Silk Road forums
Discussion => Newbie discussion => Topic started by: nobodyenduser on September 25, 2013, 09:40 pm
-
I've read TOR isn't as safe as first thought and that the NSA probably could get to you if they really wanted to.
In one thread someone said they had a big antenna and can use the open wifi signal down the block but that is not feasible for me.
Should I worry about that if all I am doing is going to be making small purchases like $100 - $200 USD
Or is it worth the drive to the local place offering free wifi.
What do YOU do?
-
Neither?
From:
https://tails.boum.org/blueprint/vpn_support/
What we don't want
Some users have requested support for VPNs in Tails to "improve" Tor's anonymity. You know, more hops must be better, right?. That's just incorrect -- if anything VPNs make the situation worse since they basically introduce either a permanent entry guard (if the VPN is set up before Tor) or a permanent exit node (if the VPN is accessed through Tor).
Similarly, we don't want to support VPNs as a replacement for Tor since that provides terrible anonymity and hence isn't compatible with Tails' goal.
Not to mention you'd have to trust that VPN not to cave to gov.
Wifi on a public lan... I'm not too hip on that. It's much easier to fuck with a computer on your same lan than it is elsewhere. Not sure how this plays out with tor traffic though. I just don't fell comfortable with it.
-
Ok so you use tails? From your home connection?
-
I've set up something else... followed a few of the long tutorials in the security forum. vbox os stuff.
But yeah, I'd trust that. Many here use tails.
I'll try to look for a thread where a resident computer/security expert here lists the safety of setups.
-
I'll try to look for a thread where a resident computer/security expert here lists the safety of setups.
Would appreciate that. Though I am not sure how tails with TOR would be any better hiding what IP address you are accessing the SR from than TOR istself. I thought TAILS was just so there is no evidence left on your PC of what you did.
My idea was to sign up with a non US based VPN that does not log over a open HTTPS wifi with a vanilla visa bought with cash then use the VPN over the open wifi.
The only way they could tie it to me would be to check store video surveillance to see who bought the card with cash and that seems like to much work.
But I have already logged onto SR with this name from my home connection VPN + TOR but I do not trust the current vpn so I suppose I would have to create a new account
-
Dude with free wifi comes 0 encryption think about it not safe at all
There are lots of vpn's that openly admit to keeping records etc and lots that say they will close the servers and move before handing out info to LE I use one called private internet access as all you need is a email (easy to get with fake name etc) and they accept btc as payment but as I stoped being lazy I just got tails running as is much safer i believe
-
I'll try to look for a thread where a resident computer/security expert here lists the safety of setups.
Would appreciate that. Though I am not sure how tails with TOR would be any better hiding what IP address you are accessing the SR from than TOR istself. I thought TAILS was just so there is no evidence left on your PC of what you did.
I don't think it's about tor leaking your ip, since they both do use it.... it's more about other things leaking your ip. Like if you're just on the TorBB on windows, some part of windows can leak... as we just saw in the recent FBI freedomhosting attack. From that attack, I'm pretty sure the people using tails were safe... not positive, but I don't recall people mentioning tails users being infected.
My idea was to sign up with a non US based VPN that does not log over a open HTTPS wifi with a vanilla visa bought with cash then use the VPN over the open wifi.
The only way they could tie it to me would be to check store video surveillance to see who bought the card with cash and that seems like to much work.
But I have already logged onto SR with this name from my home connection VPN + TOR but I do not trust the current vpn so I suppose I would have to create a new account
Honestly, I'm no network expert... you gotta do what you feel is right.
But here's a thread talking about trustworthy VPN services:
http://dkn255hz262ypmii.onion/index.php?topic=177551.0
-
Dude with free wifi comes 0 encryption think about it not safe at all
There are lots of vpn's that openly admit to keeping records etc and lots that say they will close the servers and move before handing out info to LE I use one called private internet access as all you need is a email (easy to get with fake name etc) and they accept btc as payment but as I stoped being lazy I just got tails running as is much safer i believe
Well I thought using the open wifi connecting to a HTTPS site 128 bit SSL connection is secure enough just for the signup process. Then use the VPN over the open wifi connection. It make no use to sign up with a VPN like private internet access with a fake name from your home IP address which could be traced back to you.
I am still not sure how tails hides your home IP address any better than just TOR because i thought TAILS uses TOR
-
The best set up in my limited technical know how would be as follows
Tails + 2x VPN's (paid in bitcoin) + Onion Pi
That would be pretty secure I think...a bit much...but in my mind is sounds bullet proof.
-
I am still not sure how tails hides your home IP address any better than just TOR because i thought TAILS uses TOR
Didn't read my last post?
Yes, they both use tor. If you want to understand, read into the fbi freedomhost attack.
-
I am still not sure how tails hides your home IP address any better than just TOR because i thought TAILS uses TOR
Didn't read my last post?
Yes, they both use tor. If you want to understand, read into the fbi freedomhost attack.
No I did not see you last post when I wrote that. When I went to post i got the message that another post was posted would you like to continue? (or something like that) but I did not scroll down to see what it was (I am currently on a 10.1" netbook with a small screen)
I will read into the FBI freedom host attack
Thanks
-
Basically, Tails isn't widows based.
The FBI took over servers/sites... and when you visited them, it secretly injected malicious code which somehow gave up the IP of windows users. Well users that didn't have up to date tbb and javascript disabled.
People using linux or tails were not infected.
I guess windows is just real leaky compared to linux/tails
-
Yeah, I think it is definitely the right time to build that Linux box i have always been wanting to do but never got around to.
-
Yeah, I think it is definitely the right time to build that Linux box i have always been wanting to do but never got around to.
In the mean time, VirtualBox is quite user friendly.
-
Personally I think both TAILS and Liberte Linux on bootable USBs are both very secure options for buyers and good starting points to learn about Linux, PGP and Security in general.
As far as VPN's go, I recommend Private Internet Access, they keep no logs and only require an email address to sign up, plus you can pay with BTC for anonymity. You could always run Tor, your PGP program and a wallet from an encrypted USB stick and connect to Tor via the VPN.
Peace,
Sugarleaf