Silk Road forums

Discussion => Security => Topic started by: yjQ0ESOiM on October 25, 2011, 04:59 pm

Title: Could SR get Hacked?
Post by: yjQ0ESOiM on October 25, 2011, 04:59 pm
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?
Title: Re: Could SR get Hacked?
Post by: Electrogasm666 on October 26, 2011, 08:16 am
If the main site had any vulnerabilities, it would have almost surely already been hacked in attempt to get at the site and/or the users' bitcoin wallets -- I'm sure multiple blackhats have already tried.

So it's probably safe from most attacks at the moment, but if whoever admins the site doesn't stay on top of new security vulnerabilities there's always potential for a successful breach in the future.

Also, it should be noted that this forum is probably slightly less secure and could be hacked without gaining access to the main site, so don't use the same password on both sites if you really want to be cautious.
Title: Re: Could SR get Hacked?
Post by: flavourful on October 27, 2011, 02:43 am
i feel like anything CAN be hacked given time and motivation, but i dont think theres anything to be worried about.
Title: Re: Could SR get Hacked?
Post by: ProudCannabian on October 27, 2011, 04:30 am
Look at the story of the enigma machines of WWII.
Any communication, given time, can be broken down.
The very fact that a system is on the internet means, given time and knowhow, someone could conceivably break into it.
That being said, it is always good, as others have mentioned, to PGP any communications you have with vendors, and for goodness sakes, DON'T USE SR AS YOUR STORAGE WALLET.  If the site goes down, or is nabbed by hacks, your bitcoins are gone.
Title: Re: Could SR get Hacked?
Post by: security on November 12, 2011, 12:42 pm
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

You got it all wrong. The .onion sites themselves were not hacked. There are two ways that the police could have gotten hold of the data on those sites: (1) they got hold of the actual, real, physical servers hosting the .onion sites. (2) the .onion sites were configured wrong and somehow leaked sensitive information, such as the real IP address.
Title: Re: Could SR get Hacked?
Post by: rodger909 on November 12, 2011, 12:46 pm
i feel like anything CAN be hacked given time and motivation, but i dont think theres anything to be worried about.

 that what i would say to, but as said use a different password for this and the main site, don't leave anything in your wallet, encrypt your messages and all should be fine.



i think lol
Title: Re: Could SR get Hacked?
Post by: lazypeepsarebusted on November 13, 2011, 01:13 pm
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

You got it all wrong. The .onion sites themselves were not hacked. There are two ways that the police could have gotten hold of the data on those sites: (1) they got hold of the actual, real, physical servers hosting the .onion sites. (2) the .onion sites were configured wrong and somehow leaked sensitive information, such as the real IP address.

No he got it all right. The servers were rooted and the feds got their IP addresses in this way. Even if you have Tor properly configured it does absolutely nothing to protect from a hacker rooting you and getting your IP address in this way. It is called an application layer proxy bypass attack, and it is probably the #1 way that people/servers who use Tor are traced. Feds very rarely do this sort of attack, and they don't seem very skilled at it yet, but times are changing. They are starting to buy sophisticated premade attack tools from corporations, essentially privatized mercenary intelligence agencies, who have skilled people working for them. Thankfully real intelligence agencies tend to buy up the real sophisticated stuff, and they seem to keep it secret instead of sharing it with LE. Regardless, to protect from this sort of attack you need to use isolation techniques. The easiest way to get strong protection from this sort of attack is to run network facing applications in their own virtual machines. Use host only routing to connect them to a separate VM that runs Tor, a shared host only virtual network adapter and NAT. Now even if your network facing applications VM is hacked and its VM rooted, the attacker can not get your real IP address from it unless they break out of the VM to the host or find an additional exploitable vulnerability in the Tor application. They can reduce your anonymity from traffic analysis attacks from this positioning though.

In short, if you don't use isolation techniques like this and your web server or firefox or pidgin or whatever are hacked, the attacker can get your IP address.

If you do use isolation techniques like this and your non-hidden service configuration machine is rooted like this, the attacker can reduce your anonymity to that of a hidden services, meaning they can quickly trace you to your entry guards but they can't get your IP address without additionally compromising one of your guard nodes. The anonymity provided by a hidden service on a rooted VM is not decreased if you use isolation techniques like this. You should additionally be using GPG so that even if the server you communicate through is hacked, the attacker can not eavesdrop on your communications.

If you want to be super uber you can also use airgaps or virtualized airgaps to protect your encryption keys and plaintexts from a hacker who roots your firefox VM. I strongly suggest doing this, but it is extremely tedious and currently has no simple implementation.
Title: Re: Could SR get Hacked?
Post by: security on November 13, 2011, 03:02 pm
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

You got it all wrong. The .onion sites themselves were not hacked. There are two ways that the police could have gotten hold of the data on those sites: (1) they got hold of the actual, real, physical servers hosting the .onion sites. (2) the .onion sites were configured wrong and somehow leaked sensitive information, such as the real IP address.

No he got it all right. The servers were rooted and the feds got their IP addresses in this way. Even if you have Tor properly configured it does absolutely nothing to protect from a hacker rooting you and getting your IP address in this way. It is called an application layer proxy bypass attack, and it is probably the #1 way that people/servers who use Tor are traced. Feds very rarely do this sort of attack, and they don't seem very skilled at it yet, but times are changing. They are starting to buy sophisticated premade attack tools from corporations, essentially privatized mercenary intelligence agencies, who have skilled people working for them. Thankfully real intelligence agencies tend to buy up the real sophisticated stuff, and they seem to keep it secret instead of sharing it with LE. Regardless, to protect from this sort of attack you need to use isolation techniques. The easiest way to get strong protection from this sort of attack is to run network facing applications in their own virtual machines. Use host only routing to connect them to a separate VM that runs Tor, a shared host only virtual network adapter and NAT. Now even if your network facing applications VM is hacked and its VM rooted, the attacker can not get your real IP address from it unless they break out of the VM to the host or find an additional exploitable vulnerability in the Tor application. They can reduce your anonymity from traffic analysis attacks from this positioning though.

Dude, read the sentence I wrote one more time? Yes, the servers were rooted and the feds got the IP address that way. The feds did not hack Tor, the hidden service component or the .onion website.
Title: Re: Could SR get Hacked?
Post by: lazypeepsarebusted on November 13, 2011, 03:20 pm
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

You got it all wrong. The .onion sites themselves were not hacked. There are two ways that the police could have gotten hold of the data on those sites: (1) they got hold of the actual, real, physical servers hosting the .onion sites. (2) the .onion sites were configured wrong and somehow leaked sensitive information, such as the real IP address.

No he got it all right. The servers were rooted and the feds got their IP addresses in this way. Even if you have Tor properly configured it does absolutely nothing to protect from a hacker rooting you and getting your IP address in this way. It is called an application layer proxy bypass attack, and it is probably the #1 way that people/servers who use Tor are traced. Feds very rarely do this sort of attack, and they don't seem very skilled at it yet, but times are changing. They are starting to buy sophisticated premade attack tools from corporations, essentially privatized mercenary intelligence agencies, who have skilled people working for them. Thankfully real intelligence agencies tend to buy up the real sophisticated stuff, and they seem to keep it secret instead of sharing it with LE. Regardless, to protect from this sort of attack you need to use isolation techniques. The easiest way to get strong protection from this sort of attack is to run network facing applications in their own virtual machines. Use host only routing to connect them to a separate VM that runs Tor, a shared host only virtual network adapter and NAT. Now even if your network facing applications VM is hacked and its VM rooted, the attacker can not get your real IP address from it unless they break out of the VM to the host or find an additional exploitable vulnerability in the Tor application. They can reduce your anonymity from traffic analysis attacks from this positioning though.

Dude, read the sentence I wrote one more time? Yes, the servers were rooted and the feds got the IP address that way. The feds did not hack Tor, the hidden service component or the .onion website.

Tor is the hidden service component of the website, and no it was not hacked in either case. The .onion websites themselves were indeed hacked, Tor was not hacked. What you should say is that the feds hacked the .onion websites via vulnerabilities in php scripts they were hosting. Also, I don't think you even originally intended to say what you are trying to twist what you said into sounding like so please just admit you were wrong instead of trying to act like I didn't properly read what you wrote.
Title: Re: Could SR get Hacked?
Post by: Cgault on November 13, 2011, 05:15 pm
can you expand just a little on airgaps? 

I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

If you want to be super uber you can also use airgaps or virtualized airgaps to protect your encryption keys and plaintexts from a hacker who roots your firefox VM. I strongly suggest doing this, but it is extremely tedious and currently has no simple implementation.
Title: Re: Could SR get Hacked?
Post by: bhenigma77 on November 18, 2011, 10:18 am
I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

You got it all wrong. The .onion sites themselves were not hacked. There are two ways that the police could have gotten hold of the data on those sites: (1) they got hold of the actual, real, physical servers hosting the .onion sites. (2) the .onion sites were configured wrong and somehow leaked sensitive information, such as the real IP address.

No he got it all right. The servers were rooted and the feds got their IP addresses in this way. Even if you have Tor properly configured it does absolutely nothing to protect from a hacker rooting you and getting your IP address in this way. It is called an application layer proxy bypass attack, and it is probably the #1 way that people/servers who use Tor are traced. Feds very rarely do this sort of attack, and they don't seem very skilled at it yet, but times are changing. They are starting to buy sophisticated premade attack tools from corporations, essentially privatized mercenary intelligence agencies, who have skilled people working for them. Thankfully real intelligence agencies tend to buy up the real sophisticated stuff, and they seem to keep it secret instead of sharing it with LE. Regardless, to protect from this sort of attack you need to use isolation techniques. The easiest way to get strong protection from this sort of attack is to run network facing applications in their own virtual machines. Use host only routing to connect them to a separate VM that runs Tor, a shared host only virtual network adapter and NAT. Now even if your network facing applications VM is hacked and its VM rooted, the attacker can not get your real IP address from it unless they break out of the VM to the host or find an additional exploitable vulnerability in the Tor application. They can reduce your anonymity from traffic analysis attacks from this positioning though.

In short, if you don't use isolation techniques like this and your web server or firefox or pidgin or whatever are hacked, the attacker can get your IP address.

If you do use isolation techniques like this and your non-hidden service configuration machine is rooted like this, the attacker can reduce your anonymity to that of a hidden services, meaning they can quickly trace you to your entry guards but they can't get your IP address without additionally compromising one of your guard nodes. The anonymity provided by a hidden service on a rooted VM is not decreased if you use isolation techniques like this. You should additionally be using GPG so that even if the server you communicate through is hacked, the attacker can not eavesdrop on your communications.

If you want to be super uber you can also use airgaps or virtualized airgaps to protect your encryption keys and plaintexts from a hacker who roots your firefox VM. I strongly suggest doing this, but it is extremely tedious and currently has no simple implementation.

gonna run some of this past my buddy at work (network admin,) see if he can give me some step by steps. you sir, are a badass dude. I love network security, especially in a truely needed application.
Title: Re: Could SR get Hacked?
Post by: lazypeepsarebusted on November 18, 2011, 02:49 pm
Airgaps require two computers. One has access to the internet, the other has no access to the internet. You store your private keys on the machine with no access to the internet. When you encrypt a message for someone, you do it on the machine with no internet access. You also decrypt messages on the machine with no internet access. You transer public keys and ciphertexts between the machines using read only media, like burned CD's. You can't re-use USB sticks or else they become an attack vector, USBs actually compromised an improper airgap implementation in this way to get stuxnet to its target system. Airgaps are the only way to protect 100% from hackers stealing your private keys / eavesdropping on your plaintexts prior to encryption / after decryption. 'Virtual airgaps' follow the same concept, but instead of physical isolation they use virtual machine isolation. It isn't really an airgap anymore, more of a virtualization gap I guess lol. In this case, your network facing applications are kept isolated in virtual machines, with your GPG tools contained in their own VMs with no internet access. You can use host only routing to connect the GPG VM to the VM with internet access. You actually need two instances of GPG, one for encryption and one for decryption, both with no external internet access but both connected to the network facing application VM with host only routing. Firewall rules need to allow the encryption VM to send information to the network facing VM but not get information from it. Firewall rules need to allow the decryption VM to get information from the network facing VM but not send data to it. Now if an attacker compromises the decryption VM via the network facing VM, they can not communicate data back via the internet. And they can't compromise the encryption VM from the network facing VM without disabling the firewall rules. The attacker will either need to find a way to compromise the host directly, or break out of the virtual machine solutions hypervisor, or disable / circumvent the firewall rules. This is obviously not as secure as an airgap though. FWIW I shouldn't call this a 'virtual airgap', it is an entirely different defense just the same style of technique (isolation).


You should do the same thing with Tor. Run Tor in its own VM with a NAT adapter and a host only adapter. Run network facing applications like firefox in their own VM as well, with a host only network adapter connected to them. Connect firefox to Tor in the Tor VM. Now if firefox is pwnt an attacker needs to either break out of the VM hypervisor solution or find an additional vulnerability in the Tor application, in order to deanonymize you on the application layer. This allows an attacker to root your firefox VM and still not have access to your external IP address. You should do the same thing for web servers for what its worth, LE already traced two CP hidden services by hacking them. In each case they would have likely remained secure had they used the technique I mentioned here.

Techniques like these must be utilized to offer strong protection from LE. Using GPG and Tor by themselves is not going to be enough for long. LE will start getting around these systems by merely exploiting vulnerabilities in network facing applications like firefox, and then stealing private keys / spying on plaintext / getting your real IP address with out even having to try breaking Tor or GPG. They already are using techniques like this to compromise major targets like spies, terrorists and serial killers / child abductors. They are starting to use similar techniques on less sophisticated targets, and if the services demonstrated at the ISS (intelligence support services) conference are anything to judge by, techniques like this are going to be the future of LE wiretap/trace operations. You need to stay ahead of the bell curve people, GPG and Tor alone used to have us ahead of the bell curve but less elite LE units are catching up in a hurry.

can you expand just a little on airgaps? 

I read that some CP .onion sites were hacked. Could the same thing happen to SR? If so, how? And how might it be avoided?

If you want to be super uber you can also use airgaps or virtualized airgaps to protect your encryption keys and plaintexts from a hacker who roots your firefox VM. I strongly suggest doing this, but it is extremely tedious and currently has no simple implementation.



Title: Re: Could SR get Hacked?
Post by: Cgault on November 18, 2011, 04:05 pm
I think this analysis and the technique discussed on isolating via Vm's is probably the best information seen yet on the SR forums. It is very sophisticated, but not completely out of the reach of an advanced user. There is no doubt that State security agencies are working to break Tor to the extent of enumerating bridges and exists, so eventually, they will get the ability to get the clear comms stream, and its not a big job to seed SR with many many straw buyers and sellers and, as the author suggests, just collect the keys and so on.

It would not even take a massive LE sting or arrests, they just need to poison the well, and I think that many naive users on SR think that the current level of anonymity will be forever adequate. A few customs seizures, a few cooperative LE campaigns with various international and national PTT (Postal telecom and telegraph - many countries are unified in the regulation and provisioning of their services), and boom.....no more SR>

I would be in favor of an advanced security "think tank", to help the users and SR up their game.   
Title: Re: Could SR get Hacked?
Post by: security on November 19, 2011, 03:16 pm
There is no doubt that State security agencies are working to break Tor to the extent of enumerating bridges and exists, so eventually

For the record, enumerating bridges and sniffing traffic on an exit relay isn't hard to do. A number of people are doing this already. Tor is just a tool that you can use to hide your browsing habits, it's not necessarily the be all and end all of Internet anonymity. What you say and do, and even the times you're active online, can give you away.

I would be in favor of an advanced security "think tank", to help the users and SR up their game.

+1
Title: Re: Could SR get Hacked?
Post by: Cgault on November 19, 2011, 04:36 pm
Aw Shucks, thanks for the + - implementation is challenge. First idea is  to have distinct security forums for buyers and sellers. Different levels of practice/  - but the best practices can be shared.