Silk Road forums
Discussion => Security => Topic started by: TravellingWithoutMoving on April 20, 2012, 08:08 pm
-
'ello
would it be a good idea to start a thread, for Tor relays that should be avoided ?
since i know there are people here who are fairly knowledgeable would like to get your opinions.
an issue is that this is a public forum as such and if there are better ways of doing it would be good to get everyone's input.
another issue is how to post those w/o using your own name...?!
thanks
-
would it be a good idea to start a thread, for Tor relays that should be avoided ?
since i know there are people here who are fairly knowledgeable would like to get your opinions.
an issue is that this is a public forum as such and if there are better ways of doing it would be good to get everyone's input.
another issue is how to post those w/o using your own name...?!
It all depends on where you are based and what kind of threat model you've got. Some users will want to avoid all US based relays, while others will want to avoid relays located in the MENA region (if there are any).
-
- my idea is to post ipaddress, location, name + reason?!
- there are quite a few reasons why we might not want to use certain television Co's ++ -yes they might legitimately need Tor and use themselves but how do we know
and is it worth the risk/?!
-
- my idea is to post ipaddress, location, name + reason?!
- there are quite a few reasons why we might not want to use certain television Co's ++ -yes they might legitimately need Tor and use themselves but how do we know
and is it worth the risk/?!
I see why this can be relevant for normal browsing, but it's not relevant if you are just browsing Silk Road. Having a large set of relays to choose from when building circuits is what makes Tor so secure, as you blend in with the rest of the crowd.
-
...well if you discover something along the way don't you want to share it with everyone?! say cnn have a bridge/relay...?! as i understand it there are still ways with digital
fingerprinting etc...
-
These relays are all good
https://www.torservers.net/services.html
-
You want to let Tor pick nodes for you. They already filter off bad ones as best as can be done at the directory authority servers.
-
hmm I am still not 100% familiar with TOR etc, but would it be of any use to have TOR running on VPS and having that as bridge ?
or is there no point of doing that ?
-
hmm I am still not 100% familiar with TOR etc, but would it be of any use to have TOR running on VPS and having that as bridge ?
or is there no point of doing that ?
Yes, using a private Tor bridge as your first hop adds an extra layer of security to your connection.
-
No, you do not want to let tor pick the relays/bridges for you. Misinformation on here is rampant from idiots who are clearly not clear-headed. Avoid any USA node.
Please elaborate on why you think it's /wrong/ to let Tor pick the relays to use in the circuits it builds? Allowing Tor to pick the relays is the default option, and is also the one recommended by the Tor Project. Why would you call that "misinformation ... from idiots who are clearly not clear-headed"?
-
how would you go about picking which relays to use ? is there a list or something ??
-
Go ahead and use the known tor relays, I could give two fucks less, I'm just trying to help people. I will not elaborate because you do not even seem to care, even with a lengthy explanation, you would be the one still using known relays.
If I didn't care, I wouldn't have asked you to elaborate. I do care, and I do want to know why you seem to believe that choosing your own relays is more secure than letting Tor do it for you. In one post, you said that one should avoid all US relays. However, you seem to forget that the US government (I assume that's the threat you are referring to) can easily set up relays in other countries.
-
how would you go about picking which relays to use ? is there a list or something ??
The list of relays in the Tor network is publicly available on a number of websites, including http://torstatus.blutmagie.de/. For instructions on how to configure your Tor client to use a specific set, see https://www.torproject.org/docs/faq.html.en#ChooseEntryExit
-
No, you do not want to let tor pick the relays/bridges for you. Misinformation on here is rampant from idiots who are clearly not clear-headed. Avoid any USA node.
Well for one the Tor developers say to let Tor pick your nodes for you, so I think they probably know what they are talking about. For two if you pick your own nodes you will stick out from the crowd since the vast majority of people don't pick their own Tor nodes. And for three, USA has less strict data retention laws than almost all of EU and also NSA logs ALL traffic into or out of the USA but log much less intra-USA traffic (since they carry out their logging at IX's and not AS's). What is the logic behind avoiding USA nodes? You know the feds are not limited to running Tor nodes in USA right? Please explain your logic so I can give a more thorough explanation of why you are wrong, but I already am quite certain that you will not convince me that I am wrong :).
-
And for three, USA has less strict data retention laws than almost all of EU
Remember that "less strict" often means that companies/organizations store more information for longer, simply because they can get away with it.
-
- i don't see how any nsa / fbi can log ALL traffic coming in and out...there's only so much that can be logged certainly not whole packets an impossible task, maybe
even the headers would be a shit load of data imagine trying to organise that ..!!... perhaps "connections" ...but you also need connection time etc etc
?!?
-
they are mostly interested in the header
also they only need to log unique payload data, and they can ignore encrypted stuff unless they think they will ever be able to break it. Most traffic is non-unique. It would be a total waste to keep a copy of the traffic flow of a thousand different people downloading a movie when they could just keep one copy of the movie the first (unique) time they see it, and then use a reference to it all other times.
almost every security pro I have heard talk on this matter fall into one of two camps in their opinion on this. Camp A thinks that NSA logs all traffic into and out of the country but not all the traffic that stays within the country. I have found some evidence to corroborate this but it was nothing solid, some legal analysis of anonymity on the internet that referenced the NSA as monitoring all traffic into and out of the USA but it was written by lawyers not security people. Camp B thinks NSA logs roughly one out of every ten thousand packets through IXs, which would include a substantial number of international packets (but not entire flows) and substantially less intranational traffic since a lot of that doesn't go through IXes but stays within the AS. This would be called sampling, and it is still enough to do a lot of signals intelligence analysis with. I can't find anything solid on this, but there are several papers in anonymity literature that describe attackers with such capability, and many of them probably think NSA is such an attacker.
also of interest:
https://www.eff.org/issues/nsa-spying
The evidence also shows that the government did not act alone. EFF has obtained whistleblower evidence [PDF] from former AT&T technician Mark Klein showing that AT&T is cooperating with the illegal surveillance. The undisputed documents show that AT&T installed a fiberoptic splitter at its facility at 611 Folsom Street in San Francisco that makes copies of all emails web browsing and other Internet traffic to and from AT&T customers and provides those copies to the NSA. This copying includes both domestic and international Internet activities of AT&T customers. As one expert observed “this isn’t a wiretap it’s a country-tap.”
this paper also has interesting information in it, at least some of which is true, despite having at least one less than reputable author (I hear he had little to do with it actually)
http://www.blackhat.com/presentations/bh-usa-09/TOPLETZ/BHUSA09-Topletz-GlobalSpying-PAPER.pdf
this paper talks about sampling traffic and has very credible authors :
http://freehaven.net/anonbib/cache/murdoch-pet2007.pdf
Every security person whose opinion I respect thinks that NSA logs more traffic that enters or leaves USA than they log traffic that stays withing the USA, they just differ on if they log all international traffic from/to USA or only sample it (which would still be enough to do a lot with)
-
Related to this subject: What do you know of ECHELON Kmf? Is it a conspiracy theory or an actually implemented concept? Somebody posted it in one of the [intel] tagged documents, maybe yourself or QTC. Here are some quotes from that document (it's called "We have the technology to stop child pornography" I think):
In 1971 a system known as ECHELON was established by the United States, the United Kingdom, Canada, Australia and New Zealand. The purpose of ECHELON was and still is today, to monitor and intercept global communications for the purpose of national security interests between the five countries. Using supercomputers and skilled intelligence analysts, the system monitors 3 billion communications daily including telephone calls, e-mail messages, Internet downloads, satellite transmissions, video transmissions and several other communications modalities. Regardless of whether the communication is sent by radio waves, cable, fibre of infrared; ECHELON has the capability to "listen in". The system monitors all of the world's communications indiscriminately and then filters out or selects specific transmissions based on keyword phrases, digital signatures, digital image values and other preprogrammed criteria using a combination of artificial intelligence, fuzzy logic and the power of supercomputers.
It is not surprising then, that ECHELON routinely monitors 90% of all the world's Internet traffic. ECHELON is the largest signals intelligence (SIGINT) system in the world. In addition, there are smaller, national systems of similar capability operated in the United States, the United Kingdom, Canada, Australia, New Zealand, the European Union, Russia, China, Germany, Israel, France and India.
The United States refuses to officially, publicly acknowledge that ECHELON exists, while the other four countries involved in the system have accepted the fact that the majority of their citizens know about the system in general terms but are not forthcoming on any other information regarding these systems that their citizens pay for via their taxes.
-
- thanks for input
- its "common knowledge" that gchq {uk} have boxes in linx in london which is the central in/out hub for {maybe 1 of..} the beloved internet scanning all mails with a list of
keywords, i guess there a buffer which then copies the entire msg out etc...
-
Echelon is a real system but it is outdated, they use Narusinsight supercomputers for most of their stuff now.