Silk Road forums
Discussion => Security => Topic started by: Nellion on October 21, 2012, 04:34 pm
-
So yeah, just got my flash drive setup to run Liberte. But, the https address for SR wont work for me, but the http address will. Is this really a concern since I'm using Liberte or should I find a way to fix it. If the latter should be sought, how do I go about fixing it?
Also, are there any other fun things to play around with on Liberte? I know about all the stuff in the sub-forum stickie, but are there any other things beyond that?
-
If I understood correctly, did you try: https://silkroadvb5piz3r.onin ?
In that case, no it won't work. Because the https wouldn't do anything.
Understand this difference well:
When you access a normal website using Tor, the data leaves the Tor network through an exit node. After that, it is no longer encrypted (with regular http), because it is no longer inside the Tor network. That is where the https protocol comes in: it encrypts traffic all the way until the final destination, the target website. So on regular websites, https is necessary if you send sensitive information to that website.
However, traffic to a .onion hidden service doesn't leave the Tor network. Because of that, it is never unencrypted, and therefore, there is no need for the https protocol. No .onion site ever has https (or if you find one that does, it's completely redundant).
-
Ok, thank you very much for the clarification! :D
I am just getting into all this cyber security stuff and still have much more to learn. Eventually I would like to be VERY well accomodated, perhaps even "clandestine expert" level, but obviously have MUCH more to learn.
As of now, I have my Liberte flash drive working, but it feels like there's much more I could be doing, or at least learning if not actually "installing and using programs" to better protect myself. I am just now starting to use GPG and learning to scrub meta tags from photos.
But, there are MANY more programs on Liberte that I've never heard of and don't know what they do. Are there any other useful programs on Liberte that would serve me well that I should know about? Or, even any advanced functions of GPG or UBuntu that I should know about.
Are there any resources or books that you can recommend?
-
Don't worry about it, all the cyber security stuff is a bit overwhelming at first, it takes a few weeks to get familiar with most things.
It's good that you've set up Liberté and it's good that you're thinking critically about security, that way you learn stuff. Continue like that and you'll be a clandestine expert one day ;-)
I haven't tested the latest version of liberté linux, but I have used some of the previous versions of it and it didn't really allow you to install software on it. I made the switch to linux Ubuntu. It's one of the most used Linux distributions and has a big group of people working on it, some of them very security minded.
If you use Ubuntu, it allows you to download the latest Tor browser bundle, TrueCrypt, software to remove image metadata, etc. Also, security upgrades are sent out almost immediately if a leak is detected. So that's something you can look into if you're interested.
There isn't that much written material out there on being clandestine on the web (at least not for people who want to visit SR), but I am working on that. So maybe you'll see a piece of guide from me in the future :p
-
So, in fact, there's not meta data scrubbing software pre-installed onto Liberte? I must have gotten confused somewhere along the way.
I'm sure there will be a lot of new information come forth in the coming months as far as security on SR goes. Isn't it amazing the vast array of people freedom brings together?
Scientists, engineers, IT specialists, drug addicts... It's a beautiful thing! :D
Anyhow, I for one, would be greatly appreciative if you took the time to write a guide on security for the forums. Hell, I'm sure if you're in-depth enough you would have success selling ebooks on SR at a nominal fee. I would be willing to pay a reasonable price for such info. I'm sure many others would be, as well.
Even an explanation of the basic functions of things and how they pertain to SR would be a great help! And then as people get more familiar you could incrementally increase the level of the material.