Silk Road forums
Discussion => Newbie discussion => Topic started by: WingWong on May 07, 2013, 04:21 am
-
What are the pros and cons of using TOR vs Liberte. I am thinking that with Liberte you can feel safer bookmarking as someone would need to hack it to even see your bookmarks.
Are exit nodes and all that better covered in Liberte over Tor?
Any thoughts welcome.
-
bump
-
maybe i can bump this to 50 then ask it in the security section :)
-
Note to self; I really wanna ask about putting BTC into other wallets before SR as well.
-
Have you heard good things about Linux Tails? Liberte Linux hasn't been updated since 2012 it appears, tails is updated just recently I think. From their website, it says you boot from live cd, and all internet traffic is routed through tor, and theres also pgp encrypt tools.... I have never used this linux you speak of, but by looking at tails site, it looks pretty stable for accessing sites like SR. What do you think?
-
All traffic in Liberte is routed through TOR as well but I'm with you and thought it was a long time since it's been updated. Cheers for the steer toward Tails. I'll check it out
-
Tails informed me that running it within a VM if the host is compromised then Tails is useless.
Makes sense.
Cannot get it to boot using a thumb drive and a mac that dual boots ubuntu usinf refind. Shitful, useless macs :)
-
So, it isn't "Tor vs. Tails vs. Liberte." It's Tails vs. Liberte, in a sense, but they both use Tor. Tails is just set up to funnel ALL traffic through Tor, whereas the Tor Browser Bundle is set up to only funnel Tor Browser traffic through Tor.
There are advantages and disadvantages to each. I'd also strongly recommend Tails over Liberte -- security patches are released all the time, and a project that hasn't been updated since 2012 (going off what another poster here said) is going to have missed out on all the security fixes for over a year. That may have nothing to do with any of the software you'd be using, or it could be the difference between getting caught and staying free. Who knows.
Linux refers to the Linux kernel. It's the core operating system -- it's the stuff that actually reads the files on the hard drive, sends data to the CPU to be number crunched, and all that low level stuff. Everything you click on is not "technically" Linux, it's a window manager or desktop environment -- like KDE, or whatever Ubuntu uses, or the graphical part of Windows. That's why there are so many different kinds of Linux systems -- under the hood it's all Linux, but the wrapping is as different as a sports car compared to a minivan.
Liberte and Tails both use Linux. (couldn't tell if you were being sarcastic about not hearing of Linux or what)
-
So, it isn't "Tor vs. Tails vs. Liberte." It's Tails vs. Liberte, in a sense, but they both use Tor. Tails is just set up to funnel ALL traffic through Tor, whereas the Tor Browser Bundle is set up to only funnel Tor Browser traffic through Tor.
There are advantages and disadvantages to each. I'd also strongly recommend Tails over Liberte -- security patches are released all the time, and a project that hasn't been updated since 2012 (going off what another poster here said) is going to have missed out on all the security fixes for over a year. That may have nothing to do with any of the software you'd be using, or it could be the difference between getting caught and staying free. Who knows.
Linux refers to the Linux kernel. It's the core operating system -- it's the stuff that actually reads the files on the hard drive, sends data to the CPU to be number crunched, and all that low level stuff. Everything you click on is not "technically" Linux, it's a window manager or desktop environment -- like KDE, or whatever Ubuntu uses, or the graphical part of Windows. That's why there are so many different kinds of Linux systems -- under the hood it's all Linux, but the wrapping is as different as a sports car compared to a minivan.
Liberte and Tails both use Linux. (couldn't tell if you were being sarcastic about not hearing of Linux or what)
I'm Using Liberte right now do i have to change To Tails?
-
the pure sketch factor of having an encoded virtual hard disk on your drive if your drive ever were seized.....
Personally, I run ubuntu and use a truecrypted partition in which all my information/TOR is stored. When I am done using TOR and/or reboot, the partition is locked and invisible. I like this because it's easy for me to shift through screens and doesn't eat up my memory. Also, the partition is heavily encrypted. I recommend this method for all storage of private/illicit activities.
-
the pure sketch factor of having an encoded virtual hard disk on your drive if your drive ever were seized.....
Personally, I run ubuntu and use a truecrypted partition in which all my information/TOR is stored. When I am done using TOR and/or reboot, the partition is locked and invisible. I like this because it's easy for me to shift through screens and doesn't eat up my memory. Also, the partition is heavily encrypted. I recommend this method for all storage of private/illicit activities.
well we have to get rid of the evidence and fast and well lol kinda hard to get rid of your harddrive imo
-
the pure sketch factor of having an encoded virtual hard disk on your drive if your drive ever were seized.....
Personally, I run ubuntu and use a truecrypted partition in which all my information/TOR is stored. When I am done using TOR and/or reboot, the partition is locked and invisible. I like this because it's easy for me to shift through screens and doesn't eat up my memory. Also, the partition is heavily encrypted. I recommend this method for all storage of private/illicit activities.
well we have to get rid of the evidence and fast and well lol kinda hard to get rid of your harddrive imo
Make a double truecrypt partition
http://www.truecrypt.org/
Basically, you will have a parition within a partition.
What you do is as follows:
1) Follow the instructions for creating a hidden partition
2) Throw all your TOR Bundle stuff in the HIDDEN partition. Run from here.
3) Delete logs every time you use the program (I am not sure where windows keeps log files..)
What happens if your shit is seized?
Basically, they will MAKE you give up the password to the outer partition. They will be able to see it. However, you don't give them the password to the Hidden partition--they can't see this. Your TOR bundle never existed...I delete all my log files with Secure Delete after using (this overwrites the fuck out of your data and makes it irrecoverable)
If you want, I will make a thread about this in more detail...I have to say that I prefer linux, however, because its easier to locate hidden files etc.
-
Actually, I believe that they can see hidden partitions with ease... I really don't see why a hidden partition within a hidden partition would be any different once they got into the outer hidden partition -- meaning they'd just take you back to court and say "give us the fucking password, dick," with extreme prejudice.
I don't know... if they're gonna do that, I don't see why they'd stop at just one, and I don't see how it would stay hidden when it must be nothing more than an encrypted file within the outer encrypted partition (if it were it's own physical partition on the disk, it wouldn't be hidden within another encrypted partition -- so it has to be just a file on the disk, I assume).
Also, no, you don't have to change to Tails. I generalized for a reason when I said it could be very-very-very bad and get you caught, or it could be 100% harmless and have no effect on you: namely that I don't honestly know. I'm not familiar enough with both projects to say.
I'd recommend not surfing the net carelessly with Liberte though, at least -- its browser has missed more than a year of security fixes...
-
Actually, I believe that they can see hidden partitions with ease... I really don't see why a hidden partition within a hidden partition would be any different once they got into the outer hidden partition -- meaning they'd just take you back to court and say "give us the fucking password, dick," with extreme prejudice.
I don't know... if they're gonna do that, I don't see why they'd stop at just one, and I don't see how it would stay hidden when it must be nothing more than an encrypted file within the outer encrypted partition (if it were it's own physical partition on the disk, it wouldn't be hidden within another encrypted partition -- so it has to be just a file on the disk, I assume).
Also, no, you don't have to change to Tails. I generalized for a reason when I said it could be very-very-very bad and get you caught, or it could be 100% harmless and have no effect on you: namely that I don't honestly know. I'm not familiar enough with both projects to say.
I'd recommend not surfing the net carelessly with Liberte though, at least -- its browser has missed more than a year of security fixes...
It's actually not easy at all; in fact, a Brazillian money launderer (talking millions) had his computer inadmissible. They even begged Truecrypt to help, but the cipher is far too complicated:
The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. federal police returned the equipment to Brazil in April.
According to the report, the fed only requested help from USA in early 2009, after experts from the National Institute of Criminology (INC) failed to decode the passwords on the hard drives. The government has no legal instrument to compel the manufacturer of the American encryption system or Dantas to give the access codes.
http://news.techworld.com/security/3228701/
but a hidden partition goes a bit further:
The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it should be impossible to prove whether there is a hidden volume within it or not*, because free space on any TrueCrypt volume is always filled with random data when the volume is created** and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.
http://www.truecrypt.org/docs/?s=hidden-volume
Basically, they can see the outer partition with some scoping. However, there IS no hidden partition--as far as it appears, it is random data. The only way you can get into the hidden partition is to provide the alternate password. I.E. they see ONLY one partition..Once you give them the password, they open up the "dummy" drive--that's it.... If you put in the other password, it will open the hidden partition. There is only "one" from an outside, forensic perspective. The rest is garbage data written in the same vein as what Dantas used.
-
So, here's the problem: it HAS to appear like a normal, unencrypted drive to the operating system or the computer won't work. If you don't have hardware doing that translation, you need software doing it.
Once the thing is mounted and unencrypted, it's not random junk in the file anymore. It's obviously a hidden partition sitting in the middle of the file system. There's always the possibility that I'm mistaken, but I just don't see how it's possible to mount the thing and not see a gigantic multi-gigabyte file sitting there. Note that I'm talking about AFTER they mount the outer partition, not before.
-
Liberte: you can build/compile your own easily
Tails: you have to trust the guys doing the project that they didn't change the sofwares before shipping those into tails...
Another way would be to install debian with a tor only firewall rule.. on a usb disk...
Anyway, avoid running it in a virtual machine as a keyloger or whatever in your host system would be rather bad for your ass...
-
cheers for all replies.