Discussion in 'malware problems & news' started by ronjor, Oct 2, 2013.
The “he said, she said” of how the FBI found Silk Road’s servers
So, let me see here, the U.S can take any data they please on any server anywhere on Earth so long as it involves a U.S citizen. They also can hack any server they please on foreign soil because the fourth amendment does not apply overseas. So in other words, "We do what we want, deal with it"? However, any other nation tries that to the U.S and they get verbal hell rained down on them. I see. Who would like to place bets on how quickly other nations run in the opposite direction when we need something?
A democracy at home, not a democracy (let's be polite) overseas. That's the Anglo-American way of doing things that the world knows and loves ... not. It has been this way for centuries.
By Andy Greenberg:
Judge in Silk Road case gets threatened on Darknet
NY Senator Calls for Renewed Crackdown on Dark Web Drug Sales
Whack a mole....
Does the Senator know that the US and allied governments' actions in mass surveillance, and their pathetic legislative response, has pretty much guaranteed improvements in the products and services which will help these guys? As you sow...
Online Drug Dealers Are Now Accepting Darkcoin, Bitcoin’s Stealthier Cousin
For those socially inclined - you may follow Andy on Twitter.
Feds Seize Silk Road 2 In Major Dark Web Drug Bust | WIRED
Silk Road 2 Was Just Shut Down by the FBI.
International crackdown on online drug markets leads to 17 arrests, multiple shutdowns
Global Web Crackdown Arrests 17, Seizes Hundreds Of Dark Net Domains
Silk Road's demise paves way for 'unstoppable' OpenBazaar's rise
Has Tor been compromised?
Authorities worldwide strike Internet’s black market Washington Post
...Several experts suggested that Tor’s ability to protect the identities of users and the locations of servers may have been compromised on a mass scale by investigators using high-tech tools.
“I am 95 percent certain that they performed a massive de-anonymization attack on Tor hidden servers and were able to shut down all their targeted servers in the U.S., Europe or anywhere else where U.S. law has meaning,” said Nicholas Weaver, a computer science researcher at the University of California, Berkeley...
...“We are not ‘just’ removing these services from the open Internet; this time we have also hit services on the Darknet using Tor where, for a long time, criminals have considered themselves beyond reach,” said Troels Oerting, head of the European Cybercrime Centre, part of Europol. “We can now show that they are neither invisible nor untouchable. The criminals can run but they can’t hide. And our work continues.”
That was quick. We have Silk Road 3.0 reloaded on Friday.
'Dark Web' drug site challenge law enforcement-AP
On Friday, an underground website calling itself Silk Road 3.0 Reloaded claimed to be open for business on the TOR network, which is linked globally through special browsers that encrypt Internet traffic. Several other websites on the TOR network also claimed to be open for drug transactions.
The dark Web poses new and formidable challenges for law enforcement agencies around the world that have been dealing for decades with more conventional international drug trafficking. The reach and anonymity of these 21st century Internet operations is difficult to penetrate. Silk Road and copycats on the TOR network are not readily visible through popular Internet search sites. The buyers and sellers don't exchange cash, dealing instead in often untraceable digital currencies, usually Bitcoin. So there are no banking records for investigators to subpoena.
Tor hidden services are vulnerable in at least two ways, which have been well-known for years. Fundamentally, they're vulnerable because they're servers, which by design respond to clients. It's easy for an adversary's clients to make servers dance to their tune. That creates signals that the adversary can search for.
Adversaries with global intercepts can simply brute-force search. They can also interrupt connections between networks, using various methods ranging from DDoSing to physical attacks. Maybe that's too big a job, even for the NSA. But it's hard to say.
A hidden service may be hidden to Tor clients, but it's not at all hidden to its entry points (relays) to the Tor network. Normally, that's not an issue, because those entry relays don't know what hidden service they're handling. That is, they know the hidden service's true IP address, but they don't know what its .onion hostname is.
However, adversaries can use malicious Tor clients and relays to find hidden services. An adversary uses Tor clients to make a hidden service dance, and then it listens for the signal among its relays. Most of the time, those will be middle relays in either the client's circuit, or the hidden service's circuit.
But some of the time, those will be relays directly connected to the hidden service. And the adversary can easily determine that from the published list of Tor relay IPs. Bingo
As with clients, hidden services connect to the Tor network through entry guards. By using a persistent set of entry guards, it takes longer for an adversary's malicious relays to connect directly to the target hidden service. But entry guards eventually change. And an adversary can increase the odds by DDoSing all known guards except for its own, and forcing the target hidden service to use its ones.
I get most of that from reading Paul Syverson et alia. Good stuff
It's interesting how much fanfare this action has raised in the papers - publicity and propaganda being a big element of this as I think they're desperate to attempt to repair their image and convince people that bulk surveillance is justified (not that this is anything to do with bulk surveillance).
The reality is of course that this is whack-a-mole at best, and you can bet that inventive and well-funded drug gangs will evolve and get their stuff to market. And technically this will happen, as you point out.
You could probably say "whack-a-mole" for all that is illegal. I - for one, sleep better at night knowing that one less openly illegal site selling anything from drugs to human trafficking makes the world a better place.
Depends on what % of the market has been taken down.
If it is a reasonable percentage that yes you can sleep easier but if its like normal drug dealers being jailed there is no real impact on the trade.
Silk Road, other Tor “darknet” sites may have been “decloaked” through DDoS [Updated].
Interesting. Ive always wondered why don't they simply use packet tracers, find the location of an entry tor server which should be easy enough. go to the ISP or Data centre where the entry bridge server is and with a packet tracer you could see where the bridge server connects too then you would find the location of a middle tor server and so on and so on until you get to the hidden server.
Separate names with a comma.