Silk Road forums
Discussion => Silk Road discussion => Topic started by: Edawg420 on January 06, 2013, 04:50 am
-
So I've been doing some reading and i would like to up my stealth...but there seems to be some warnings about a middle man attack. I am curious if someone has a good post that can describe the best way to make a USB that runs as its own Operating System and Tor Browser?
-
https://tails.boum.org/doc/first_steps/usb_installation/index.en.html
-
+1
-
+1 ... dont even bother with the USB. Not necesarry really. Run the ISO direct from the CD.
-
I think the post i read you linked informed me on how to make a tail...i am well informed on how to do that, what i guess i want to know is, 1st is it more obvious using a tail than just using and regular IP and not pretending to be one? Then secondly, if i was going to use a tail and i had access to a computer how likely is it to be traced back to the person using the tail?
-
If you had a tail, I would recommend seeing a specialist.
But seriously...
is it more obvious using a tail than just using and regular IP and not pretending to be one? Then secondly, if i was going to use a tail and i had access to a computer how likely is it to be traced back to the person using the tail?
I think you're confused about what Tails is. I honestly don't understand your questions.
-
My definition of a tail is a USB/CD that loads its own operating system that allows specifics applications like tor browsing to run...am i incorrect?
-
Yes, that's basically what Tails is, bust I still don't understand your questions.
is it more obvious using a tail than just using and regular IP and not pretending to be one?
Are you asking if you'll stand out more for using Tor? Possibly, in China or Iran, or if LE is looking for a Tor user. Otherwise, no. ISPs don't generally log your browsing activity other than the amount of bandwidth you consume.
if i was going to use a tail and i had access to a computer how likely is it to be traced back to the person using the tail?
As likely as using Tor in any other situation. Tails doesn't increase or decrease the effectiveness of Tor.
-
Well does the activity of me using a tail draw more attention than leaving data on a hard drive per say?
-
That's again not even a sensible question.
Data on your hard drive doesn't call attention to you, but it does matter after you've called attention to yourself.
It's safer to use Tails and not leave data on your hard drive.
-
The man in the middle attack WARNING comes from the https addon.
Loose the ""https everywhere"" addon and you will see no more warnings.
Go to your addon's and disable "https everywhere"
Now you will see that the warning mitm is gone.
While you there at the addons, loose the firegpg add-on too!
It is not safe!
Put yourself a ""s"" behind ""http"" , but do not use the addon ""https everywhere""
https://tails.boum.org/doc/about/warning/index.en.html#index3h1
Try it yourself the next time you receive a warning about mitm again.
One time with the addon and the second time without the addon.
You will see that the mitm warning has disappeared.
Just a week ago this mod wrote ...;
""
quote
Abraham54
Abraham54 is offline
Moderator Abraham54's Avatar
registered
August 9, 2007
Location
Largest city in Twente
posts
54624
Default Re: MITM is usually a false positive?
I guessed that you used https everywhere.
These add-on has also been times in my browser (including FF) but I've already removed a while ago.
In any case, you will therefore probably those warnings, because the certificates generally seen as obsolete.
""
end of qoute
That said;
Https is better because it's secure, just the add-on is bad.
Watch your step!
Tor is very vulnerable for mitm attacks.
Wikileaks and Julian Assange have proofed that.
Read weakness warning of tor.
Wikileaks produced in dec 2011 the spycables.
You will find there the equipment tailor made for the intelligents agentcy's.
Mass storage for tor-data.
T.O.R. traffic is by definition monitored.
T.A.I.L.S. or no T.A.I.L.S.
As for the usb goes, I run from my usb too.
First time in my life that I run a operating system from a usb-stick.
I think that there is a special download for a usb besides the normal burning of a dvd.
Many people use a rw, because the latest T.A.I.L.S. is to big now for a cd, wich was rom, so could never be changed afterwards.
When you close the operating system T.A.I.L.S. needs some time to wipe all traceable data.
It wil close the computer when it's done with the wiping.
When you disable the ""https everywhere"" addon, disable the firegpg addon too, it's not safe.
Even T.A.I.L.S. itself warns about the firegpg add-on, but nobody seems interested in reading anymore.
-
It's "Tails" not "a Tail"
Tails is an operating system that you can use to access Tor.
Brecause of the above, this question makes no sense.
"Well does the activity of me using a tail draw more attention than leaving data on a hard drive per say?"
Read some stuff on the Tails site and learn more about what it is. You are at a point where you know so little it's going to be hard to help you unless we copy paste from something that's already written.
-
+1 karma to astor and tor12345 for trying to cut through the confusion.
TAILS stands for The Amnesic Incognito Live System
It's not a general term. It's a linux live distribution made specifically for security as it runs from a ram disk, automatically uses tor for all network connections, and does not store any data persistently. It is actually safest to run TAILS from a CD/DVD as this is a RO media and there can be no accidental or maliciously saved data.
Would using TAILS draw attention to you? No one uses TAILS unless they have a reason to. So in that sense, it's like putting a bank vault in your home and a 50-camera surveillance system and armed guards. Anyone who knows will assume you have some reason for the precaution. That said, the only thing anyone can tell remotely is that you use tor. And locally nothing is stored. Whether using tor in and of itself is suspicious is a question for another thread.
The point of using TAILS is that you will leave NO incriminating data behind.
And switching from https to http will not protect you from MitM attacks it will only ensure the attack works flawlessly.
-
Your question's already been answered pretty well, but I seem to have more patience than most for explaining... so to really answer your initial question: Tor offers no protection from man in the middle attacks. A Man in the Middle (MitM) attack is when you try to connect to, say, your bank's web site but a hacker has arranged it so that you connect to his computer instead. How he does this is a bit beyond the scope of your question -- it suffices to say that it requires a nontrivial knowledge of internet routing, but don't worry about it. It's pretty rare.
So anyway, you connect to his computer. His computer then connects to the real bank site. Now the way SSL/TLS (HTTPS) works is that any data communicated between you and the person you connect to is private. But you're connected to the hacker's computer, not the real web site -- so... yeah. It being private between you and the hacker doesn't do a lot of good in this case. The hacker also transparently sends all the data you send to him, right to the bank site. The bank site thinks it's you, and sends stuff to the hacker (who sends it on through to you, so that you don't notice it's not the bank site).
The only defense against this are the certificate authorities. They're basically companies that have been empowered to sell these certificates -- if you have one, it's supposed to prove that you are a specific domain (google.com is a domain). So your computer should *hopefully* warn you about the MitM attack described above by telling you the certificate of the web site doesn't check out, but the problem is... it's not all that hard to get around these certificate authorities and end up with one that says you're somebody who you aren't. Neither Tor, nor TAILS, does anything to protect against this.
So as eddiethegun here points out, not bothering with any encryption and connecting via standard HTTP (not HTTPS), is only going to make it even easier to perform a MitM attack. If there's another meaning to Man in the Middle attack, I certainly don't know it. If that wasn't what your initial question was about, maybe try describing what your concern is instead?
-
@eddiethegun,+1 the part where you said "it's like putting a bank vault in your home and a 50-camera surveillance system and armed guards. Anyone who knows will assume you have some reason for the precaution." made me laugh real good...makes sence
@SelfSovereignty, +1 TY for your expertise and patience.
-
i didn't wanna come out and say it but, it would be more obvious for me to use a Tails rather than say a home computer to check tor info and browsing because i would just cause more attention to myself??
-
If you chose to use "Tails" it would not draw more attention to you.
-
not sure if it is what your asking, but if you would like to run tails only in the ram, runs faster and you can quickly wipe the ram. when the tails boot menu appears (where it says Live and Live (failsafe) )
hit tab and enter the boot parameter toram at the end. remember tails will need at least 1.5 or 2 gig of ram to load the os into. no persistence this way, which is good, just use a whole drive encrypted usb for the purpose of saving any information.
using tails or liberte doesnt make you more suspicious, just a little more secure.
never connect to tor from your home or phone. always from a bar, coffee shop, ect, and change it up! if there are only few people in your area and many many fewer using tor in your area it is easy to narrow down where tor traffic is coming from. cant tell what you are doing just that you are doing. especially true for vendors to be careful this way!