am »
http://www.democracynow.org/2012/4/26/targeted_hacker_jacob_appelbaum_on_cispa#transcript

originally posted in : http://dkn255hz262ypmii.onion/index.php?topic=21469.0
then deleted when eeees account was

2928
Security / Re: tor security
« on: May 03, 2012, 04:44 am »
Quote
So one of the scary things here is that we’re just not even sure how to  exist in a complete—what’s called "global passive adversary world,"  where they can watch the entire internet. And so, this is, I think, an  existential threat to anonymity online, to privacy and to security of  everyday people.

Maybe not with low latency but that is what high latency mix networks are made for. Global passive adversary can watch all traffic BETWEEN all nodes on the network, which is end of story for low latency anonymity they completely defeat it. If you have high latency traffic, and the mixes re-order thousands or tens of thousands of messages before sending them to the next mix which does the same thing, as long as there is absolutely no other linkability between individual messages at each hop, it takes a global passive adversary a long time to gather enough information to carry out deanonymizing attacks against the mix network. If you have a highly used and highly secured (talking military grade protection from hackers penetrating the mix to observe the re-ordering, tamper resistant / signal shielding cases to prevent someone with physical access from doing the same) mix network, you can do a decent job of resisting a global passive adversary. In the end they will always win unless there is constant rate cover traffic, but you can make it so the number of messages you need to send under a pseudonym before they can tie that pseudonym to a person, is large.

Another option, although bandwidth and other constraints may make it more theoretical than practical, is the use of dining cryptographer networks (DC-nets), which offer cryptographically provable anonymity to within a set size (usually the set size of all participants on the network, although it is possible to make intertwined DC-nets that offer perfect anonymity only within the sub-sections).

Low latency anonymity is dead against powerful signals intelligence agencies, it probably has been for at least the past decade. It might be dead in the not so distant future if federal police get access to information that used to be only in the realm of signals intelligence. But even though browsing the 'regular' internet anonymously (and I include hidden services in this definition of 'regular internet') may be fatally wounded, there are still *much* stronger solutions than Tor, I2P or Freenet in the world of academia and theory. Anonymity online will not die in a GPA world, it will just be much slower (talking hours to days for a message to go from one communicator to the other/s), only support sending small messages (no downloading large files, just text messages images and maybe small files like mp3s), and probably not at all compatible with web browsers (it will require custom client and server components).

Membership concealment will be dead in such a world though. You will not really be able to hide the fact that you are a user of a given mix network, unless you use open Wifi from random locations or something. This is pretty shitty too for us, since vendors leak rough geolocation intelligence when they ship product, it is best to hide that they are also users of a communications network to avoid these crowds from being intersected. Let's hope when FBI/DEA/ICE are GPA, that a lot of people are willing to use mix network, to create large crowds in arbitrary geographic regions.

2929
Security / Re: tor security
« on: May 03, 2012, 04:32 am »
All of the Tor devs think that NSA can trivially pwn Tor users. Tor never intended to withstand such strong attackers. NSA couldn't give a fuck less about Silk Road.

2930
Silk Road discussion / Re: If prohibition is lifted
« on: May 03, 2012, 02:25 am »
But what happens in such a society when some person or some group unjustly impinges on the rights of some other person or group?  What if the latter is the weaker?  Are they just fucked?

Okay, I think I partially answered my own question: http://en.wikipedia.org/wiki/Dispute_resolution_organization

What about weapons of mass destruction, such as nukes?  Surely society needs the state to (hopefully) minimize their use, no?

Private defense agencies will limit the ability of those they think would use nuclear weapons against their customers, to both obtain and use nuclear weapons. Every single thing the state does can be privatized. What about them do you find so magic that allows them to do things that other groups of people can not do?

2931
Off topic / first one to post wins
« on: May 03, 2012, 02:21 am »
Hi losers

2932
Silk Road discussion / Re: If prohibition is lifted
« on: May 03, 2012, 01:27 am »
I don't know entirely, I don't see the state as the enemy, but I don't think full legalisation is the answer.

While for things like weed, or ecstasy, it's probably quite beneficial, and in general quality would increase, I think decriminalisation would do the trick.

SR would become a grey market, and would be just left unchecked, really. Sure some drugs would benefit from legalisation, but you're right, we don't want everything state controlled.

However the whole issue of drug cartels and so forth is a problem, and I don't think decriminalisation really tackles that issue very well. The laws certainly need to change in terms of what constitutes illegal, because current drug laws are only anti-liberty, not based on any kind of morality. Though I have my own conspiracy theories on psychedelic illegality, hahah.

Just my two cents...but well, this is a thorny issue.

The state wants to put you in prison. The state steals your money from you at implied gun point. The state wants to control every aspect of your life. If they state is not your enemy then I wonder what your enemies do to you, ass rape you ?

2933
Silk Road discussion / Re: If prohibition is lifted
« on: May 03, 2012, 01:15 am »
Private enterprise handles the production and distribution of food.  But those markets are highly regulated.  Would those markets be even better if they weren't?

Okay, will take a look at those books.  But what happens in such a society when some person or some group unjustly impinges on the rights of some other person or group?  What if the latter is the weaker?  Are they just fucked?

Your rights are infringed by the state. You are weaker than the state. You are fucked. Anarcho capitalism isn't magic, it can not end evil things from ever happening, but it does a damn well better job than statism does.

2934
Security / Re: okay now I know Tony got busted...
« on: May 03, 2012, 01:04 am »
When did he order?  Almost 100% chance he did a shitty packaging job imo. 

There's no way they have all the addresses compiled and sent to local police yet or am i way off base with this assumption?

Also as far as cleaning house etc... at what level or ordering are you ACTUALLY at risk of a raid?

You are at risk of a raid from ordering any amount what-so-ever of anything illegal. You are very unlikely to be raided for personal use amounts of lowly scheduled drugs (xanax) or research chemicals or marijuana seeds. Any amounts of anything else and you are at risk of a knock and talk. I know of people who had knock and talks over ounces of weed, and were charged. If you order sheet of acid or ounce of MDMA I wouldn't be surprised if you are raided either.

2935
I thought that if you do have to buy coin from your bank account, heaven forbid, then all you would have to do is launder them. Once laundered the only would be: from your account> mtgox> bitlaundry> smoke.. as far as i know.
For the most part, yes. Let's say you buy coins from your account>mtgox and ordered some drugs off SR. It gets intercepted by LE and they come knocking on your door. If you deny everything and play ignorant to the whole situation then how could they possibly know that you are using SR unless you tell them? Okay now let's just say they assume you're ordering them online and they confiscate your computer, how the hell are they going to know you're going on SR and what you're ordering if you're using TOR? Okay now on top of that let's say they check your bank statements (come on would they really do that?) and see your transfers to mtgox and now they ask you "What are those transfers for?" you can say so many things that they can't possibly check "I trade currencies", "I pay for services using digital currencies", etc. Now imagine if you take the simple security precautions you can find in these forums, do you really think they'll go to this much trouble to catch a person buyer? I don't think so because remember, anything LE does costs money, money they don't have.

Why wouldn't they check your bank statements in a criminal investigation?!? Also LE has enough money to dedicate teams of cops to busting a few people trying to get their dick sucked by hookers i'm sure they have enough money to bust you.

2936
I thought that if you do have to buy coin from your bank account, heaven forbid, then all you would have to do is launder them. Once laundered the only would be: from your account> mtgox> bitlaundry> smoke.. as far as i know.

Although using a good mix will hide the final destination of your coins, it will not hide the fact that you used a mix , and you may risk money laundering charges

2937
You don't have to be totally anonymous just to buy and sell small amounts of bitcoins. A vendor does, but the buyer doesn't need to unless you are buying a barrel of Ephedrine from India for $15,000.

You could say somebody on IRC sold you a service for bitcoins and you sent the coins to that address. They can't prove otherwise that this didn't happen because bitcoin is decentralized and allows for 3rd party payments. How are they going to get DPR's priv keys to all his escrow addresses he's ever generated to match up with your transaction and at the same time get you to confess because unless there's evidence on your comp or SR usernames linking you to it and you talk they aren't going to be able to prove shit in a court of law.

Remember there are people selling heroin and stolen Oxy's for paypal on Topix for years and still have yet to be busted.

Yeah I can't think of the last time someone went to prison for a drug crime less than importing $15,000 worth of meth precursor chemicals from India, sheesh me and my paranoia.
Bitcoin has a fully public transaction history.

2938
Off topic / Re: Some lessons from The Farmers Market
« on: May 02, 2012, 09:18 am »
Lots of people here admit that they will snitch :/

glad to know who to completely avoid doing any business with ever

of course some in mafia snitch but just as many don't. Also the snitches get put into protective custody for the rest of their lives or they are brutally murdered.

2939
We badly require a book, SR for Dummies or something.

In general, there's a bizarre combination of paranoia and laxity. Too much focus on tech security and not enough on the human element.

Here's a non-exhaustive list of 10 peculiar things I've seen. Check it for your sins...

1. Many people are actually using the same handles or avatars on the clearweb. I couldn't believe it. Including some of the most paranoid people on here. Without using a single 'hack', I could easily ID 25% - 50% of the people on here. No, that's not me boasting, that's you being insecure.

2. Too lazy to use PGP encryption.

3. Mentioning they were at specific locations and dates, or worst yet, that you will be in the future.

4. Using colloquial slang.

5. Mentioning specific clearweb sites that they have accounts on.

6. Indirectly or directly referring to the time. e.g. This afternoon I... etc

7. Mentioning you're going to purchase, or have purchased, certain items from Ebay or Amazon.

8. Imagining that using Tor doesn't influence how banks, exchanges, email providers and others could profile you. You use Tor to access proxies which are ideally private and located in your geographical region. Unless you think it's not weird for your bank to see you're accessing your account from Bermuda, and then Belize ten minutes later. See: "I have my rights" section below ->

9. Mentioning your jobs past, present or future, and people you know.

10. Mentioning any government controlled data relevant to your person. e.g. prescription drugs you've taken, when and for how long, how long you've been unemployed, your crazy bitch ex-wife, how much tax you paid, and unbelievably: that you have a criminal record etc.

Some General Rules:

Never, never believe that just because something is legal, that means that it can't be used against you in some way. Enough with this "I have my rights" bullshit already. It's called circumstantial evidence and prosecutors use it all the time.

Many Nos make a Yes. It's a combination of both additive and subtractive knowledge that builds an investigative case. Tor allows you to give a detective the universal set of 7 billion people to extract you from. Why narrow the field?

Remember Occum's Razor. The simplest model that fits the known facts is usually true. For example: some of you were proposing that SR itself was colluding with scammers. But why would they even do that when they could more easily simply embezzle all your money in the first place? Similarly, intelligence agencies like the NSA and CIA do not have mandates to find drug dealers. It's not in their jurisdiction. The local police, FBI and DEA do have such mandates and it is in their jurisdiction. Simple!

If you have committed security sins, or even if you haven't, then you had better start putting down some red herrings. It's just good practice to drop the occasional white lie as a matter of principal.

-- Agent SuperPine

Many psychological phenomenon are at play with most of these issues, the most threatening being a combination of the false consensus effect and cognitive dissonance. People here are drug users who tend to be surrounded by other drug users and a part of drug culture. They are biased towards thinking that this socio-ideological reality extends much further into the general public than it actually does. They think nothing of drug use, and their friends and others they interact with also have no problems with it, so they falsely come to believe that the average person in society has no problems with it and doesn't care about it. This is despite the fact that not even 50% of the population of the USA is in favor of even decriminalizing cannabis use (even for medical use). They also experience cognitive dissonance because even though they are aware that drugs are illegal and that prisons are overflowing with drug offenders, the vast majority of which were arrested for personal use amounts, the thought of them risking their own lives is unpleasant so they repress the knowledge that they are committing felonies punishable by serious prison time. Other phenomenon demonstrated are the need for socialization as well as default trust (ie: people tend to trust others unless they give them an explicit reason not to).

This results in people doing things that are not the smartest from a security point of view.

Quote
Tor allows you to give a detective the universal set of 7 billion people to extract you from. Why narrow the field?

Well you are automatically put into the set of a few million people who use Tor. They can also probably say with high probability that you are in a country with people who usually learn to speak English, and although there will be significant noise introduced, they can probably say that you are most likely in a country with English as the primary language. That does cut it down a lot, since a lot of Tor users are in places where English is rarely learned.

2940
topix is where the people from yahoo answers go to buy illegal drugs online

Pages: 1 ... 194 195 [196] 197 198 ... 249