Xerobank questions ?

With javascript enabled I can be compromised because the vehicle to the internet is the attack surface for surveilance and pivoting. Javascript/Ajax is to the browser what Metasploit is to the PC. Just because I create a tunnel with a VPN doesn't remove an attacker's ability from using Javascript/Ajax to attack the browser.

How would Xerobank help to solve this issue?

It's not easy to stop using Javascript, all of the cool stuff happens their.

 

XeroBank's vpn protects anonymity, and in this specific case, ajax won't be able to compromise your ip anonymity because all traffic will exit through the vpn. For protection against malware and evil application, we will be releasing safehouse which sandboxes everything between you and the internet.

 

I apologize if this has been discussed previously, but is Xerobank vulnerable to the "Low-resource routing attack", as discussed here:
http://systems.cs.colorado.edu/~bauerk/papers/WPES07-bauer-talk.pdf

Thank you!

 

No, XeroBank is not vulnerable to that type of attack for many reasons, mainly because we are a private network. Tor has a large attack landscape because users can participate in virtually any role in the network, and can be attacked by individuals all the way up to global adversaries. XeroBank has a very small attack landscape that is limited mostly to global adversaries. Specifically, we don't allow participants in entry or exit positions or any positions, we limit concurrent entry connections, and a user doesn't have enough access to saturate our node resources.

 

Since the Usenet impersonator is again busy working overtime today in an effort to spread disinformation and intimidate those involved in this xb thread, I need to clarify that I was not referencing to privacy.li, but was instead referring to services offered by Abraxas.

 

So per session installs could still occur but limited in what they can accomplish to activity logging?

 

No matter what they do, it is only per session because it is read-only. And then it gets worse for the attacker: the sandbox system is a hardened linux environment, so 99% of attacks already won't work.

 

Thank you, this is exactly what I was waiting to hear. Is there a way to test-drive the service for a day or two?

 

Sure. By default you get the first 30 days for $1. But message me off list and I'll generate a temp account for you.

 

Since this is "the" xerobank thread I hope you'll allow me to make a few general remarks and some questions.
My post builds up on a previous discussion here:https://www.wilderssecurity.com/showthread.php?t=292714
Actually it is (was) a thread about Tor. I only took the opportunity to talk to Steve directly there. Though I wasn't interested in a "vs." thread it was bound to go that direction. Here's my attempt to talk about Xerobank solely based on its own merits and flaws.

Anonymity on the internet means no one can correlate your data exchanges and your identity. Can we agree on that?
Both, identity and data, are tied on your end so you split them up, a 3rd party takes the data and uses their own identity to exchange it for you.
To be anonym against the 3rd party itself and everyone controlling or watching it you add a 4th and a 5th party or more. Now each of them never sees you AND the data: you hand over "locked" data to someone who knows your identity, someone else who only sees the middleman and not you has a key to open the data. For an external attacker watching the traffic flow this key is a weak link (he needs to compromise that single party and not all of them) so you add more layers of encryption. As I understand xerobank can't do that if you connect to it with only a single layer of encryption as it is done now with OpenVPN.

The biggest conceptual risk is that someone controls all parites involved. To mitigate that we'd need strong guarantees that:
1) they aren't all compromised
2) they aren't colluding themselves
For that we need external control and transparency and more than just different "legal entities" that actually are a single organisation but xerobank believes in the opposite. It argues that obscurity is stronger against adversaries because they don't know how the parties interact.
This is a pretty interesting notion given that internally everything must be based on cryptography. Encryption relies on a single secret, the key. It does not require for the complete mode of operation to be conducted in secrecy (which certainly also isn't the same as "secrecy of their location", see their faq)
Further, while it may look like a good idea against 1) it has a devastating effect on 2)
If that wasn't enough, opacity of internal operation is impossible to achieve against a global adversary who can watch all traffic flow and map out their entire network.
Why does xerobank insist on secrecy? One reason is business, if it was an open system anyone could copy their business model.
Anyone seeing a conflict between this and the personal assertions of Steve Topletz?

 

Tentatively. Anonymity isn't a state without reference. It is a question of whom you are anonymous *from*. But I think you'll like discussing that.

OK, we're getting into areas that are specific to the design of the network toplogy and trust models. Those are hard to compare because some are necessary for one design but not the others. Lets take a look at the effective level of protection from the user's point of view:


ex: When using a VPN you are anonymous from
1) your ISP
2) the recipient website
3) some weak adversaries (vpn prevents most side channel attacks)

but NOT anonymous from
1) provider
2) most weak adversaries (provider impersonation by local LAN administrator or ISP)
2) strong adversaries (no anonymity technologies used)
3) global adversaries

When you use Tor, you are anonymous from:
1) your ISP
2) the recipient
3) most weak adversaries (side channel attacks)
4) some strong adversaries


but NOT anonymous from
1) provider (the directory authorities are controlled by the Tor Project and thus have control over all nodes in use).
2) most strong adversaries (participation attacks)
3) global adversaries

When you use XeroBank, you are anonymous from:
1) your ISP
2) the recipient
3) weak adversaries (side channel attacks mitigated by vpn, preshared keys for provider authentication)
4) strong adversaries (no participation allowed)

but NOT anonymous from
1) provider (XeroBank has control over all nodes in use)
2) global adversaries

It should be noted we are not counting violations of best practices by users, such as downloading malware that disables tor or a vpn connection etc.

Complete mitigation is not possible, but some level is. Anonymity always requires trust in a party. That trust chain may be obfuscated or minimized, but it cannot be eliminated.

When you have eliminated most internal evil possibilities, you are still left with the question of "who watches the watchers". Even in a system where all folks are watching each other, it is still reduced to this set.

Very close. Some things are advantageous to obscure, most aren't. For those that aren't advantageous to our users to obscure, we don't. Regarding party interactions, that isn't a secret because it is advantageous as a deterrant to adversaries and has been rather successful. XeroBank operates as Xero Networks USA for the financial entity that knows the identity of the clients. XN USA contracts with XN AG (panama) for administration and operations, and as a technology partner.

We offer more than just anonymous internet access, so some things again are advantageous for users if we obscure them from the attackers in addition to the security. For example, the mail server(s) publicly exposed are not the actual mail servers. The real location of our mail servers are hidden. This makes it where an attacker with power less than a regional adversary cannot disrupt services or risk capture of our mail servers and does not affect the security our mail servers provide.

Nothing can yet protect against global adversaries on any system, so discussing properties that don't protect against them is moot.

Things are usually not decided for a single reason, but multiple reasons or minimum standards that must be met decide the reason. The reason for the secrecy is above. We handle things that aren't transient, like emails, so security and privacy is good, but since we operate as a single trust entity, we can also provide additional user protections through leveraged unpredictability, in this case secrecy about server locations and the use of reverse proxies to hide them from attackers of all types. This also feeds into the defense in depth concept. Having security is very good protection. Having multiple layers of protection in addition to security is even better. At least for the user.

 

In addition to me demonstrating that the Tor Project has control over the network as we do, here is something to think about:

How does the Tor Project protect their directory authorities? And to what level? What software? What physical protections if any? I heard last year that their key protections were affected by a bug that limited the total keyspace to only 16,000 possibilities.

XeroBank minimally uses FIPS-140-2 military security specification protocols on all nodes. For critical internal machines, we have physical controls and FIPS-140-2 Level 3 hardware security modules with onsite staff, physical tamper evidence, self-destruction capability, and tamper notification. Very serious stuff.

edit: katio, disregard this post if you don't want to discuss a "vs" situation.

 

One question: do the 'superb' high end services for companies actually exist ?
I can't be bothered do to research. But for as far as I know, they don't exist.

 

They do. But we aren't offering them publicly (yet), mostly word of mouth. Some services we offer include dns protection, bulletproof hosting, xerobank Onyx services, commercial IP proxies, cryptorouters, closed group routing, and a few other things. Contact me directly if you need some of these services. In april or so, we will begin offering them for purchase on the xerobank.com website.

 

Thank you! It's funny how we had this heated debate over Tor while I actually agree with pretty much everything you just said. It's a very fair and accurate analysis.
We really went into that with very different view and starting points and probably mutual prejudice. Glad we resolved that.

There just one remaining point, sorry I keep pressing it:
To me it looks like the cheapest and simplest attack against xerobank is recording the encrypted vpn stream of a customer and compromising the one server that has the decryption keys. Based on how routing works this server is impossible to keep secret. If you were using something like onion routing instead of a single vpn layer you could remove that single point of failure.

 

Ah excellent question. We call that the "cryptographic terminator" because it terminates the encrypted stream and either sends it out directly to the internet (XeroBank consumer VPN), or re-encrypts it with another session and sends it to another server across a meshed anonymity network (XeroBank Onyx). For the consumer VPN service, the cryptogaphic terminators are the exit nodes.

XeroBank has perfect forward secrecy as a property of our network, so recording and replaying won't work because xerobank renegotiates encryption keys on a vpn session every 5 minutes.

 

I thought so but that leaves the option of copying the keys and listen in "from now on".

 

Yes. The system is vulnerable to the compromise of the CTs where the keys reside. However, the compromising the CTs requires the powers of a clandestine intelligence agency and extreme motivation. A clandestine intel org already has global adversary attack capabilities or similar, so it is more likely they would perform a remote global adversary attack rather than a physical attack which has limited results and high risk of failure.

For systems where we are using FIPS-140-2 level 3, the keys are stored inside physically protected hardware security modules that self destruct (zeroise) when tampering is attempted.

 

This prompts for another question: How is xerobank actually stronger than VPN in regards to "against whom" it provides anonymity?

Let's repeat what you said about them:

Lets assume that you gain absolutely nothing from traffic analysis between the xerobank nodes. Our hypothetical VPN operates single high speed server with many thousand connections going in and out. He uses the same preshared key authentication, PFS, no logs and the same security measures like a xerobank CT and the server are located in the same jurisdiction as the CTs.
Against weak adversaries it offers the same features - on the client side it works exactly the same.
Against strong adversaries, where is the difference?
A passive attacker sees vpn traffic going into the server/xb network and sees traffic leaving the server/xb network. He can try to correlate and analyse but if a sufficiently large user base is active he can only make educated guesses.
Against active attacks: In both cases the most likely scenario is that you want to find out who accessed a particular website, uploaded a particular file, posted a certain message. Log analysis or active wiretapping on that end will reveal the IP of the VPN server/xerobank exit node. In both cases a simple raid will not reveal the identity of the customer. In both cases they can put legal pressure on the operator of the server/exit node to start logging.
Here's the only difference I can find: If a VPN server is compelled to log it instantly breaks the anonymity. In Xb it only reveals the plain text traffic and another xb node. Breaking anonymity requires an additional effort: further subpoenas against xb nodes or dragnet surveillance of xb customers. I don't think these requirements already constitute a "global adversary".
Based on this analysis I would say such a VPN offers protection against "weak" and "some strong adversaries" while Xb offers protection against "most strong adversaries".

 

Katio, You are just full of excellent questions. For some time now I've been working with some folks to provide a simple anonymity metric. It breaks the adversaries down into about 8 catagories of increasing strength. In this specific instance, it elaborates between weak, strong, and global adversaries. It would explain a lot of the distinctions I make, but it isn't ready yet for publication. But I'll break down xerobank specifics here.

VPNs do not use anonymity technologies. You simply pop in and out, without any traffic protection. With XeroBank, you are using a VPN to connect to a real anonymity network. I'll explain further:

VPNs are typically single hop systems. Any adversary with domestic observation ability can compromise VPNs in their country. XeroBank is an international multihop system. The traffic that enters from one country can't exit from the same country (unless you are using Turbo Privacy, which mixes with the multihop traffic). So traffic can't begin to be correlated by a domestic adversary, it would take collusion between two domestic adversaries or a higher level adversary, before we use any anonymity technology. This would be the difference between perhaps a weak and strong adversary.

So now we've explained xerobank into a "some strong adversaries" mode, lets go further. We do a technique called multiplexing between the entry and exit in addition to traffic shaping and traffic mixing with other darknet partners. This technique requires traffic analysis beyond typical collusion among two domestic adversaries, and elevates the required attacker to have analysis capabilites of a global attacker. Why? Because while methods like netflow analysis or simple traffic analysis work on vpns and tor through observation, but they don't work on mixed multiplexed traffic. For that you need timing attacks, which the global adversary can do.

What we haven't talked about yet is VPNs that are super weak or offer less protection than even normal VPNs. There are VPNs that are anti-anonymous like Relakks or Ipredator (same service). Relakks/Ipredator has no crowding, they assign each user a unique IP, and do port forwarding so that even individual adversaries (hackers/websites) can break a Relakks/Ipredator users anonymity by reaching their machine directly. Relakks/Ipredator is actually just a normal ISP that allows you to make PPTP connection to it instead of having a modem at your house. Why pay for one ISP when you can pay for two and drastically slow down your connection speed?

 

We've got a new design coming called Clarion. It allows us to place virtually unlimited exit nodes in virtually any country connected to the internet. So I would say "yes".

 

Really? You offer hosting? And what constitutes bulletproof hosting, in your opinion?

 

Sure. The bulletproof hosting has two aspects to it. The first is securing what you are doing against hackers and hardening it. The second aspect is evaluating your content/role for what your risks are against takedown/dos/ddos/complaints/load and determining the appropriate geopolitical solution.

 

Although I don't post to Usenet, I have been following the drama on alt.privacy lately. Mostly it's just a flame war structured around caricatures of Wilders users and their posts. However, apparently-real posters occasionally speak up.

In the Re: Deciding On A VPN thread, Noone <none@here.tld> wrote: "That's not the real Steve Topletz, it's a troll that must have been kicked off Wilders and is now trying to make the entire crew look bad. His current goal appears to be to try to start up another privacy.li flamefest in here by claiming everyone is Adem."

It wasn't me, I swear

In response, "Steve Topletz" (the troll from $$5lonjgdxpj7l67.news.x-privat.org) wrote: "Excellent obfuscation, Adem Now to your proof of this claim? "

 

Are we playing follow the troll?
I thought ignorance of them was the best solution.