HomeLogin

Interesting talk coming up at Blackhat: How to break Tor

4 July, 2014 at 3:19 pm by anonymous!

You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” is the title of something interesting scheduled for this years “Blackhat” event.

The Tor network has been providing a reasonable degree of anonymity to individuals and organizations worldwide. It has also been used for distribution of child pornography, illegal drugs, and malware. Anyone with minimal skills and resources can participate on the Tor network. Anyone can become a part of the network. As a participant of the Tor network, you can choose to use it to communicate anonymously or contribute your resources for others to use. There is very little to limit your actions on the Tor network. There is nothing that prevents you from using your resources to de-anonymize the network’s users instead by exploiting fundamental flaws in Tor design and implementation. And you don’t need the NSA budget to do so. Looking for the IP address of a Tor user? Not a problem. Trying to uncover the location of a Hidden Service? Done. We know because we tested it, in the wild…

In this talk, we demonstrate how the distributed nature, combined with newly discovered shortcomings in design and implementation of the Tor network, can be abused to break Tor anonymity. In our analysis, we’ve discovered that a persistent adversary with a handful of powerful servers and a couple gigabit links can de-anonymize hundreds of thousands Tor clients and thousands of hidden services within a couple of months. The total investment cost? Just under $3,000. During this talk, we will quickly cover the nature, feasibility, and limitations of possible attacks, and then dive into dozens of successful real-world de-anonymization case studies, ranging from attribution of botnet command and control servers, to drug-trading sites, to users of kiddie porn places. The presentation will conclude with lessons learned and our thoughts on the future of security of distributed anonymity networks.
presented by
Alexander Volynkin & Michael McCord


Independence Day? 79% Of Americans Are Fine With The Current Level Of Tyranny

4 July, 2014 at 12:43 pm by anonymous!

Submitted by Michael Snyder of The American Dream blog,

On July 4th, the United States will celebrate Independence Day once again.  But who in the world are we trying to kid?  Our founders intended to create a society where freedom and liberty would be maximized, but that is not what America looks like today.  Instead, we live in a country that literally has millions of laws, rules and regulations.  We have a government that is obsessed with spying on the entire planet and that tries to watch, monitor, track and record as much information about all of us as it possibly can.  A “Big Brother” surveillance grid is being constructed all around us, and our militarized police are becoming more brutal with each passing day.  Sadly, most Americans don’t seem too alarmed by any of this.  In fact, a new Gallup survey has found that 79 percent of Americans are “satisfied” with the level of freedom in this nation.  That is a very alarming statistic.

If most people believe that everything is “just fine”, then our leaders are going to feel free to keep doing the same things that they have been doing.

That is why it is so frustrating that so many American “sheeple” appear to be so apathetic about the loss of our freedoms and our liberties.

But it was not all bad news in the Gallup survey.  Let’s take a look at the good news first…

The Good News

The good news is that Gallup has asked this question many times before, and over the years the percentage of Americans that are satisfied with the level of freedom in this country has been going down.  In fact, the latest figure of 79 percent is the lowest number that Gallup has ever recorded, and it puts us below 35 other countries

Seventy-nine percent of US residents are satisfied with their level of freedom, down from 91 percent in 2006, according to the Gallup survey, released Tuesday.

 

That 12-point drop pushes the United States from among the highest in the world in terms of perceived freedom to 36th place, outside the top quartile of the 120 countries sampled, trailing Paraguay, Rwanda, and the autonomous region of Nagorno-Karabakh.

So yes, Americans are way too apathetic about the loss of our freedoms and liberties, but at least the numbers are going in the right direction.

That shows that we are making progress.

And other recent surveys show this progress as well.

For example, according to a new report from the Pew Research Center, 74 percent of Americans do not believe that they have “to give up privacy in order to be safe from terrorism”.

That is a good sign.

And Americans are more dissatisfied with the federal government than ever before as well.

Gallup has found that a whopping 79 percent of Americans believe that there is widespread corruption throughout the government.

That is a new all-time high.

And Gallup has also discovered that confidence in Congress has fallen to a brand new all-time record low…

Americans’ confidence in Congress has sunk to a new low. Seven percent of Americans say they have “a great deal” or “quite a lot” of confidence in Congress as an American institution, down from the previous low of 10% in 2013. This confidence is starkly different from the 42% in 1973, the first year Gallup began asking the question.

In fact, Gallup found that confidence in all three branches of the federal government is declining.

So there are definitely signs that the American people are waking up.

But the numbers also show that there is still so much work to do.

The Bad News

The bad news is that most of the country still appears to be deeply asleep.  Our liberties and freedoms are eroding with each passing day, and most Americans simply do not care.

Most Americans don’t seem to care that the TSA is fondling thousands of women and children in airports all over the nation every single day.

Most Americans don’t seem to care that the NSA is recording billions of our phone calls and emails.

Most Americans don’t seem to care that our police are becoming increasingly militarized.  As I wrote about the other day, there were only about 3,000 SWAT raids in the United States back in 1980.  But today, there are more than 80,000 SWAT raids per year in this country.

Most Americans don’t seem to care that a baby was recently maimed for life when a police officer threw a grenade into his crib during a SWAT team raid.

Most Americans don’t seem to care that police recently tasered a man 18 times.  In fact, it barely made a blip on the national news.

Most Americans don’t seem to care that the Obama administration has discussed making gun owners wear RFID tracking bracelets.

Most Americans don’t seem to care that a new California law would allow police to confiscate guns based on accusation alone.

Most Americans don’t seem to care that our public schools have been transformed into “Big Brother” indoctrination centers.

Most Americans don’t seem to care that the U.S. border is considered to be a “Constitution-free zone” where officials can freely grab your computer and copy your hard drive.

Most Americans don’t seem to care that people are being sent to prison for collecting rain water on their own property.

Most Americans don’t seem to care that facial recognition technology is being installed all over the nation.

Most Americans don’t seem to care that the Obama administration has expressed a desire to establish a national DNA database.

Most Americans don’t seem to care that our cell phones are essentially high tech surveillance devices.

Most Americans don’t seem to care that if you type the wrong thing into a search engine that the police could come knocking on your door.

Most Americans don’t seem to care that local governments all over the country are now using automated license plate readers to scan our license plates.

Most Americans don’t seem to care that the federal government is grabbing hundreds of thousands of acres of private land all over the country.

Most Americans don’t seem to care that Bible-believing Christians are regularly identified as “religious extremists” in official government training materials.

Most Americans don’t seem to care that the federal government has identified dozens of different categories of Americans as “potential terrorists“.

Most Americans don’t seem to care that we have a president that is treating the Constitution like a piece of toilet paper.

I could go on for hours, but I think that you get the point.

We are becoming a little bit more like tyrannical regimes such as Nazi Germany and North Korea with each passing day.

We aren’t there yet, but that is the path that we are on.

And once our liberties and freedoms are gone, they will be exceedingly difficult to ever get back.

So please help us wake up more Americans while we still can.

Time is running out.


Are You Targeted By The NSA?

4 July, 2014 at 12:42 pm by anonymous!

Meet XKeyscore – “a computer network exploitation system”, as described in an NSA presentation, devoted to gathering “nearly everything a user does on the internet.” The German site Das Erste has exposed the shocking truth about the rules used by the NSA to decide who is a “target” for surveillance. While the NSA claims to only “target” a small fraction of internet users, the perhaps unsurprising truth is very different. As Boing Boing concludes, one expert suggested that the NSA’s intention here was to separate the sheep from the goats — to split the entire population of the Internet into “people who have the technical know-how to be private” and “people who don’t” and then capture all the communications from the first group.

As Das Erste describes it,

The NSA program XKeyscore is a collection and analysis tool and “a computer network exploitation system”, as described in an NSA presentation. It is one of the agency’s most ambitious programs devoted to gathering “nearly everything a user does on the internet.” The source code contains several rules that enable agents using XKeyscore to surveil privacy-conscious internet users around the world. The rules published here are specifically directed at the infrastructure and the users of the Tor Network, the Tails operating system, and other privacy-related software.

And Cory Doctorow of Boing Boing summarizes,

In a shocking story on the German site Tagesschau (Google translate), Lena Kampf, Jacob Appelbaum and John Goetz report on the rules used by the NSA to decide who is a “target” for surveillance.

page1-1650px-XKeyscore_presentation_from_2008.pdf

Since the start of the Snowden story in 2013, the NSA has stressed that while it may intercept nearly every Internet user’s communications, it only “targets” a small fraction of those, whose traffic patterns reveal some basis for suspicion. Targets of NSA surveillance don’t have their data flushed from the NSA’s databases on a rolling 48-hour or 30-day basis, but are instead retained indefinitely.

The authors of the Tagesschau story have seen the “deep packet inspection” rules used to determine who is considered to be a legitimate target for deep surveillance, and the results are bizarre.

page1-1458px-Tor_Stinks.pdf

According to the story, the NSA targets anyone who searches for online articles about Tails — like this one that we published in April, or this article for teens that I wrote in May — or Tor (The Onion Router, which we’ve been posted about since 2004). Anyone who is determined to be using Tor is also targeted for long-term surveillance and retention.

Tor and Tails have been part of the mainstream discussion of online security, surveillance and privacy for years. It’s nothing short of bizarre to place people under suspicion for searching for these terms.

More importantly, this shows that the NSA uses “targeted surveillance” in a way that beggars common sense. It’s a dead certainty that people who heard the NSA’s reassurances about “targeting” its surveillance on people who were doing something suspicious didn’t understand that the NSA meant people who’d looked up technical details about systems that are routinely discussed on the front page of every newspaper in the world.

Tor-Anonymity-Tor-path

But it’s not the first time the NSA has deployed specialized, highly counterintuitive wordsmithing to play games with the public, the law and its oversight. From James Clapper’s insistence that he didn’t lie to Congress about spying on Americans because he was only intercepting all their data, but not looking at it all; to the internal wordgames on evidence in the original Prism leak in which the NSA claimed to have “direct access” to servers from Google, Yahoo, Microsoft, Apple, etc, even though this “direct access” was a process by which the FBI would use secret warrants to request information from Internet giants without revealing that the data was destined for the NSA.

I have known that this story was coming for some time now, having learned about its broad contours under embargo from a trusted source. Since then, I’ve discussed it in confidence with some of the technical experts who have worked on the full set of Snowden docs, and they were as shocked as I was.

One expert suggested that the NSA’s intention here was to separate the sheep from the goats — to split the entire population of the Internet into “people who have the technical know-how to be private” and “people who don’t” and then capture all the communications from the first group.

nsarules

Another expert said that s/he believed that this leak may come from a second source, not Edward Snowden, as s/he had not seen this in the original Snowden docs; and had seen other revelations that also appeared independent of the Snowden materials. If that’s true, it’s big news, as Snowden was the first person to ever leak docs from the NSA. The existence of a potential second source means that Snowden may have inspired some of his former colleagues to take a long, hard look at the agency’s cavalier attitude to the law and decency.

* * *

And just this week it was all found perfectly legal… But it appears the US continues to make friends wherever it goes…

The German attorney Thomas Stadler, who specializes in IT law, commented: “The fact that a German citizen is specifically traced by the NSA, in my opinion, justifies the reasonable suspicion of the NSA carrying out secret service activities in Germany.

For this reason, the German Federal Public Prosecutor should look into this matter and initiate preliminary proceedings.”

So now you know – you are all being watched…


Scammers Gonna Scam (doh!)

4 July, 2014 at 10:25 am by anonymous!

Quite a few upset people are currently using various comment sections on this blog to complain that they did not get what they paid for when they were trying to buy stolen credit cards from anonymous people.

People who sell stolen credit cards are criminals (and so are you when you try to buy them). What, exactly, do you expect will happen?


Tails Linux version 1.0 released

1 May, 2014 at 5:38 pm by anonymous!

Tails Linux version 1.0 released: a Debian-based distribution known for its strong privacy features and pre-configured for anonymous web browsing

After nearly five years of development, Tails[1], a Debian-based distribution known for its strong privacy features and pre-configured for anonymous web browsing, has reached version 1.0: “Tails, The Amnesic Incognito Live System, version 1.0, is out. Version 1.0 is often an important milestone that denotes the maturity of a free software project. The first public version of what would become Tails was released on June 23 2009, when it was called Amnesia. That was almost five years ago.

Tails 1.0 marks the 36th stable release since then. Since then we have been working on the many features we think are essential both in terms of security and usability: USB installer; automatic upgrades; persistence; support for Tor bridges and other special Tor configuration; MAC address spoofing; extensive and translated documentation.” Read the rest of the release announcement[2] for a full changelog and a note on future plans. Download[3] from here[4]: tails-i386-1.0.iso (909MB, torrent[5]).

- http://distrowatch.com/?newsid=08413

[1] http://distrowatch.com/tails
[2] https://tails.boum.org/news/version_1.0/index.en.html
[3] https://tails.boum.org/download/index.en.html
[4] http://dl.amnesia.boum.org/tails/stable/tails-i386-1.0/tails-i386-1.0.iso
[5] https://tails.boum.org/torrents/files/tails-i386-1.0.torrent


New Darknet Market with MultiSignature: Hydra

16 April, 2014 at 11:18 pm by anonymous!

A new darknet marketplace called Hydra has appeared and it is offering users the Bitcoin multisignature technology. In short this technology requires that two of three parties must agree on a transaction for it to complete.

Multi-signature transactions will supposedly lower the risk for both buyers and vendors. If the buyer and seller agree then the transaction can complete. If there is a dispute then the transaction can complete if the buyer and Hydra agrees (Hydra sides with buyer) or if the vendor and Hydra agrees (Hydra sides with seller).

It must be mentioned that we at Anonymous on the Internet(s) can setup our own little darknet marketplace and add dozens of vendor listings who are all fronts for us. This makes us both the vendor and the marketplace and puts us in a position to scam everyone as much as we feel like doing.

The hydra marketplace can be found at this URL: http://hydrampvvnunildl.onion/

Their links require a referral link so this link will not allow you or your family access to the site but it will show you that it is in fact there.


Beware of scams on “The Hidden Wiki”

25 March, 2014 at 9:41 pm by anonymous!

It is clear that “The Hidden Wiki” tor website is now used to promote scams.

One reader writes:

I warn you also about the Real Cards Team. Ive lost 120 bucks.

Be careful out there!


Utopia market place closed after 7 days, Silk Road 2.0 steals everyone’s BTC – again

13 February, 2014 at 9:09 pm by anonymous!

Black Market Reloaded and the guys who ran it came back with a brand new marketplace about a week ago. This new marketplace, named “Utopia”, was busted by the police yesterday.

Today the operators of the Silk Road 2.0 “marketplace” announced that they were “hacked”.

Their story is this:

Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as “transaction malleability” to repeatedly withdraw coins from our system until it was completely empty.

This story may sound plausible if you have no clue what “transaction malleability” means.

The formerly relevant joke of an exchange MtGox recently stopped processing BTC withdraws due to their buggy PHP implemented Bitcoin daemon and they released a press release saying “transaction malleability” was the reason (reality is that this was used to exploit other bugs in their software – not the underlying problem). The MtGox press release has made the term commonly known and this was probably why the Silk Road 2.0 team decided that this would be a good excuse when they outright stole everyone’s Bitcoin for the second time. Yep, it’s actually not the first time they’ve done this.

“oops, tx malleability, we have no more coins, g2g”

In short: It’s clear from the SR2 statement that it’s a half-baked lie and that the operators of SR2 outright stole all the BTC locked up there. And it’s no coincidence that they did this the day after their main competitor was busted by the Dutch police.

 


livelyblog.com | Random blog | Login | Get your own blog | ^^^
anonymous.livelyblog.com/Login