Bugs in Tor network used in attacks against underground markets

Discussion in 'privacy technology' started by lotuseclat79, Apr 4, 2015.

  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
  2. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,169
    I wonder how this effects programs such as Quitezone? It uses TorBrowser.
     
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,169
    Ok think i found the answer to my question. Just had to read their Faq section lol

    Can I access a legitimate TOR hidden service?
    Quietzone is a responsible privacy product. It may only be used for legitimate privacy purposes. Whilst it does not record or sensor any activity, it does not provide access to TOR hidden services. If you wish to use Quietzone to access a legitimate TOR hidden service, then please contact technical assistance and our support team will evaluate the site. If legitimate, it will be added to the Quietzone white-list and may be accessed. Returnil/Quietzone is also a member of The Internet Watch Foundation and blocks access to IWF blacklisted sites.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    This is why it's crucial to compartmentalize in at least VMs. And in light of the recently reported VM-to-host display leak in VirtualBox, and firmware vulnerabilities, using separate physical machines is looking like the best bet. And powerful microcomputers have become so inexpensive that ad hoc blade setups are generally affordable.
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    Do you have a link handy for the exact case you are referring to in this statement? I am all too familiar with the firmware side of your comments above.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
  7. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    Thanks. I am starting to consider a blade setup. Downside for me is the physical presence in the house. Strange concern huh?
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    No, it's not at all strange :)

    It's a hard choice: local stuff that you can't deny vs remote stuff that you can't trust.

    I'll also be looking at physical hardening. I can't prevent disassembly, of course. But I can rig stuff to destroy itself (electronically) during disassembly. Plus deadman switches, of course, and EM shielding :)
     
  9. Kiebler

    Kiebler Registered Member

    Joined:
    Feb 3, 2015
    Posts:
    15
    Newb question but is Whonix safe to use then with VirtualB. regarding the display leak?

    Also, whonix documentation stress that there should be some form of physical isolation like the gateway vm being place on a separate machine. With an ad=hoc network (just learned this term) is this possible? I understand that it is a temporary network between local cpu's <30' from each other.

    Just trying to wrap my head around this. :/
     
    Last edited: Apr 7, 2015
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    As far as I know, Whonix isn't hardened against this. But that's a question for the Whonix forum. Generally, I think that there's little (if any) risk without video acceleration enabled in VMs.
    Yes, that would work. Both the gateway and workstation have static IPs.
    :)
     
  11. Kiebler

    Kiebler Registered Member

    Joined:
    Feb 3, 2015
    Posts:
    15
    Another question regarding whonix. Is it possible to some way have the gateway run from a usb? If so, does that achieve good security?

    Also regarding ad-hoc (which I'm understanding is turning your cpu into a hotspot) what is the 'chain' when using it? For example: android(orbot)>cpu>vpn>gateway>vpn(pfsense-still need to learn how to set that up)>workstation

    Can that be achieved?
     
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    What does "run from a usb" mean? Do you mean boot from a USB flash drive? That's probably doable. The Whonix gateway is just Debian, after all.
    Compared to what? You could make it a LiveCD, I suppose. That would be good.
    From Wikipedia:
    I'm confused about "android(orbot)>cpu>vpn>gateway>vpn>workstation". Please say more. Does "cpu" mean "computer"? Are you using an Android phone for Internet access?
     
  13. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    I've been feeling configure Vidalia (with some proxy tools) for your browser is better than TBB in terms of security (but not privacy), as TBB is based on ESR which don't have not only latest security feature but some unimportant security fixes, TBB even delay to patch somewhat compared official ESR firefox.

    Compartmentalization by VMs is ultimate solution which serves both for security and for privacy, but it can have significant performance penalty especially when your host PC is not powerful (my case).
     
  14. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,592
    An i5/i7 with 8 Gig or better of Ram smokes on performance running several VM's at the same time. I really like the word COMPARTMENTALIZATION!
     
  15. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    Compartmentalization is a good thing. I'm doing it with real machines. I have an obsessive compulsive disorder that keeps me buying hardware. I usually have several laptops going that are doing different things. One is just for forums, one is being used for VM experiments and disk cloning and one for business right now. I adjust security as appropriate for what each one is used for and none have their processors and ram overstressed. The cool thing about laptops is that when I'm not using them, I just put them on a shelf like a book that will be opened again when I need it again. Laptops that are a few years old and are still much more powerful than a VM are really cheap these days.
     
Loading...