I'm a diplomatic attachè - I need tech help

Discussion in 'privacy technology' started by sorcerer666, Oct 24, 2013.

Thread Status:
Not open for further replies.
  1. sorcerer666

    sorcerer666 Registered Member

    Joined:
    Oct 24, 2013
    Posts:
    2
    I work for a diplomat and I fear some reserved info could have leaked while i was chatting on a social network with a person I only had met twice.
    My setup was as follows:

    Laptop with wireless wpa-psk connection to the ISP
    Windows 8
    PureVPN with PPTP protocol and proprietary DNS server

    I launched Windows XP in a VMWare virtual machine
    Inside the virtual machine I launched TOR with the latest TOR browser bundle.
    I began chatting with another person using a social network (not Facebook) instant messaging service. In order to use this feature I had to allow Javascript. I do not remember if HTTPS was enabled, but I fear it was not.

    At one point I was pretty sure my conversation was being hacked by means of a man-in-the-middle-attack. I felt as if someone else had impersonated my chat partner.

    Question is:

    My understanding is that TOR encrypts all the packets before they leave the browser; also I was running TOR on top of a VPN.

    Is it possible that someone with adequate resources could have performed a MITM attack and logged my network activities? If that's the case, is it more likely it happened at the application layer or at a lower layer such as the transport layer? Was my wireless cracked (although unlikely given the signal range is low) or the IM service?
    Was it possible that a trojan had been installed inside my XP virtual machine (it was an almost fresh installation)?
    Thanks for any useful clues
     
  2. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    I think your wife will find out.
     
  3. Pinga

    Pinga Registered Member

    Joined:
    Aug 31, 2006
    Posts:
    1,420
    Location:
    Europe
    You probably need more help than that. A diplomat would spell attaché correctly :D
     
  4. 93036

    93036 Registered Member

    Joined:
    Sep 22, 2011
    Posts:
    87
    Well, the diplomat was stupid for allowing you access to sensitive information [if that's the case]. What ever was released out into the wild is not coming back; so I'd recommend that you contact your I.T. support team and request that they sanitize or re-image your laptop.

    In the future, strongly consider using a strictly personal laptop that makes no connections between your job and you.

    :doubt: :blink: :doubt:
     
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    PPTP is insecure, use OpenVPN or L2TP with IPsec.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Well, using a PPTP VPN in 2013 is very clueless. But maybe it's actually L2TP (PPTP over IPsec) which is about as secure as OpenVPN. I can't tell from PureVPN's website which they use. Maybe they use both, and users can choose.

    Anyway, even if an adversary hacked the VPN connection, you were still protected by Tor, running in the VM. A clever adversary could have killed your Tor connection in the VM, or monitored your end of the chat. But I don't see how they could have compromised Tot circuits to the remote chat client. They maybe could have killed Tor and emulated the remote chat client, but that would be an impressive hack.

    It's probably best to just forget about it, and buy another laptop for play. Maybe just "accidentally" drop your work laptop, and get a new one :)
     
  7. SnowFall

    SnowFall Registered Member

    Joined:
    Oct 26, 2013
    Posts:
    16
    Location:
    space
    Don't use windows 8 my friend that's all i can say on this topic :mad:

    Might i say as well that anyone that douse is a fool and not only for this reason, win8 blows on so meany levels its not funny.

    Diplomatic attachè ? then employ a network security \ privacy \ computer tech to set you up in advance if computers aren't your thing.

    .

    http://news.softpedia.com/news/Microsoft-Slams-Windows-8-Backdoor-Claims-378239.shtml
     
  8. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    win8 , lols , seriously xD
     
  9. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I will make it very simple for you. You chatted on a social network website "Social Network" You can use all the technology you want but that website will still have copies.

    I don't know why you would do this, its lazy and or dumb. I don't get why i'm the only one to bring this up? Its quite simple really... no advanced MITM hacking, no conspiracy no complicated logic involved, just very simple. If you lost government secrets either keep your mouth shut or if you are honest come clean and explain what happened to your boss. These are your only options, and if you were talking to a woman.... learn to control yourself man.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    The most likely explanation is that OP's "chat partner" was two or more people, perhaps at an Internet cafe. Maybe it was just a bunch of kids. Seriously :rolleyes:
     
  11. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188
    Please close this stupid thread .
     
  12. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,515
    Location:
    USA - Back in a real State in time for a real Pres
    Bets on OP being a 1 and done?
     
Loading...
Thread Status:
Not open for further replies.