Silk Road forums

I think it is safe to assume 10% are active. So 15,000 active seems like a better guess than 1,000 to me.

Freezing RAM to get at encryption keys has gone from "in the realm of elite law enforcement operations" to "standard procedure for many law enforcement units". Particularly in organized CP distribution cases, they have come to recognize the importance of getting the RAM while it is still on (and freezing it as soon as possible after gaining access to it). Although plenty of LE will still power down machines during raids, you really shouldn't count on them doing this these days, particularly if you are raided by the feds and they have any experience with people using encryption.

Forensic methodologies, generally fall into two broad camps.
The first is the “pure” pull-the-plug traditional forensic methodology advocated for many years by
most of the law enforcement community. This method is great for preserving data on disk, but you
lose allot of volatile data which may be useful. A skillful attacker may never even write their files to
disk. A real world example of this is the code red worm.
The second methodology, live forensics, recognizes the value of the volatile data that may be lost by
a power down and seeks to collect it from a running system. As any such action will in some minor
ways later the system, it is not pure in forensic terms. Many people, including the author of this
presentation, feel this is an acceptable tradeoff given the value of the data that can be collected from
a running system (with minimal impacts).

multi signature transfers are going to make mixing bitcoins very secure also. I think it is already part of the bitcoin protocol actually. Soon the mix and or escrow will not be able to steal your coins unless X% of the individually operated nodes are malicious and/or compromised. I envison a network of mixes that stores tons of bitcoins that you can pull money out of whenever you need it, without having to worry about the coins being stolen unless a large number of the mix operators decide to get together and fuck you (or are independently compromised). Open Transactions already allows for this .

Quote from: Spedly on March 02, 2012, 04:10 am

Pine, my understanding is that a malicious Tor exit node can decode the traffic sent between the server and the client. However, because there are so many hops between the client and the server, it's extremely difficult to trace it back to the original IP. It's possible, but it's very sophisticated. VPN and public Wi-Fi hot spots are compensating controls.

Must do moar research to get a firmer handle on this stuff. I keep looking for a nice reference book on TOR, but none seem to exist -.-

Also; computer illiterate lawyers FTW!

I gave you a link to freehaven.net bibliography and you said it was too academic for you . I will let you know when the Tor pop up book comes out . (JK you are cool, just joking with you )

BTW it is Tor not TOR. It is no longer considered to be an acronym for The Onion Router, and actually many experts would argue that it isn't even an onion router (although pretty much everyone still calls it one).

Onion Routing involves layer encrypting data using the public keys of many nodes, the final ciphertext block is called an onion. Then the block is routed around by nodes, which are onion routers, each removing a layer. Tor builds telescoping encrypted tunnels through a series of nodes and then routes the data through this multi-layered tunnel. You could argue that this is largely a different way to describe pretty much the same thing, but there are fundamental differences. Also you could argue that any layer encryption based routing system is onion routing, but I2P calls their system garlic routing ;P.

Freenet takes single layer encrypted ciphertext blocks and routes them through series of single layer encrypted tunnels. I dunno what they call their technique.

Also allow me to make some suggestions from an area I do have a limited amount of expertise in (measuring electrical resistance not being one of these areas). Also will post some 'open research' questions.

First, is RFID the best transmission technology? Battery powered RFID can transmit up to 100 feet away I believe. It is certainly not going to work if we use RFID that is not battery powered as transmission distance will not be far enough to get a reading. Let's think of other transmission technologies that we could use. One idea I just had is using GSM chips. I know some leet carders use skimmers that text the card data to a phone, so they only need to worry about installation of the skimmer and not pick up. Perhaps we could also use GSM chips and have the state signal sent to a predetermined phone number. This would allow for detection of interception from a tremendous distance, but would also require the package to be in an area with reception. Could even have it send the signal via cellular network to a VOIP number that is accessed anonymously or something. This also has the added advantage of the vendor and customer both being able to check for interception, as a physical presence near the package will not be required.

Second, what sensors can we use? The first suggestion by Enelysion was to use photovoltaic cells that trigger when light hits them (thus when the package is opened, we would assume). A limitation of this is the potential for packages to be opened in dark rooms. Things we need to take into consideration include ease of creating the product, ease of anonymously obtaining the required components, size of the components (we want these to be as small as possible), cost of the components (the cheaper the better, although for huge bulk orders cost will be less of a consideration), etc. One potential technique someone who is working on a design for these mentioned is measuring the electrical resistance of the packaging material, you seem to think this is a bad idea and I would love to hear why so I can forward the information on. Other potential sensors include x-ray, infra-red, etc. These would offer the advantage of being able to determine if a package was scanned at all, although the primary thing we are concerned with is if the package was opened. Another potential thing that has been mentioned is the use of oxygen detectors with the chip being vac sealed with the drug shipment.

As far as what is broadcast, I propose that we use a PRNG with a secret seed that is set by the sender after the package is created (wirelessly set). The chip then begins to run the PRNG and broadcasts its current state every certain amount of time, after a timer runs out. The output of the PRNG will either be a 1 or a 0, and this is determined by the seed. Someone who knows the seed will be able to determine the state of the PRNG out to an arbitary bit length. Someone who does not know the seed will have a fifty fifty chance of being able to mimic its resulting output for a given broadcast (either 1 or 0). The person the pack is sent to can measure the output of the PRNG (via the transmission system we go with) and compare it to what the output of the PRNG should be (which they can determine since the sender of the pack sends them the seed via asymmetric encryption). If it matches up for enough broadcasts, it can be determined that the seed is still present in the volatile memory. If it doesn't broadcast or the broadcast does not match up with what the seed should produce, interception (or malfunction) can safely be assumed.

I propose that the person getting the pack is not required to broadcast to it, as they could very well compromise their position by doing so. The chip should instead be on a timer and set to broadcast after a set amount of time (when it is assumed to be in the box waiting for pick up). The chip can not broadcast while it is in transit or else the attacker can start to look for broadcasting packages and the chip will turn into a beacon. However, I am fairly certain that there are broadcasting mechanisms that attempt to hide the signal that is broadcast from someone who does not have knowledge about the parameters of the broadcast, I am not an expert on wireless transmission but I have friends who are I will ask them more about this. It may be feasible to have a hidden broadcast that is difficult for a third party to detect even if they are looking for it, although again I am not certain if we will be able to implement such a sophisticated system with our chips. LPI is one such system for signal transmission with low risk of detection, https://en.wikipedia.org/wiki/Low_probability_of_intercept_radar .

Then we need a mechanism in place to quickly wipe the volatile memory after one of the sensors is triggered, or else customs may be able to flash freeze it and obtain the seed. Cutting power after one of the sensors is triggered may not be enough.

Design goals should be to make the chip as fully features as possible while also making it as cheap and easy to produce as possible, and perhaps most important as small and discreet as possible.

Please weigh in everyone who has any expertise relating to any of the areas involved with this, or anyone who has comments opinions questions or suggestions. Let's get this shit done! Using these in addition to fake ID boxes will make importing large bulk far safer, as we will always be able to determine when an interception has taken place prior to attempting pick up.

There are tons of private intelligence agencies. Janes is the first that comes to mind, but there are certainly others that do more interesting things than OSINT analysis. Most serious organized crime groups have their own intelligence units, often having members/leaders who were trained by national military intelligence services. In fact a characteristic of a phase III smuggling enterprise is sophisticated intelligence and counter intelligence operations, as well as having connections to legitimate national intelligence services (phase II organizations begin to practice rudimentary intelligence and counter intelligence, but their intelligence people lack the sophistication, connections and training of phase III organizations...also phase II smuggling enterprises often don't have a specific group compartment dedicated to intelligence)

Most major corporations have their own intelligence and counter intelligence wings as well, although they are technically limited by certain laws to mostly doing OSINT (at least in USA, although this doesn't mean that corporations always follow the law). Corporate espionage is a huge industry.

Wikileaks is essentially an intelligence agency (although they take measures in an attempt to prevent themselves being classified as such), they have gathered data (or obtained data gathered) via OSINT, COMINT and HUMINT operations at the very least, and they use counter intelligence tools to protect themselves from SIGINT, COMINT etc etc

Stratfor is apparently a private HUMINT agency according to the info Wikileaks has released on them: www.christianpost.com/ news/ wikileaks-exposes-stratfor-intelligence-agency-releases-5-million-ema ils-70350/

there are also cliques of leet hackers who sell zero day exploits to the highest bidders (usually intelligence agencies). I imagine they also gather intelligence themselves on occasion, information is very valuble just as much as the tools to obtain it are. I have heard of underground communities on the internet that trade in intelligence, including trade secrets of corporations etc.

RBN is a cyber crime group that has provided services to Russian intelligence. https://en.wikipedia.org/wiki/Russian_Business_Network
They also offer bullet proof hosting, good luck getting an RBN hosted server taken down even if you manage to get its IP address.

The people behind Ghostnet probably sold intelligence to the Chinese government: https://en.wikipedia.org/wiki/GhostNet

There are private military corporations. I suppose there could be private NSA/cyber-command type corporations. Are there any tech-heavies interested in a mercenary gig?

Even if you ignore private intelligence services, Bitcoin would be a useful tool for paying intelligence sources. Look at Robert Hanssen: https://en.wikipedia.org/wiki/Robert_Hanssen

He obtained payment from and gave information to the Russians via dead drops. Keeping his identity secret from the Russians was important to him (although I am pretty sure he failed at it). There are plenty of other potential intelligence sources who wouldn't even risk picking up dead drops of cash for their services, knowing that it could be a sting or it could be monitored by the agency they are selling the information to (after all if the agency knows who passed them data, they can demand more data to be passed and refuse payment, instead threatening to reveal that they are spies. It would be entirely realistic for a HUMINT agency to retain their asset via blackmail over finanical payment). Getting payment via mixed Bitcoins would be a potentially smart strategy for such a spy, and it would be smart for a HUMINT agency to offer payment in a way that they can prove it anonymous.

Also look at the Russian spy network busted in USA in 2010 : https://en.wikipedia.org/wiki/Illegals_Program

One of their main functions was laundering cash for the Russian intelligence services. They would potentially have been smarter to use mixed bitcoins, after all then there wouldn't be surveillance videos of them passing bags filled of cash. Brush passes < Digital mixing.

There is a reason that the CIA wanted to learn as much as they could about Bitcoin from fairly early on:

www.bitcoinblogger.com/ 2011/ 04/ bitcoin-technical-lead-to-present-at.html

It is potentially very useful for them, just as much as Tor is.

I'm just afraid that analysis of the block chain will end up being useful for FININT since I don't think people are taking the required precautions with bitcoin, instead thinking that it is inherently anonymous (or that using mixes will not get them watched and/or charged with money laundering if they don't take some steps to cash out anonymously also).

Shors algorithm requires a quantum computer with a certain number of stable qubits. If anyone has such a comp it would be NSA but most security people I talk with think that they do not.

If NSA runs into someone using GPG they will just remotely hack them and steal their key if they are not using airgaps (encryption operations on a computer that never has access to the internet at all, hand typing ciphertexts back and forth). If they are using airgaps NSA will remotely hack them to trace them and then get the key via some other method, maybe transient electromagnetic signal analysis unless the target is in a secure compartmentalized information facility. In short NSA doesn't really need to break encryption to get to the plaintext.

I have a friend who is a professional cryptographer. He says that the vast majority of implemented cryptosystems are improperly implemented and vulnerable to side channel data leaks, which can be used to compromise them (even from over the internet in many cases): https://en.wikipedia.org/wiki/Side_channel_attack

yes - privnote can be mitmed. but pgp can't. if someone "mitms" your pgp public key, who cares? that's why it's public!

you should learn how a "mitm" (man in the middle) attack works before you make definitive claims about it

let's say Alice and Bob communicate over safe-mail with GPG

Alice sends Bob her public key. Safe-mail intercepts the e-mail and replace Alices public key with their own then send it on to Bob. Bob sends Alice his public key and safe-mail does the same thing. Now when Bob encrypts to Alice he is really encrypting to safe-mail, who then can decrypt the message and re-encrypt it (or a modified version of it) with Alices real public key before sending it to Alice.

I really worry the most about instant messages and OTR. I think it would be very trivial for any of the instant message servers we use (or SILC server etc) to MITM OTR keys, and so few people use any authentication / verification methods that it would not likely be noticed.

I have thought of putting out a few exit nodes that SSL strip connections to popular instant message servers and MITM OTR key transfers, just for shits and giggles. I bet I would be able to intercept a lot of communications that people thought were secure. But I am not an asshole so I wont .