Silk Road forums
Discussion => Security => Topic started by: Bungee54 on September 08, 2012, 12:51 pm
-
#### Pidder.de ###
Please use TOR to browse the Site.
It is seemingly not used very much ( we assume)..and nobody wants many SR users clicking
the site exactly the same time this posting is made.
##COULD BE A HONEYPOT##
Private networking
Some things are not meant for everybody
We believe that the management of more meaningful relationships is the future of social media. Quality rather than quantity is the key to that.
If you prefer to be in control of your own data and are looking for a more focused way to share, why not give pidder a try?
Within pidder privacy is the rule, not the exception.
pidder is built with "Privacy by Design".
It's your data. Treat it with care.
You decide what you share
Create your personal private social network. Keep in touch with your friends, relatives and loved ones using pidder's private communication channels.
With pidder you can securely manage both virtual and real identities. You can even use this single platform to create several completely separate social networks.
You decide whether you want to mix your aspects regarding business, leisure and hobbies or not.
Manage and organize your data and passwords in well-arranged virtual wallets and stay in control of what information about yourself will be available and to whom.
If you so choose, you may also use pidder anonymously or pseudonymously.
Privacy by design
All data transport to and from pidder happens via an encrypted connection using the https protocol with EV SSL certificate. Furthermore, your data will be encrypted prior to transmission to the server using state of the art encryption.
pidder is your secure key chain at home and abroad. Should your real wallet be stolen on your holidays, you'll still have all your important card information available securely, to quickly react and prevent worse.
To increase security you can hedge authentication using a keyfile, a virtual keyboard, and a second authentication step. One-time-passphrases offer protection against identity theft even when using an unsecure environment.
We have no interest in your data, commercially or otherwise, and we contractually guarantee that we cannot see your clear text data as only you have the key to it.
All your data at a glance & quick logins
With Quicklogins you can use pidder as your password manager and login to your favorite web sites with one click. At the same time you can at last use different and strong passwords for each individual service.
Well structured data saves time. Within pidder you'll have quick access to all the encrypted data within your cards, e.g. account information, license keys, access data, passwords, addresses, bookmarks, notes, and much more.
Customize your pidder dashboard to display the resources you use the most often.
Risk assessment
Security and comfort always build a tension pair. Security only works as a holistic concept and even if you do everything right the resulting security will always be relative. pidder can be one link in a long chain to increase your privacy and security.
But also using pidder is not free of risks. We would like to give you information to assess those risks diligently. We created the following list to the best of our knowledge but we do not claim it to be comprehensive. It is meant as a recommendation how you might want to handle your personal data.
Loss of your passphrase
Unlike many other internet services, within pidder your passphrase cannot be recovered. This passphrase is never sent to our servers without prior encryption and thus no employee of Versaneo GmbH or any other person within the pidder service team will ever know it. So if you forget your passphrase, you will not be able to log in to pidder anymore and your data cannot be decrypted.
Still, this should not mislead you to using a simple password (see password vs. passphrase).
How to cover this risk:
Choose a passphrase that you can remember easily while still being difficult to guess by others. Use complete sentences where you exchange certain letters with numbers or special characters: "I did not like school at all", exchanging "i" with "1" and "s" with "5": "1 d1d not l1ke 5chool at all". Or, if you don't want to type as much choose a somewhat longer sentence using only first letters and punctuation "When 1 wa5 young, 1 d1dn't l1ke 5chool one b1t." - yielding "W1wy,1dl5ob." - Just make sure you really can memorise this sentence well.
You may want to write down your passphrase or store it somewhere. If you do, make sure it is stored in a safe location - be it in the virtual or physical world - that only you have access to.
You may want to choose a simpler - and thus easier to remember - passphrase in combination with an arbitrary file that serves as a keyfile and/or in combination with the authentication puzzle. The combination of two elements is generally more difficult to guess.
Should you have registered for pidder using a weak passphrase you can change that into a better one any time later on to increase security.
Password vs. passphrase
Should you choose to entrust your sensitive data to pidder, we strongly recommend you don't just use a simple, easy to guess passphrase. Your passphrase should not be part of any dictionary. Nor should it be the name of a loved one or a pet. Such "passwords" can be hacked very easily within seconds. This is why we consistently use the term Passphrase, to stress that a single word is not sufficient to protect the safety of your data and your privacy. Furthermore, you should refrain from using the same passphrase for different services. Otherwise, having hacked one of your accounts will allow an attacker to compromise your whole online identity.
How to cover this risk:
The same hints apply as described unter "Loss of Passphrase"
Never re-use a passphrase, that you already assigned to another service.
SSL certificates and Man-in-the-Middle attacks
The communication to and from pidder uses an encrypted channel via TLS. SSL/TLS is well designed to encrypt the transport channel. But it is also used to authenticate the server, so you can be sure that you are in fact communicating with e.g. www.pidder.com and not with some third party pretendig to be us. This latter concept based on trust centers and root certificate authorities is considered flawed by some (see e.g. this paper as well as the recent Root CA hacks at Comodo and DigiNotar).
How to cover this risk:
Keep your operating system and your browser state of the art with regular updates. Known vulnerabilities typically will be patched quickly by the vendors.
Be wary of Phishing attacks. Do not click on links in html emails. When in doubt rather copy & paste the link location. Use bookmarks you created yourself whenever possible.
Use browser add-ons that give you more control of the way you want to handle SSL certificates.
Host-proof approach and JS crypto
Client-side encryption of data using JavaScript (JS crypto) is considered flawed by some (see e.g. these two articles as well as this forum thread and wiki page). The main vulnerability lies in the risk that the application code could have been changed without the knowledge of the user, either by a criminal employee or by a "Cross Site Scripting" attack. Using such manipulations an attacker might gain access to the secret that encrypts the data and consequently render the encryption useless.
How to cover this risk:
We offer cipherbox-wallets to separate the management of encryption keys and decrypted data from the sources provided by the pidder web application.
Use cipherbox-wallets for all data that you do not want to entrust to the pidder web application.
Make an informed decision of whether JS crypto is good enough for your privacy needs, especially considering the alternative of releasing such data using no encryption at all.
Encryption technologies
Even though pidder only uses approved secure standards of encryption technology to protect your data, i.e. AES with 14 rounds and 256 bits in CBC Mode (OpenSSL compatible), SHA256 and SHA512, and RSA with 2048 bits, no encryption technology provides absolute security. Ultimately, all algorithms are based on mathematical problems that cannot be solved with the available computing power within a reasonable time span. This may change any time by increasing computational power or by an ingenious mathematician's discovery.
How to cover this risk:
We follow the developments in cryptology attentively. Should one of the algorithms we use be compromised, we will adjust our implementation to another algorithm. Should an adjustment prove impossible for some reason, we will notify all our users as soon as possible.
Do not store strictly confidential data within pidder, like e.g. the PIN of bank account or your TAN list.
Operating system and browser
The more widespread a program is, the more likely it is someone will try to hack it. This is especially true for the web browser. In pidder, your data is encrypted using JavaScript and the pidCrypt library on the client, i.e. within the web browser you use. To save you from having to re-enter your passphrase after each click, it is stored within the virtual memory of the browser for the duration of your session. Should an attacker gain control of your browser he could potentially spy on your pidder passphrase.
How to cover this risk:
Keep your operating system and your browser state of the art with regular updates. Known vulnerabilities typically will be patched quickly by the vendors.
Since different browsers can be run in parallel, there is a pretty simple way to increase security: Use one type of browser - ideally the one you consider the most secure - for use with known and trusted services like pidder and another one for "normal" surfing.
Use a reliable browser within a virtual machine (e.g. Virtual PC, vmware or others), which you reset at every session. Any possible manipulations to your machine will be reset, too.
Use anti virus software which offers protection from known trojan horses and keep it up to date.
Use a firewall. Even though there are voices that advise against the use of personal firewalls, they still give you the option to check on your network traffic and become aware of suspicious activities. Used correctly, they won't do harm, only in the training phase they might hamper your flow of work a little.
Please Discuss.
It is Closed source '*meh*
why isnt this duplicated as open source?
Hidden service?
Reputation System?
No fance graphics :)
everything torifed?
Is it really secure? Besides not „open source“
so is it secure in theory?
DPR please duplicate it or buy it from the creators, change it according to SR.
Charge a falt fee of 10 BTC per month /member and 1.5 % per transaction...
could easily double our income and advance the cause and lower the prices -> advance liquidity & profits
Otherwise we will in aporx. 1-2years 8)
Please PM us to include typo corrections, intel additions, ideas, flaws etc.
Please PIne & LuisCyphre weigh in.
ALso all other who provide value in this community . You know who you are but we are very lazy right now :)
-
The people you need to run background checks on are listed here:
http://www.versaneo.de/en/company.php
I'm far too tired to do it now.
-
Hello Bungee!
It depends on how you look at it from what I can see.
I think something like this is a good idea... for regular people. I mean this form of a social network would appear to offer a lot to some people interested in privacy, but we want something much stronger than privacy, we want complete anonymity, those are two different, but related animals.
Issues (partly to do with their idea, partly just in general with these things):
- You're expected to connect via clearnet, thus your real IP address goes somewhere. So ok, you might not, but that's the default assumption.
- You have to trust that the admins aren't simply lying through their teeth. In practice few people can analyze whether such a things is working as advertised.
- Anonymous payment isn't trivial for most people, even with bitcoins. Bluntly, people are lazy and don't employ 2 Factor B$ anonymity, even on SR, let alone on the wider net. They want a 1 click solution. I don't know what can be done about that, other than upgrading cryptocurrency to superior anonymity implementations (which is ongoing, eventually it'll get there) or plain old natural selection.
- let's say everything else is fine. Admins can't access your data. Everything is encrypted, secure, locked up tight. But there is still traffic analysis. With a persistent identity, this can become a problem, which is why many people continually swap alts.
In all honesty, all solutions like this tend to be of the Hushmail variety. That is: You are super duper secure, unless you piss off somebody powerful. Actually, the people who run Hushmail were lucky not to get killed, from what I've read I'm not sure they comprehended that was even a possibility, which I find slightly scary. The DEA just snapped up small fry, if they bumped into somebody serious, their office building would have been converted into a morgue. But anybody serious was highly unlikely to use Hushmail, so there's a sliver lining. In many ways, many LE agents have never come across a real adversary in their entire careers, but I'm getting off topic.
Point is, if you take anonymity seriously, then coercion cannot be possible from without or within. That is very important. People using your system must not be able to manipulate you. People outside your system must not be able to manipulate you. This is a tall order for any centralized entity.
In practice, only decentralized applications will be capable of fulfilling those needs. It doesn't matter how smart you are, or how clever your system designers or programmers are. A central point is a point of critical failure because of rubberhose cryptanalysis (nice way of saying the government or some other entity beating the crap out of you until you give them what they want).
Unless your system can resist an enemy capable of murdering everybody within informational reach, it is not genuinely secure, not really anonymous. Otherwise you are merely depending on somebody else's morality, when you look at it like that, it's a dubious proposition.
Building decentralized systems that work is much harder than building centralized ones, where all elements are under your control and everything's nice and tidy. Because a decentralized system is closer to an eco-system than a normal piece of software, it evolves and adapts on its own, or at least it should if it's working properly.
Bitcoin, BitTorrent and Tor are good examples of such systems. If you are to build a anonymous social network, you'll have to going along those lines. It's tough, but obviously it is possible. The key thing is to build in the assumption right from the beginning that if the developers got hit by cars, that the network would continue and others will take up the baton.
For example, if the Tor project people were all kidnapped by UFOs tomorrow, then the Tor Project would continue. The software is readily available, anybody can download and set up their own personal Tor network, there are actually a few versions of Tor outside of the Tor Project software, which have either been built from the start, or branched off.
The Tor Project main guy has implemented a RFC system similar to how the Request for Comments implementation of TCP/IP worked online. This way anybody can follow in his lead and build on what went before him. So that is smart, it's a kind of 'meta' backup if you like. You don't need everybody to grasp how it works, this way you just need one or two computer geeks with enough knowhow to rebuild the project if/when disaster strikes (and the Tor Project has > 3000 people involved indirectly, so you bet your ass there's enough of the right people out there!)
Slightly Distracted Thought: I don't know why there isn't a copy of Tor built into most copies of Linux. It's fairly lightweight, I think it should be a default app like the text editor or calculator.
Btw: most of what they have to say on piddler is good, but their advice for setting up a passphrase is a bit silly. Every password attacking software knows to interchange common letter substitutions. Because, you know, if it's any kind of standard alteration many people will think of, then it makes its way into password crackers because hackers simply aren't completely retarded.
tldr; my advice to you, if you're serious about building such an anonymous network of any kind, is to study existing decentralized networks first as case studies.
-
Thanks a bunch for this very very thorough answer! We will digest this and hopefully answer soon as thoroughly.
Cheers!