Silk Road forums

Discussion => Silk Road discussion => Topic started by: danknugsdun on October 20, 2012, 08:42 pm

Title: (NEW) Article on Silk Road
Post by: danknugsdun on October 20, 2012, 08:42 pm
Dunno whether anybody has read this yet but thought I'd share the link;

http://www.bordermail.com.au/story/202519/police-follow-the-silk-road-to-online-drug-marketplace/
Title: Re: (NEW) Article on Silk Road
Post by: Nightcrawler on October 20, 2012, 09:21 pm
Dunno whether anybody has read this yet but thought I'd share the link;

http://www.bordermail.com.au/story/202519/police-follow-the-silk-road-to-online-drug-marketplace/

Money quote from the article:

Quote
It is understood authorities have difficulty identifying the websites linked to seizures because intercepted parcels often do not have identifying features. Police rely on finding documentary or forensic evidence to link a seizure to a site, or an admission by the offender. 

In a nutshell, keep your mouth shut, and your computer clean (or encrypted.)



Title: Re: (NEW) Article on Silk Road
Post by: Wadozo on October 20, 2012, 10:45 pm
That story reminds me so much of  a previous article which was written months ago. It's close to a carbon copy. When I get some time I'll find it, but it seems to me there's a little plagiarism happening here!
Spot on Nightcrawler.  :)
Title: Re: (NEW) Article on Silk Road
Post by: raistlin on October 20, 2012, 11:18 pm
"Cocaine and ecstasy sell for a quarter of street prices in Australia......"

eh?
Title: Re: (NEW) Article on Silk Road
Post by: danconia on October 21, 2012, 01:55 am
I feel bad for you guys in Australia.  It's going to be funny watching the authorities scratch their heads as this story continues.
Title: Re: (NEW) Article on Silk Road
Post by: inhabitablegoat on October 21, 2012, 06:02 am
Quote
In May, the federal police and Customs seized 120 kilograms of illicit substances imported via the postal system. They arrested 37 people.

120kg seized in one month, that's a lot of faith put into the postal system by some!
Makes me grin on how much actually manages to slip through :)
Title: Re: (NEW) Article on Silk Road
Post by: smokeweed420 on October 21, 2012, 06:10 am
silk road is accountable for a very small percentage of the drugs sent in the mail! huge amounts go through all the time from suppliers to dealers etc. i have been getting drugs in the mail for a long time before SR. the only reason it is being attacked it because its open to the public and organized.
Title: Re: (NEW) Article on Silk Road
Post by: smokeweed420 on October 21, 2012, 07:03 am
so if you can get mdma in Australia for 300$ and you can get it for 18$ a gram on SR (Dutchaanbod) than mdma costs 16.6x more in Australia than it does here... wow
Title: Re: (NEW) Article on Silk Road
Post by: AL T. IDman on October 21, 2012, 02:04 pm
so if you can get mdma in Australia for 300$ and you can get it for 18$ a gram on SR (Dutchaanbod) than mdma costs 16.6x more in Australia than it does here... wow
We also have lots of kangaroos. Welcome to Australia.

Hmmm. Well, what's the current rate for kangaroo/g ? How's the roll?
Title: Re: (NEW) Article on Silk Road
Post by: kmfkewm on October 21, 2012, 06:33 pm
What this article tells me is that we really need to step up our security because we are going to be getting some more tech savvy LE trying to attack us. The most important step to take right now imo is for DPR to configure the server to use Tor via Tor so that it gets layered entry guards. Until the Tor people add layered entry guards by default it needs to be done manually. People greatly over estimate Tors ability to keep a server anonymous, this is fact. A large increase to anonymity is provided by having the hidden service use two instances of Tor, a hidden service instance and a client instance. This protects from a very serious attack and greatly increases anonymity for both the client and the hidden server.

Second we need to seriously look into isolation techniques. Running the web server in a virtual machine that only knows an internal IP address is probably a good idea, even better would be to use a dedicated Tor server and then the server for everything else connected to it and forced to route everything through it. Using the virtual machine technique has advantages and disadvantages, primarily the advantage is that it is easier to configure and the disadvantage is that it increases an attackers ability to pwn the web server in the first place (but decreases their ability to get the servers IP address after having rooted the server). The two physical servers solution has all the advantages of the virtual machine solution and the only disadvantage it has is the difficulty of configuring it (particularly remotely).

Vendors should also be concerned with isolation of web browsers and other network facing applications from their external IP addresses. This can be achieved in the same way as it is for servers, either with virtual machines or with two+ dedicated hardware machines. The advantages and disadvantages stay the same. People also need to make sure that they are hardening their browsers. First and foremost it is highly suggested that you either use the TBB (which unfortunately doesn't allow for easy isolation) or that you manually compile the browser from the bundle yourself (which unfortunately is a pain in the ass to do). Tor Browser has been hardened from various attacks and it is the only browser that is considered secure to use by the Tor developers. Additionally, I suggest entirely disabling javascript and leaving it off, or at least using NoScript or similar.

Of course you need to learn how to use GPG and start using it to send your address if you have not yet. Indeed, the more messages you encrypt the better, you should encrypt as much as possible. You should encrypt your full hard drive if you have not yet, for SWAP have it encrypted with a temporary random key if you need SWAP. Another technique that has some security benefits is to boot off a live CD without a hard drive, but I personally think it is better to have a proper persistent configuration (live CD's that I am aware of are not configured in such a way as to give you the most security possible).

Cash in anonymously when you obtain bitcoins, and then mix them as well. Mix bitcoins before you cash out, and cash out anonymously as well.

Avoid using shitty operating systems like Windows. Look into a security oriented distro of Linux, and I do not mean tails or liberte but rather actually installing and configuring Gentoo or something. OpenBSD isn't linux but it is nice. FreeBSD is nice also but it lacks ASLR so meh. The primary thing to be concerned with is minimalism.The less crap you have running on your box the less attack surface there is for an exploit to pwn you.

We really need to make sure that our security (of both the server / site and the individuals using it) stays tip top because we can expect to see increasingly skilled law enforcement trying to compromise us. Right now we largely have the advantage over them, but let's not get complacent and lose our edge.
Title: Re: (NEW) Article on Silk Road
Post by: Errl_Kushman on October 21, 2012, 07:30 pm
What this article tells me is that we really need to step up our security because we are going to be getting some more tech savvy LE trying to attack us. The most important step to take right now imo is for DPR to configure the server to use Tor via Tor so that it gets layered entry guards. Until the Tor people add layered entry guards by default it needs to be done manually. People greatly over estimate Tors ability to keep a server anonymous, this is fact. A large increase to anonymity is provided by having the hidden service use two instances of Tor, a hidden service instance and a client instance. This protects from a very serious attack and greatly increases anonymity for both the client and the hidden server.

Second we need to seriously look into isolation techniques. Running the web server in a virtual machine that only knows an internal IP address is probably a good idea, even better would be to use a dedicated Tor server and then the server for everything else connected to it and forced to route everything through it. Using the virtual machine technique has advantages and disadvantages, primarily the advantage is that it is easier to configure and the disadvantage is that it increases an attackers ability to pwn the web server in the first place (but decreases their ability to get the servers IP address after having rooted the server). The two physical servers solution has all the advantages of the virtual machine solution and the only disadvantage it has is the difficulty of configuring it (particularly remotely).

Vendors should also be concerned with isolation of web browsers and other network facing applications from their external IP addresses. This can be achieved in the same way as it is for servers, either with virtual machines or with two+ dedicated hardware machines. The advantages and disadvantages stay the same. People also need to make sure that they are hardening their browsers. First and foremost it is highly suggested that you either use the TBB (which unfortunately doesn't allow for easy isolation) or that you manually compile the browser from the bundle yourself (which unfortunately is a pain in the ass to do). Tor Browser has been hardened from various attacks and it is the only browser that is considered secure to use by the Tor developers. Additionally, I suggest entirely disabling javascript and leaving it off, or at least using NoScript or similar.

Of course you need to learn how to use GPG and start using it to send your address if you have not yet. Indeed, the more messages you encrypt the better, you should encrypt as much as possible. You should encrypt your full hard drive if you have not yet, for SWAP have it encrypted with a temporary random key if you need SWAP. Another technique that has some security benefits is to boot off a live CD without a hard drive, but I personally think it is better to have a proper persistent configuration (live CD's that I am aware of are not configured in such a way as to give you the most security possible).

Cash in anonymously when you obtain bitcoins, and then mix them as well. Mix bitcoins before you cash out, and cash out anonymously as well.

Avoid using shitty operating systems like Windows. Look into a security oriented distro of Linux, and I do not mean tails or liberte but rather actually installing and configuring Gentoo or something. OpenBSD isn't linux but it is nice. FreeBSD is nice also but it lacks ASLR so meh. The primary thing to be concerned with is minimalism.The less crap you have running on your box the less attack surface there is for an exploit to pwn you.

We really need to make sure that our security (of both the server / site and the individuals using it) stays tip top because we can expect to see increasingly skilled law enforcement trying to compromise us. Right now we largely have the advantage over them, but let's not get complacent and lose our edge.

Yes. The hammer will drop on SR at some point. Hopefully DPR is hard at work hardening the security in place. It's happening now, some of the people reading this thread are the hammer wielders.

I'm with you, I expect an increasing number of sophisticated attacks over the next year or so.
Title: Re: (NEW) Article on Silk Road
Post by: kmfkewm on October 22, 2012, 10:11 am
The most important step to take right now imo is for DPR to configure the server to use Tor via Tor so that it gets layered entry guards. Until the Tor people add layered entry guards by default it needs to be done manually.

I know you've been pushing this idea for a while, but you should be aware that the Tor devs will eventually remove the ability to run Tor over Tor. There's a trac ticket about it.

https://trac.torproject.org/projects/tor/ticket/2667

As you can see, this feature will be removed by the final version of Tor 0.2.4, which will be ready in 6-8 months, and the change should be backported to 0.2.3. I don't know if layered entry guards will be available by then. So unless you want to run an old version of Tor, <= 0.2.2 (not recommended), this will be a problem.

If the devs remove the ability to do Tor via Tor and don't add layered entry guards themselves they will essentially be flipping off anyone who wants an actually highly anonymous hidden service. In the mean time, Tor via Tor still works and SR should be on the schedule of cutting edge anonymity not waiting for the Tor devs to play catch up. They are balancing the overall health of the network with the anonymity of hidden services, and right now they are not favoring hidden service anonymity as much as they could be (or should be imho). If they remove the ability to do Tor via Tor and don't replace it with layered entry guards for hidden services it will really piss me off and it is not in the best interests of hidden service anonymity.