Silk Road forums

Discussion => Security => Topic started by: Duckman on June 14, 2012, 04:26 pm

Title: UK getting ISPs to report on internet activity
Post by: Duckman on June 14, 2012, 04:26 pm
http://www.zdnet.co.uk/news/security-threats/2012/06/14/snoopers-charter-will-force-isps-to-monitor-facebook-twitter-40155386/

I would bet they add tor activity to the list.

Its not enough to actually incriminate anyone but it definatley would mean that the police would be able to more easily target tor users as they represent only a small number of total internet users.

Nothing to worry abut yet but this could definately grow.
Title: Re: UK getting ISPs to report on internet activity
Post by: Kappacino on June 14, 2012, 05:17 pm
Is it even possible for ISPs to tell that you are using tor?
Title: Re: UK getting ISPs to report on internet activity
Post by: quietguy on June 14, 2012, 06:53 pm
Yes, it is possible,  the TOR relays are well known.. :'(
Title: Re: UK getting ISPs to report on internet activity
Post by: NeutronMan on June 14, 2012, 07:33 pm
Yes, it is possible,  the TOR relays are well known.. :'(
I hear that not if you use bridges.
Title: Re: UK getting ISPs to report on internet activity
Post by: KarmaComa on June 16, 2012, 10:45 pm
using public wifi is better then?
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 16, 2012, 11:46 pm
using public wifi is better then?

No, hacking your neighbors wifi and spoofing your MAC address and computer name as one of theirs is best because then you don't need to leave your lounge / bedroom.

Quote from: NeutronMan

I hear that not if you use bridges.

A private bridge you have made yourself or really trust and know every other user + a protocol obfuscator such as obfsproxy which you have set up correctly.

+ a tin foil hat if you feel the need  8)

But seriously in the UK the first two are a must. (Own Bridge + Obfsproxy).
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 16, 2012, 11:57 pm
No, hacking your neighbors wifi and spoofing your MAC address and computer name as one of theirs is best because then you don't need to leave your lounge / bedroom.
this works until the feds show up at your neighbor's house - http://www.wired.com/images_blogs/threatlevel/2011/07/ardolffedssentencingmemo.pdf - of course if you're properly isolating your internet facing applications this won't happen to you.

He only got caught because he started fucking kissing the neighbors kids infront of their parents, what a pedo. If you just piggy back on the back of their wireless and never talk to them, taking all the precautions I mentioned above, then there's nothing to worry about.
Title: Re: UK getting ISPs to report on internet activity
Post by: vlad1m1r on June 17, 2012, 12:02 am
using public wifi is better then?

No, hacking your neighbors wifi and spoofing your MAC address and computer name as one of theirs is best because then you don't need to leave your lounge / bedroom.

Quote from: NeutronMan

I hear that not if you use bridges.

A private bridge you have made yourself or really trust and know every other user + a protocol obfuscator such as obfsproxy which you have set up correctly.

+ a tin foil hat if you feel the need  8)

But seriously in the UK the first two are a must. (Own Bridge + Obfsproxy).

Nice to know my humble tutorial I put together earlier today wasn't entirely in vain! :-0

V.
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 17, 2012, 12:16 am
??? he wasn't deanonymized until this happened:
Quote
After the May 6, 2009 email was sent to the Vice President and other public officials, investigator Johnson reviewed the “packet capture” data from around the time the email was sent. Searching through the activity surrounding the day the threat email was sent to the Vice President, Ardolf’s name and Comcast account were visible on the data pulled from the Kostolniks’ router. The text of the threat email was also contained in the “packet capture” data, and a review of the data also revealed that the same computer that transmitted the data containing Ardolf’s name and Comcast account also sent the threat email.

The “packet capture” data was provided to SA Robert Cameron of the FBI’s Cyber Crime Task Force. Agent Cameron analyzed the data and also learned, by way of grand jury subpoena, that Ardolf had Comcast Internet service. With this information, combined with other evidence developed during his investigation, Agent Cameron obtained a warrant to search Ardolf’s residence.
he got caught because he leaked pii, not because he was a creepy fuck. it could happen to anybody using the tor daemon on the same computer as other internet facing apps.

How would Tor leak the computer build and model to Yahoo webmail?

He's a fuck because he didn't encrypt any of his computers or thumb drives. If he had their wouldn't even be a case.

He was sloppy, I mean leaving a guide on your desk at work called "Cracking WEP using Bakctrack for Beginners" I mean Jesus, seriously? What was this guy, 12?
Title: Re: UK getting ISPs to report on internet activity
Post by: kmfkewm on June 17, 2012, 01:58 am
Quote
No, hacking your neighbors wifi and spoofing your MAC address and computer name as one of theirs is best because then you don't need to leave your lounge / bedroom.

Yeah that will buy you approximately five minutes of extra time, that is about how long it takes to trace a Wifi signal with a directional antenna. Using Wifi for anonymity is only helpful if you do it for short periods of time from random locations. Thousands of people who used neighbors Wifi for anonymity have been busted.
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 17, 2012, 02:35 am
Quote
No, hacking your neighbors wifi and spoofing your MAC address and computer name as one of theirs is best because then you don't need to leave your lounge / bedroom.

Yeah that will buy you approximately five minutes of extra time, that is about how long it takes to trace a Wifi signal with a directional antenna. Using Wifi for anonymity is only helpful if you do it for short periods of time from random locations. Thousands of people who used neighbors Wifi for anonymity have been busted.

You can trace the location of the router giving out the wireless signal, but I'm not aware of anything that allows you to trace a computer accessing the wireless network.

Those people have been busted because they didn't spoof an existing computer on the network and so blatantly showed up as a foreign object, which must be a house within XYZ distance, say 20 meters, so one of two houses either side of the house where the router is.

At any rate, a full drive encryption of your hard drive would make you safe even if you were caught.
Title: Re: UK getting ISPs to report on internet activity
Post by: kmfkewm on June 17, 2012, 04:04 am
You can trace ANY wireless signal including the signal that the network adapter of the foreign computer sends to the wireless router. You do realize that a wireless signal is sent in both directions right, or did you skip that class when you were getting your masters lol.
Title: Re: UK getting ISPs to report on internet activity
Post by: kmfkewm on June 17, 2012, 04:08 am
In fact in many cases it is now standard procedure for law enforcement to check if someone is having their wifi stolen prior to raiding them

http://www.geek.com/articles/chips/wireless-router-exposes-child-predators-using-the-internet-20090615/

here this details one device they use:

http://www.pcworld.com/article/238107/cops_use_device_to_find_child_porn_on_wireless_networks.html

It used to be they would always raid the person whose IP address showed up in their investigations, but now they are more patient and will analyze wireless connections prior to determining who to raid. So no, using neighbors wifi is not very helpful. It is better than not, but only very slightly.

Title: Re: UK getting ISPs to report on internet activity
Post by: mooshroom on June 17, 2012, 12:47 pm
Neighbors WIFI can be used as Tor membership concealment, so if the ISP harvests every IP that was connected to a Tor node, you won't be in the list. You can use a bridge to do the same, but if the ISP keep logs of your connections like here and will soon in the UK, the police can find out if your IP was connected to a bridge in a given time frame by trying to use those unknown IP as a Tor bridge. (I learned this from kmfkewm btw.) If the bridge is still alive, they can prove that you were using Tor at that time through a bridge. Of course you have to be already a suspect somehow.

If  I'd have to choose between neighbors WIFI+Tor or my own IP+Tor, I'd still go with the neighbors. Feds needs to crack Tor to get to the neighbors location, than monitor it until I connect to it again to trace me. Gives additional security layers from multiple ways of attack.

WPA2 is considered unbreakable by the law here. Or at least in one case it was a proof in itself that the WLAN was only used by the associated client so a judge won't even considered that the AP with WPA2 could have been hacked.
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 17, 2012, 12:48 pm
In fact in many cases it is now standard procedure for law enforcement to check if someone is having their wifi stolen prior to raiding them

http://www.geek.com/articles/chips/wireless-router-exposes-child-predators-using-the-internet-20090615/

here this details one device they use:

http://www.pcworld.com/article/238107/cops_use_device_to_find_child_porn_on_wireless_networks.html

It used to be they would always raid the person whose IP address showed up in their investigations, but now they are more patient and will analyze wireless connections prior to determining who to raid. So no, using neighbors wifi is not very helpful. It is better than not, but only very slightly.

Neither of these articles point to a magic device that reads the waves going two ways and draws a map showing where the using laptop is, infact article 1 just says they can find out where the router is:

Quote
"In the van, the hard drive is attached to the forensic machine, and analyzed with one of several forensic software programs, to reveal file structure, and images. The details of how the offending router is originally tracked down were not made available to the public. However, outside the van, the FDLE were using a Yagi tuner. It looks like a curved dowsing stick for locating water, but they use it to locate a particular wireless router. It looks for a specific signal strength and points toward the apartment where that router, and the porno collector can be found."

I could do this with my phone...

Article two is just as dumb. All the have is a device like my phone which tells them if a wireless network is secure or insecure, so they can get an idea whether it's likely to be the homeowner or a neighbor piggy backing. Then they can look at where the signal is strongest and have a rough idea although this is incredibly unreliable and still not  a magical mapping device. If for example a neighbor and the homeowner were using the wireless at the same time (not uncommon, even if the homeowner just has an iPhone that's on...) then the police device would be useless as fuck. Also what if the network is encrypted, which most are, then the police device is useless as fuck too, which is why in my original post if you learn to read you'll see I say "break in" to a wireless network, such as performing a Reaver attack in Backtrack against a WPA network which the police won't even believe you'll have been able to get in to and will think the homeowner is talking mumbo jumbo.

Also here in the UK and Europe in court you, the owner, are liable for anything done over your wireless network if it is insecure, such as torrents or child porn.
Title: Re: UK getting ISPs to report on internet activity
Post by: oscarzululondon on June 17, 2012, 12:49 pm
WPA2 is considered unbreakable by the law here. Or at least in one case it was a proof in itself that the WLAN was only used by the associated client so a judge won't even considered that the AP with WPA2 could have been hacked.

Exactly, someone with a brain, thank you mooshroom.
Title: Re: UK getting ISPs to report on internet activity
Post by: NeutronMan on June 17, 2012, 01:08 pm
In fact in many cases it is now standard procedure for law enforcement to check if someone is having their wifi stolen prior to raiding them

http://www.geek.com/articles/chips/wireless-router-exposes-child-predators-using-the-internet-20090615/

here this details one device they use:

http://www.pcworld.com/article/238107/cops_use_device_to_find_child_porn_on_wireless_networks.html

It used to be they would always raid the person whose IP address showed up in their investigations, but now they are more patient and will analyze wireless connections prior to determining who to raid. So no, using neighbors wifi is not very helpful. It is better than not, but only very slightly.
Wow, thanks, kmfkewm for this valuable information.

NM
Title: Re: UK getting ISPs to report on internet activity
Post by: kmfkewm on June 17, 2012, 01:36 pm
WPA2 is considered unbreakable by the law here. Or at least in one case it was a proof in itself that the WLAN was only used by the associated client so a judge won't even considered that the AP with WPA2 could have been hacked.

Exactly, someone with a brain, thank you mooshroom.

Actually article two details a device for pinpointing laptops that are piggybacking on open wireless, did you fail reading comprehension when you were getting your masters degree in computer bullshit? You send data to wireless router. It sends data back to you. If it didn't send data back to you, then you couldn't very well surf the internet with it. If you didn't send data to it, you couldn't very well surf the internet with it. I don't understand how you can possibly think that you can locate the router without being able to locate the devices the send signals to it. Anyway I could give you links to literally dozens of news stories and technical papers about tracing wireless signals and people being traced while using neighbors WiFi, but I already gave you two and don't feel like wasting my time on an obvious troll / fed. Please by all means continue using Linux BSD with a two character password with a bridge you got from a drug forum  using your neighbors wifi without using LE backdoored truecrypt, after all you have a masters in IT security so that must be the way to do things right!
Title: Re: UK getting ISPs to report on internet activity
Post by: mooshroom on June 17, 2012, 01:38 pm
WPA2 is considered unbreakable by the law here. Or at least in one case it was a proof in itself that the WLAN was only used by the associated client so a judge won't even considered that the AP with WPA2 could have been hacked.

Exactly, someone with a brain, thank you mooshroom.

Wow, hold up, I wrote this so you can see how stupid is my government. And they did not take WPS into account. I'm sure (I hope) a good expert will shed some light to these insecurities on the next trial when this issue comes up again.

More than 40% of WPA has WPS around here.
11% of APs are WEP. Some of them has other security measures like MAC and IP filtering but still WEP.

WPA can be cracked more easily if someone can get intel about the owner, like if I trace the signal or able link the SSID to a neighbor, got his name, address, type of car, look him up on the net, break into his house and install keylogger or whetever, use all that info to build a password list etc.
Title: Re: UK getting ISPs to report on internet activity
Post by: kmfkewm on June 17, 2012, 01:44 pm
Quote
Also what if the network is encrypted, which most are

You should write a paper about how encryption prevents traffic analysis, the cryptosystem you have discovered is ground breaking! That is like saying you can follow a postcard around as it blows in the wind, but not a letter because it is inside an envelope.

On the off chance that you are not fed or troll, I have some advice for you. Learn what the fuck you talk about, before you sound like total idiot. You quite apparently don't know jack shit about these things, and every time you say something it makes you sound even stupider than before.
Title: Re: UK getting ISPs to report on internet activity
Post by: NeutronMan on June 17, 2012, 04:18 pm
This is getting over my head, boys.

NM