Silk Road forums

Discussion => Security => Topic started by: HeatFireFlame on June 15, 2013, 10:26 pm

Title: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 15, 2013, 10:26 pm
Ok so i have most of my security aspects covered, However i am far from an expert.
I have a couple of questions that i need answered that i just dont fully understand. Thanks in advance for your answers.
So even if you are using tails and tor bundles your isp can still check if you are connecting to the tor network, and Agencies if they were looking to you could gain a much further advancement of knowledge on your behaviors.

my questions are this.
So does using the torbundle with built in obfsproxy basically mask that you are using tor to your ISP?
will you need to update tails's bridges periodically even in "bridge mode"
is the partition encrypted enough with the linux encryption or should you install truecrypt as well and add the secret drive thing in as well?

And it frequently says that bridges arent completely safe even obfuscated bridges, So how do you make this properly safe? And what would the protocol be?
Would it be smething like connect to Tails using a VPN like torguard, and using bridges at the same time. Have everything encrypted such as your HD or if you just boot from usb have that encrypted. . would this mask the fact that you were using tor? this is more a question about the VPN aspect and keeping things hidden from your ISP originally. Not to do with encrypting things etc.

i take it the new TBB with the obfsproxy built in isn't enough?

i really appreciate all your help, Some people round here know im always asking for help, but i figure it's better to ask and be clued up than be full of it and really know nothing.

thanks in advance, i know some people are going to hate me for asking all this lol
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: stenr on June 15, 2013, 10:37 pm
If you don't want your ISP to see what you're accessing you need to have your connection encrypted. You do this through a VPN. TrueCrypt is only offline protection is should only be used as a last ditch effort to protect yourself (if you are storing illegal files on your computer). I recommend Air VPN because they are cheap, can be purchased using bitcoin, and does exactly what it needs to do. As for tails I don't personally use it but really all you need is Tor and a VPN for SR stuff.
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 15, 2013, 10:43 pm
If you don't want your ISP to see what you're accessing you need to have your connection encrypted. You do this through a VPN. TrueCrypt is only offline protection is should only be used as a last ditch effort to protect yourself (if you are storing illegal files on your computer). I recommend Air VPN because they are cheap, can be purchased using bitcoin, and does exactly what it needs to do. As for tails I don't personally use it but really all you need is Tor and a VPN for SR stuff.

tails or whonix either or. yes i know truecrypt is for offline only.  So the obfs bridges dont help mask it from your Ip really? when used in vidalia settings and on the USB with a persistent volume. ?
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: kennypowders on June 15, 2013, 10:49 pm
Ehy. Yo.
Someone get Pine on the phone, this motherfuckers got a question.
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 15, 2013, 10:58 pm
Ehy. Yo.
Someone get Pine on the phone, this motherfuckers got a question.
yup the platypus would know for sure, Haven't seen her active in a few days mind you...
surely this is fairly widespread knowledge/? im only asking because i wasn't sure and im certainly no expert.  :P
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 15, 2013, 11:08 pm
If you don't want your ISP to see what you're accessing you need to have your connection encrypted. You do this through a VPN. TrueCrypt is only offline protection is should only be used as a last ditch effort to protect yourself (if you are storing illegal files on your computer). I recommend Air VPN because they are cheap, can be purchased using bitcoin, and does exactly what it needs to do. As for tails I don't personally use it but really all you need is Tor and a VPN for SR stuff.
Tor traffic is already encrypted so your ISP will never see what you're accessing only that you're using Tor.
If you use the Obfsproxy bundle then your traffic should look like regular SSL traffic and it should mask the fact that you're using Tor.
However I would recommend FDE like Truecrypt to everyone as it's your best defense should your system ever be compromised.
Also I'd avoid using a VPN service just because it's recommended on SR, check out the different ones available and make your own choice.
I'd also definitely recommend Tails as you can run everything you need for SR from a USB stick.
If you're only using Tor and a VPN then I'd recommend you look into full disk encryption and getting to know how to use PGP..
No i do already know about PGP and FDE, PGP was one of the first things i learned. thanks for your answer it basically clears up what i was wondering.
You see even on the Tor project page it says that the obfsproxy bundle isn't 100% guaranteed to mask your traffic to make it look like SSL mate, so i was wondering how to make it as foolproof as possible.
yeah im going to truecrypt the whole drive and USB mate. even though the whole thing will be getting run from the USB.
I also realize that VPN's can always be caching details however sometimes it can be useful if you find a decent one. and especially if the obfs proxys are not 100% secure a vpn would not hurt.
maybe this is why people like to connect from random places, therefore you arent using your own ISP so they wont know anyway.
 
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: tree on June 15, 2013, 11:27 pm
Honestly if you live in big city you really don't need to hide TOR usage. If a package coming from your area is intercepted they're not going to check everyone using TOR. Drug dealers mail drugs too and a lot of them don't use TOR at all. They won't even bother to do an investigation, customs are gonna seize it and send a love letter but that's it. If it gets intercepted on a domestic order I also don't think they'll care, it's not like you're shipping kilos of weed in one package.

What's important is using TOR safely, which is why I'd recommend whonix over something Debian or Ubuntu. Full disk encryption should also be used, it's not much of a hassle and it gives more peace of mind. Also, run something like BleachBit (with secure deletion enabled) regularily to remove possible traces of whonix being run if it's in a hidden partition, and other hidden files being opened.

Honestly I wouldn't bother with obfsproxy unless you're in a rural area, and even then if you're small time it's not that important. Someone that hide TOR usage is more suspicious than someone that doesn't. Convince your friends to use TOR too and you'll be safer that way.
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 15, 2013, 11:34 pm
Honestly if you live in big city you really don't need to hide TOR usage. If a package coming from your area is intercepted they're not going to check everyone using TOR. Drug dealers mail drugs too and a lot of them don't use TOR at all. They won't even bother to do an investigation, customs are gonna seize it and send a love letter but that's it. If it gets intercepted on a domestic order I also don't think they'll care, it's not like you're shipping kilos of weed in one package.

What's important is using TOR safely, which is why I'd recommend whonix over something Debian or Ubuntu. Full disk encryption should also be used, it's not much of a hassle and it gives more peace of mind. Also, run something like BleachBit (with secure deletion enabled) regularily to remove possible traces of whonix being run if it's in a hidden partition, and other hidden files being opened.

Honestly I wouldn't bother with obfsproxy unless you're in a rural area, and even then if you're small time it's not that important. Someone that hide TOR usage is more suspicious than someone that doesn't. Convince your friends to use TOR too and you'll be safer that way.
Yeah sorry most of that was in response to stenr's advice.
Using a VPN will always hide the fact that you're using Tor from your ISP and I guess using obfsproxy on top of that can't really hurt either. ;)
Well i just figured it's better safe than sorry to be honest with you mate. yes i reckon im going to go with whonix over ubuntu, if things are in a hidden partition would they leave traces of being opened? even if it was in a hidden partition like truecrypt offers?
i think the quotes have messed up somehow, but never mind, cheers  :)
Cheers mate. Always appreciated.  :)
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: tree on June 15, 2013, 11:45 pm
Well i just figured it's better safe than sorry to be honest with you mate. yes i reckon im going to go with whonix over ubuntu, if things are in a hidden partition would they leave traces of being opened? even if it was in a hidden partition like truecrypt offers?
i think the quotes have messed up somehow, but never mind, cheers  :)
Cheers mate. Always appreciated.  :)
Of course it's better to be safe than sorry! But what I saying is that hiding TOR usage isn't necessarily more secure than not hiding it. It should only be used when you live in a rural area, and it's not impossible for the government to find out you're hiding TOR usage, which makes you stick out even more than those that don't hide TOR. Of course, if you don't live in a city, hiding it is better!

And yes they leave traces of them being opened unless your HDD is formatted in FAT32 and is not an SSD or flash drive. Many OSs keep logs of opened software, or if it's not logs it's some traces in another form. Linux shouldn't leave many traces but using BleachBit (open source obviously) is a good thing to do IMHO. Having the hidden volume on a flash drive leaves traces but the advantage there is that it's easily thrown away and broken, you shouldn't use an SSD though!
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: HeatFireFlame on June 16, 2013, 12:02 am
Well i just figured it's better safe than sorry to be honest with you mate. yes i reckon im going to go with whonix over ubuntu, if things are in a hidden partition would they leave traces of being opened? even if it was in a hidden partition like truecrypt offers?
i think the quotes have messed up somehow, but never mind, cheers  :)
Cheers mate. Always appreciated.  :)
Of course it's better to be safe than sorry! But what I saying is that hiding TOR usage isn't necessarily more secure than not hiding it. It should only be used when you live in a rural area, and it's not impossible for the government to find out you're hiding TOR usage, which makes you stick out even more than those that don't hide TOR. Of course, if you don't live in a city, hiding it is better!

And yes they leave traces of them being opened unless your HDD is formatted in FAT32 and is not an SSD or flash drive. Many OSs keep logs of opened software, or if it's not logs it's some traces in another form. Linux shouldn't leave many traces but using BleachBit (open source obviously) is a good thing to do IMHO. Having the hidden volume on a flash drive leaves traces but the advantage there is that it's easily thrown away and broken, you shouldn't use an SSD though!

Great, I'll Dl bleachbit and use it every few weeks or so. Thanks for showing me it:)Flash drive it would be anyway not an SSD.
astor was telling me that qubes is a great OS to use if you know wha your doing with linux type operating system, However im not that good with it yet so it's not for me, But it solves some of those problems.
Thanks for your help mate.
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: tree on June 16, 2013, 12:11 am
Great, I'll Dl bleachbit and use it every few weeks or so. Thanks for showing me it:)Flash drive it would be anyway not an SSD.
astor was telling me that qubes is a great OS to use if you know wha your doing with linux type operating system, However im not that good with it yet so it's not for me, But it solves some of those problems.
Thanks for your help mate.
I honestly run BleachBit whenever I dismount my hidden volume, every week isn't so secure. It only takes like 1minute to clean so it's really not so annoying. And a flash drive uses the same type of memory as an SSD so they both have the same security issues and it's easy to determine that a hidden volume exists on the drive. An SSD is even worse though.
Qubes is pretty cool too, it runs each software in a different VM, so that all things you do are completely isolated,! It sounds pretty cool but I think whonix is better for routing all traffic through TOR, I'm not sure if Qubes does that.
You're welcome mate :P
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: tree on June 16, 2013, 12:56 am
I thought flash drives didn't have any particular security issues contrary to SSD's as overwriting the free space doesn't work like it does on a regular mechanical HDD. Since the wear leveling protection causes a lot of data to be left behind using this method. However you could use a micro-SD card instead since they're very easy to hide or destroy.
According to truecrypt's documentation, flash drive do have the same issues. They're of course much less important than those of SSDs! I recommend formatting your flashdrive in FAT32 to at least get rid of the issues inherent to NTFS.
Title: Re: Need some help with overall Security-Basic to a lot of you
Post by: tree on June 16, 2013, 01:28 am
I thought flash drives didn't have any particular security issues contrary to SSD's as overwriting the free space doesn't work like it does on a regular mechanical HDD. Since the wear leveling protection causes a lot of data to be left behind using this method. However you could use a micro-SD card instead since they're very easy to hide or destroy.
According to truecrypt's documentation, flash drive do have the same issues. They're of course much less important than those of SSDs! I recommend formatting your flashdrive in FAT32 to at least get rid of the issues inherent to NTFS.
I just looked it up and you're indeed correct, flash drives apparently use wear-leveling mechanisms just as SSD's do. :-\ What issues are you referring to when you talk about NTFS? Besides the fact that it's less supported on non-Windows operating systems of course.
The wear-leveling on flash drives is not as important as on SSDs though I'm pretty sure, so it's not as bad as an SSD, but I'm not sure about that.
Regarding NTFS :
Quote
If an adversary has access to a (dismounted) TrueCrypt volume at several points over time, he may be able to determine which sectors of the volume are changing. If you change the contents of a hidden volume (e.g., create/copy new files to the hidden volume or modify/delete/rename/move files stored on the hidden volume, etc.), the contents of sectors (ciphertext) in the hidden volume area will change. After being given the password to the outer volume, the adversary might demand an explanation why these sectors changed. Your failure to provide a plausible explanation might indicate the existence of a hidden volume within the outer volume.

Note that issues similar to the one described above may also arise, for example, in the following cases:

[...]

A file-hosted TrueCrypt container is stored in a journaling file system (such as NTFS). A copy of the TrueCrypt container (or of its fragment) may remain on the host volume. To prevent this, do one the following:

    Use a partition/device-hosted TrueCrypt volume instead of file-hosted.
    Store the container in a non-journaling file system (for example, FAT32).
http://www.truecrypt.org/docs/hidden-volume-precautions