Silk Road forums
Discussion => Security => Topic started by: ascarabeus938 on August 03, 2013, 10:56 pm
-
With the arrest of FreedomHosting founder there is a risk the sites hosted there are honeypots.
quote from http://www.reddit.com/r/onions/comments/1jmrta/founder_of_the_freedom_hosting_arrested_held/
This was just posted by the admin of the 4pedo board:
UNKNOWN JAVASCRIPT IN THE BOARD PAGES POINTING TO IFRAME TO A VERIZON SERVER ON THE OPEN WEB!!!!!!! THEY ARE INSERTED BY FH! I WOULD CONSIDER FH COMPROMISED!!!! THEY ARE ALSO IN TLZ AND OTHER SITES PAGES!! STAY AWAY FROM ALL FH HOSTED SITES, including TLZ, LC, TORMAIL, ALL OF THESE ARE HOSTED ON FH!!!!!!!!!!!!!! ALL BOARDS HAVE BEEN DELETED TO PROTECT YOU!! IF THE BOARDS COME BACK UP, IT IS NOT ME RUNNING THE SITE ANYMORE, ALL ADMIN/MOD ACCOUNTS HAVE BEEN DELETED!!
The situation is serious. They got the owner of FH and now they're going after all of us! Half of the onion sites were hosted on FH! Disable JavaScript in your Tor browser for the sake of your own safety.US authorities are seeking the extradition of a 28-year-old Irishman described in the High Court by an FBI special agent as "the largest facilitator of child porn on the planet."
-
Wow, even Tormail.. Great to hear that!
What is TLZ?
-
Someone with the right hardware has a new opportunity to become the defacto hidden site hosting provider. It is unfortunate that we lost FH. Hopefully everyone kept their inboxes empty.
-
TorMail? No Shit!?
Wow, that really blows... 'cause I had just recently found it and thought it would solve all of my anonymous e-mail issues.
So, who hosts SR?
-
TorMail? No Shit!?
Wow, that really blows... 'cause I had just recently found it and thought it would solve all of my anonymous e-mail issues.
So, who hosts SR?
I haven't been able to get on TM for about three days now, has anyone? The welcome page came up a few times but no links were working and then even the TM home page was done... ??? :-( I've only tried logging in via Squirlmail as I almost never use JS and sometimes Squirellmail is a bit wonky compared w/roundcube. I like RC better and use it when not using tor for anything else.
-
Ooooh. He is also the owner of OnionBank.
TorMail? No Shit!?
Wow, that really blows... 'cause I had just recently found it and thought it would solve all of my anonymous e-mail issues.
So, who hosts SR?
haven't been able to get on TM for about three days now, has anyone? I've only tried via Squirlmail as I almost never use JS ever and sometimes Squirellmail is a bit wonky compared w/roundcube. I like RC better and use it when not using tor for anything else.
Of course we haven't been able to. FreedomHosting is down.
-
not sure if it was LE or Anonymous
http://www.geekosystem.com/tag/freedom-hosting/
Anonymous Takes Down Massive Child Pornography Server, Leaks Usernames
In a move that we can all get behind, hacker group Anonymous has announced that they have taken down a huge cache of child pornography and released 1,589 usernames of the website’s patrons. The action came as part of Operation Darknet, which targets illicit websites that are part of an unindexed and therefore unsearchable corner of the Internet.
The server in question is owned by Freedom Hosting, and apparently services over 40 child pornography websites. The largest of these, disturbingly called Lolita City, was said to contain over 100gb of child pornography.
Interestingly, the Anonymous hack is extremely well documented. In two separate Pastebin posts, the hackers involved provide a timeline of events, as well as some of the methodologies they used in tracking and taking down the servers.
According to their timeline, the hackers first became aware of Lolita City while leading a related campaign against a portion of the Hidden Wiki which included links to child pornography. While working to suppress the Hidden Wiki for linking to child pornography, the group turned their attentions to the websites linked on the Wiki. Through their investigations, they discovered that many of the sites shared a similar “fingerprint” in that they were supported and hosted by a company called Freedom Hosting.
The group then issued an ultimatum to Freedom Hosting to remove the content, or be shut down through their attacks. Freedom Hosting refused, and has since been the target of the hacker’s ire.
While attacks by the hacker group have often been divisive, going after the supporters of child pornography is something that is hard to criticize. In fact, this might be the best application of the groups’ talents; an intersection of Internet knowledge and the ability to carry out electronic attacks. Of course, preventing child pornography from being moved around the Internet doesn’t stop the predators that created the materials. Hopefully, law enforcement will take up the information gleaned by the group and start making some arrests.
(via Security News Daily, Examiner)
-
not sure if it was LE or Anonymous
No Tbart. Anonymous did that a couple years ago...
-
insert sound of me smacking self on back of head ::)
-
What's-up with tormail? I CAN'T GET ON!!! I'm expecting an important message from the President!! How can I give him instructions if I can't get on?
Ooooh. He is also the owner of OnionBank.
TorMail? No Shit!?
Wow, that really blows... 'cause I had just recently found it and thought it would solve all of my anonymous e-mail issues.
So, who hosts SR?
haven't been able to get on TM for about three days now, has anyone? I've only tried via Squirlmail as I almost never use JS ever and sometimes Squirellmail is a bit wonky compared w/roundcube. I like RC better and use it when not using tor for anything else.
Of course we haven't been able to. FreedomHosting is down.
-
who hosts the road or these forums?
-
who hosts the road or these forums?
A guy named Bruce Cambell in Shreveport, Louisiana hosts, owns, and operates SR. I forget his phone number and address, it's on the web though, just google it.
-
I have a tormail account. What does this mean for me? I don't really ever use it. Should/can I delete it? Thanks in advance to anybody that helps me.
-
They most probably are now. Also , Tormail is a major onion site, Im shocked they managed to take it down, Could we be next? Seriously, Can anybody technical get involved here and tell me what the script is?
there are around 10 threads about FH down, But what about us, If they can take down tormail, Can they touch the road?
-
who hosts the road or these forums?
A guy named Bruce Cambell in Shreveport, Louisiana hosts, owns, and operates SR. I forget his phone number and address, it's on the web though, just google it.
can't they arrest this guy too?
-
can't they arrest this guy too?
They could, except he's a fictional character in a joke.
mm
-
subbed
-
you guys need to disable javascript. if those guys had it disabled the side channel javascript is useless.
even better ISOLATE. USE WHONIX. isolated out of the box. fuck a side channel.
-
it's over!!!!!
-
you guys need to disable javascript. if those guys had it disabled the side channel javascript is useless.
even better ISOLATE. USE WHONIX. isolated out of the box. fuck a side channel.
Except whonix has wifi enabled, and the US busted the entire Chinese hacker team ATP1 in December 2012 by smashing through the browser using BeEF then activated wifi to find their location, even though they were using virtual machines for Metasploit framework.
Travis Goodspeed has also made fake emulated devices to exploit the linux kernel's old device drivers that are still in there from the 1990s. He injects a python program, which then auto mounts the device with emulated firmware that requests 300mb memory instead of SCSI standard 250mb memory and overflows the kernel presenting him with full memory page leaks from the host system. Grsec prevents this, which whonix is not using. He also experimented with emulated HDD firmware he can fool the O/S into connecting to and root the disc even after reboots. Read his blogs sometime and chaos computer congress presentations they're pretty interesting what you can with firmware emulation/hacking to jump all over the system regardless of software isolation.
Hardened Gentoo Whonix exists but it's out of date and unmaintained.
tl;dr
- disable auto mount
- disable wifi
- disable javascript in TBB and java plugins
- patch w/Grsec
-
you guys need to disable javascript. if those guys had it disabled the side channel javascript is useless.
even better ISOLATE. USE WHONIX. isolated out of the box. fuck a side channel.
Except whonix has wifi enabled, and the US busted the entire Chinese hacker team ATP1 in December 2012 by smashing through the browser using BeEF then activated wifi to find their location, even though they were using virtual machines for Metasploit framework.
Travis Goodspeed has also made fake emulated devices to exploit the linux kernel's old device drivers that are still in there from the 1990s. He injects a python program, which then auto mounts the device with emulated firmware that requests 300mb memory instead of SCSI standard 250mb memory and overflows the kernel presenting him with full memory page leaks from the host system. Grsec prevents this, which whonix is not using. He also experimented with emulated HDD firmware he can fool the O/S into connecting to and root the disc even after reboots. Read his blogs sometime and chaos computer congress presentations they're pretty interesting what you can with firmware emulation/hacking to jump all over the system regardless of software isolation.
Hardened Gentoo Whonix exists but it's out of date and unmaintained.
tl;dr
- disable auto mount
- disable wifi
- disable javascript in TBB and java plugins
- patch w/Grsec
Thanks for the info. I remember when ATP1 got busted.
Maybe you should type how to disable all of those things for everyone who might not know :)
-
unlikely they would go to such lengths to bust some drug users. and probably impossible to exploit en-masse like the javascript side channel. either way its much much safer than browser bundle. of course, hacking anything is always possible.