Advice for the Admin

Suggestions for board features and changes.

He's committed no crimes. As long as a man has a forward grown maxilla he is allowed to rape whores at will. The only repercussion that comes of it is the whore bragging to her friends how hot the sex was. " OMG he had this knife to my throat and he was spitting on me but you should of seen his jawline, oh babbbbbyyyyyyy" this is exactly how it works.


Mouth Breathing Master Race Rules All!!!!

Image

madafaka wrote:Disable ip logging in the database
Remove all ip's from the database
Use an offshore hoster. (shinjiru, 2x4.ru)


Doesn't protect from IP addresses being logged because hotlinking images is enabled. Probably would signficantly protect from moralfags getting it shut down for whatever reason, but as I mentioned in another thread even if authorities could get it shut down they probably wouldn't opt to do so as it serves as an intelligence asset to them.

Use https


Yes please do this. People using Tor and proxies are particularly vulnerable to having their accounts hijacked due to this happening in cleartext over exit nodes. Even a self signed cert is fine people can just over ride the firefox warning.

If you really wanted to go hardcore resistant to law enforcement and even intelligence agencies you could do a bunch of shit as well, but probably not so concerned and having high security requirements would kill the memberbase and activity.

But what I do highly suggest is for people who want to be more controversial they should unlink their real identity from a pseudonym by making a new one with Tor browser at the very least, and not mentioning who they are or personal info that can be linked back to them on that account, but just anything that you want to say that can get you in trouble.

Another cool feature one forum I was on had is it allowed anonymous posting and pseudonymous posting, that is really useful for communicating with people and making it harder to link all of your posts back to a single entity, which has massive security benefits when it's coupled with network level anonymity. I'd actually highly suggest it, and you can integrate a captcha with it to make it less prone to abuse.

mrz wrote:
madafaka wrote:Disable ip logging in the database
Remove all ip's from the database
Use an offshore hoster. (shinjiru, 2x4.ru)


Doesn't protect from IP addresses being logged because hotlinking images is enabled. Probably would signficantly protect from moralfags getting it shut down for whatever reason, but as I mentioned in another thread even if authorities could get it shut down they probably wouldn't opt to do so as it serves as an intelligence asset to them.

Use https


Yes please do this. People using Tor and proxies are particularly vulnerable to having their accounts hijacked due to this happening in cleartext over exit nodes. Even a self signed cert is fine people can just over ride the firefox warning.

If you really wanted to go hardcore resistant to law enforcement and even intelligence agencies you could do a bunch of shit as well, but probably not so concerned and having high security requirements would kill the memberbase and activity.

But what I do highly suggest is for people who want to be more controversial they should unlink their real identity from a pseudonym by making a new one with Tor browser at the very least, and not mentioning who they are or personal info that can be linked back to them on that account, but just anything that you want to say that can get you in trouble.

Another cool feature one forum I was on had is it allowed anonymous posting and pseudonymous posting, that is really useful for communicating with people and making it harder to link all of your posts back to a single entity, which has massive security benefits when it's coupled with network level anonymity. I'd actually highly suggest it, and you can integrate a captcha with it to make it less prone to abuse.


TOR isn't secure, because the nsa has hundreds of own nodes.
The most secure way is to use a non logging vpn.

Anyway, why should you use a proxy if you dont do any illegal activity?
Only the site must be protected from feminists. They give a fuck about the users. They'll only do something, if they see someone wants to do something stupid.

Advice to admins: ban the user 8/10 he is probably the troll kelvin
If you dont have enemies, you dont have a character.

-Paul Newman

Fag wrote:Advice to admins: ban the user 8/10 he is probably the troll kelvin

He has micser written all over him.

or just use a nolog vpn and leave no traces to where you bought it

TOR isn't secure, because the nsa has hundreds of own nodes.
The most secure way is to use a non logging vpn.


Leaked information by Edward Snowden actually shows that the NSA has a small number of nodes and a very difficult time deanonymizing arbitrary Tor traffic. They reveal that the NSA has knowledge that GCHQ has a larger number of Tor nodes, though it is unknown by the NSA how many.

Tor has had failures that resulted in deanonymization of targets, but they are very rare. It is still more common for attackers to hack on the application layer to by pass Tor than it is for them to directly attack Tor via traffic analysis / signals intelligence.

Tor has far more advanced security features than all but a small handful of VPNs, and even in these cases Tor tends to have somewhat superior security features. VPNs have frequently had catastrophic flaws in their implementation allowing for arbitrary deanonymization by arbitrary network connected individuals. One example of this includes leaving netBios enabled, allowing a remote party to query the VPN server for all connected IP addresses.

VPNs have also frequently demonstrated extreme incompetence, in one case a VPN provider purchased DDoS protection for their nodes that included IP logging, and the police were able to get IP logs from the DDoS protection company rather than the VPN provider.

VPNs have also frequently snitched on their customers, most infamous case being hidemyass.

It is true that some exceptional VPN companies provide a higher degree of anonymity than others, and enough to hinder or delay law enforcement for even months of continued pattern of behavior, but you are always better off to go with Tor.

There is a good case for entering through a high end anonymous VPN and then chaining Tor to it and exiting through Tor though, and I believe for some people this is probably superior though for others it isn't. You should also always use open WiFi even if it is just a neighbors, but you should NEVER rely on open or cracked WiFi by itself. It is a strong compliment to anonymity but it does not provide it in and of itself. You also must make certain to spoof your MAC address.

Anyway, why should you use a proxy if you dont do any illegal activity?
Only the site must be protected from feminists. They give a fuck about the users. They'll only do something, if they see someone wants to do something stupid.


If you don't care if police know what you say here then you don't need a proxy. The site itself is probably at no more risk than most of the members though, but people are talking about lots of illegal and taboo shit.

mrz wrote:
TOR isn't secure, because the nsa has hundreds of own nodes.
The most secure way is to use a non logging vpn.


Leaked information by Edward Snowden actually shows that the NSA has a small number of nodes and a very difficult time deanonymizing arbitrary Tor traffic. They reveal that the NSA has knowledge that GCHQ has a larger number of Tor nodes, though it is unknown by the NSA how many.

Tor has had failures that resulted in deanonymization of targets, but they are very rare. It is still more common for attackers to hack on the application layer to by pass Tor than it is for them to directly attack Tor via traffic analysis / signals intelligence.

Tor has far more advanced security features than all but a small handful of VPNs, and even in these cases Tor tends to have somewhat superior security features. VPNs have frequently had catastrophic flaws in their implementation allowing for arbitrary deanonymization by arbitrary network connected individuals. One example of this includes leaving netBios enabled, allowing a remote party to query the VPN server for all connected IP addresses.

VPNs have also frequently demonstrated extreme incompetence, in one case a VPN provider purchased DDoS protection for their nodes that included IP logging, and the police were able to get IP logs from the DDoS protection company rather than the VPN provider.

VPNs have also frequently snitched on their customers, most infamous case being hidemyass.

It is true that some exceptional VPN companies provide a higher degree of anonymity than others, and enough to hinder or delay law enforcement for even months of continued pattern of behavior, but you are always better off to go with Tor.

There is a good case for entering through a high end anonymous VPN and then chaining Tor to it and exiting through Tor though, and I believe for some people this is probably superior though for others it isn't. You should also always use open WiFi even if it is just a neighbors, but you should NEVER rely on open or cracked WiFi by itself. It is a strong compliment to anonymity but it does not provide it in and of itself. You also must make certain to spoof your MAC address.

Anyway, why should you use a proxy if you dont do any illegal activity?
Only the site must be protected from feminists. They give a fuck about the users. They'll only do something, if they see someone wants to do something stupid.


If you don't care if police know what you say here then you don't need a proxy. The site itself is probably at no more risk than most of the members though, but people are talking about lots of illegal and taboo shit.

:lol: nothing here is taboo.

it's taboo in the matrix

It is true that some exceptional VPN companies provide a higher degree of anonymity than others, and enough to hinder or delay law enforcement for even months of continued pattern of behavior, but you are always better off to go with Tor.


You can't be serious. I can set up a tor node in 30 minutes and start to log ip's how can this be secure? Do you know how much people got busted because of tor?
There are vpn providers since 2008 who are known to not log ip's and using high end encryption. For example perfect-privacy. When they got raided, the cops could only get their truecrypt encrypted PC's and on their Servers wasn't a single IP logged. Many people who really do criminal stuff are using them.

You can also setup your own vpn in a vps.

madafaka wrote:
It is true that some exceptional VPN companies provide a higher degree of anonymity than others, and enough to hinder or delay law enforcement for even months of continued pattern of behavior, but you are always better off to go with Tor.


You can't be serious. I can set up a tor node in 30 minutes and start to log ip's how can this be secure? Do you know how much people got busted because of tor?


Tor uses three nodes, having control of a single node on a circuit doesn't allow you to deanonymize anybody.

client <-> node one <-> node two <-> node three <-> destination site

if you own node one you can only see the client IP, not where they are going.
If you own node two you can't see the client IP or the destination.
If you own node three you can see where the client is going but not their IP.

Tor has about 7,000 nodes for building circuits with. Although there are attacks that work if you own the first and the third node, even these attacks usually have a significant false positive rate. The surest way to pwn Tor users is to have a covert channel + control of node one and three (as has happened in the past once, but that channel was fixed), or to own all three nodes on the path.

There are vpn providers since 2008 who are known to not log ip's and using high end encryption. For example perfect-privacy. When they got raided, the cops could only get their truecrypt encrypted PC's and on their Servers wasn't a single IP logged. Many people who really do criminal stuff are using them.

You can also setup your own vpn in a vps.


People who use only VPN to do criminal things sometimes have no protection, and sometimes they delay the operation against them by a couple of weeks or months. But in the long term Tor has a much much better track record, of people using it for multiple years without getting busted.

Just read about some of the operations against carders or CP distribution groups to see how well VPNs hold up. Tor is superior. It isn't even debated in academic settings, Tor is widely recognized as the goldenm standard of low latency anonymity.

DeppIsGod wrote:
mrz wrote:If you don't care if police know what you say here then you don't need a proxy. The site itself is probably at no more risk than most of the members though, but people are talking about lots of illegal and taboo shit.

What if you only talk about looksmaxing and rate MMs? Do you still say that people should use Tor even though no illegal activities are made or talked about? I mean do freedom of speech even exist in this world?


I wouldn't worry unless you talk about controversial things or illegal things.

People who use only VPN to do criminal things sometimes have no protection, and sometimes they delay the operation against them by a couple of weeks or months. But in the long term Tor has a much much better track record, of people using it for multiple years without getting busted.


People who used trusted NON LOGGING vpn HAVE protection. Unlike many TOR nodes, trusted CARDER vpns do not LOG ip's. The network can not be compomised with LEGAL ways. Is it so hard to understand? In long term MANY got busted because of tor but not a SINGLE person because of trusted vpn providers like opvn or perfect privacy and they operate their services since 2008 and got raided.
The most tor nodes are already backdoored and tor is currently a big honeypot, every anonymity expert can confirm.

Just read about some of the operations against carders or CP distribution groups to see how well VPNs hold up. Tor is superior. It isn't even debated in academic settings, Tor is widely recognized as the goldenm standard of low latency anonymity.


Yeah, read how much people got busted by typing " TOR user busted" in google and then type " perfect privacy raided" and you'll see trusted vpn providers do not log ip's. I'm not talking about bullshit vpn providers like hidemyass us based or cyberghost germany based crap. Most Tor nodes aren't on a offshore host, they are getting easily access to the Servers.


https://www.techdirt.com/articles/20140 ... mous.shtml
https://www.schneier.com/blog/archives/ ... denti.html

People who used trusted NON LOGGING vpn HAVE protection. Unlike many TOR nodes, trusted CARDER vpns do not LOG ip's. The network can not be compomised with LEGAL ways. Is it so hard to understand?


I realize you are probably a member on some shitty carder forum and think you know about security, but believe me I've been studying traffic analysis since I was 17 years old and I know it better than you do.

Let's see what trusted non logging VPNs have done for the carder community:

http://www.wired.com/2013/07/bulgarian- ... ew-arrest/

The group was infiltrated by the Secret Service after one of its prominent members, Albert Gonzalez, was arrested in New York and flipped. Gonzalez, who became an administrator of Shadowcrew with top-level access and the respect of many of his associates, helped the Secret Service run the marketplace out of their offices in New Jersey in a scheme dubbed Operation Firewall. Gonzalez enticed Shadowcrew members to use a VPN that he said would let them communicate securely. In truth, the channel was monitored by authorities who had the ability to record and read messages in the clear.


Let's see how non-logging VPNs have helped the CP traders:

-----BEGIN PGP SIGNED MESSAGE-----

It's Thanksgiving, 2008, as I start to write this. Nothing is likely
to change for me between now and the one year aniversary of my exodus
from usenet.

Many will not remember me, and some who do will not be glad to be
reading this, because I am free and untouched by the events of March,
2008. Untouched; not investigated, tried or jailed.

It is clear that the precautions I was taking then were sufficient.
If they weren't, I would have been in the same boat as many others
who knew me.

So in retrospect, after much time to contemplate, review and analyze
what went wrong, I understand why some were safe and some weren't.

The reason for having a group wasn't protection, but economy. Open
posting not only provided a target, but the loss of the account used
for posting was likely (or inevitable). Accounts are not cheap, but
if the accounts were used only for encrypted exchange then there
would be no basis for closing the account (on the part of the ISP).
Failure of screening, therefore, would have only one adverse
consequence - loss of any anonymously created accounts. Not loss of
freedom.

Part of the screening process, in fact, was the requirement that the
applicant demonstrate proficiency in posting anonymously. Each
person chose their own "strategy" for anonymity and personal
security. The failings of the group concept did not, all by
themselves, get people arrested. Everyone I know that used
Privacy.li exclusively was arrested, most notably my number 2 who
relied on privacy.li for everything. Everyone I know that used tor
and remailers exclusively is still free. The arrests are the
ultimate test of anonymity, and SSH tunnels failed that test. At
least one never used any particular method of security because he
never posted any binaries. He was still arrested, however, for
posting a thank you note. And being part of the group.

During times of plenty, there was little reason to have a group at
all. Anything one could want could be found in usenet groups, and
one only need download the material. Such times were few and far
between though, and the group functioned as a "filler" for online
material, or just a way of keeping everything organized during both
feast and famine.

Regardless, I'm not back. I'm happy with my life despite it's
ordinary tribulations. I lack nothing of importance, although I do
have regrets. The group concept itself was, in retrospect, a
mistake. Properly excuted, it might not have been so disastrous, but
staying anonymous is no easy task. Relying on privacy.li was clearly
a big mistake. As for Cotse, I would expect that, if asked, Gielda
would answer honestly about any subpoenas he responded to that lead
to arrests. Or maybe not.

The only surprizes from the whole affair were the intensity of the
investigation and the coverage after the fact. The Assistant
Director of the FBI? CNN? For that tiny group? Unreal.

But OTOH, we knew that the magic word "ring" would inspire
exaggeration, and provide a convenient target for those who like
"conspiracies." Especially "Global" or "International" ones. Ha!

Curiously, the fall of egold coincided with our activities and the
indictment in April, 2007 followed the seizing of our account. You
could read about egold in wikipedia and decide for yourself.

But for me, it's all over, and I have no desire to get involved in
usenet again. The writing has been on the wall for usenet for some
time, and I don't need the excitement.

I wondered if I should anticipate the responses to this writing and
answer them in advance. Usenet is paranoid, and so there will be
questions about the authenticity of the post/poster (assuming someone
actually reads it) despite the PGP signature. There will be
suspicion about motives, and resurrected suspicions about what
happened and who did it. Too many questions to answer.

For historical interest, I may post another message that addresses
some of the internal workings of the group as seen from the top.

I leave you with the words to a song that I found to reflect the
thoughts and feelings of the 10 years I participated in usenet.

- ----------------------------------------------
We skipped the light fandango
turned cartwheels 'cross the floor
I was feeling kinda seasick
but the crowd called out for more
The room was humming harder
as the ceiling flew away
When we called out for another drink
the waiter brought a tray

And so it was that later
as the miller told his tale
that her face, at first just ghostly,
turned a whiter shade of pale

She said, 'There is no reason
and the truth is plain to see.'
But I wandered through my playing cards
and would not let her be
one of sixteen vestal virgins
who were leaving for the coast
and although my eyes were open
they might have just as well've been closed
- -------------------------------------------------

I could interpret the song, but I think it speaks for itself.

Good luck, and good bye.

Yardbird.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use

iQEVAwUBSaihvyiKTNlSgb07AQGdgwf8DhdWgSaSCOfeQbSgWNMU8CRI257BVVs/
NHfkyH/CTTEETJac8IK7QlDNj94hRmyi8KtWy6wTXf0SNGnNCXbyLOuBO/8OnImi
kPcl79NxBu5pitnUu95TUsSvUl0BNVB1EsmrOLK+F4zRT1q/mSQGLZEsnWbvJrh0
5kieVx4Q3ADN+QsBlFxdUzvTbSpOCQwxmeomYOsd0MedsEpF0arn/7jlghYSg+vF
knus+UMz13jkdUq2vQlE7FKGiY6Am79bZgic/BqvbBakJUVYQ2t8PYojB2yuF5OB
3XNSru5FyoE2jBQ+kAg2Ctil/MR86Tk2UFx5QutnufiDA69iCMn1hA==
=1xaq
-----END PGP SIGNATURE-----


Today you can find stories of SOME Tor users being busted as well, few of them due to actual Tor flaws though. Tor was essentially immune to compromise for much longer than VPNs were, and even today it holds up very well. Let's look at what the NSA has to say about Tor in leaked documents:

http://www.theguardian.com/world/intera ... n-document

'Tor Stinks' presentation – read the full document
Top-secret presentation says 'We will never be able to de-anonymize all Tor users all the time' but 'with manual analysis we can de-anonymize a very small fraction of Tor users'


Let's see what the NSA has to say about VPN services:

http://arstechnica.com/tech-policy/2014 ... y-call-it/

The National Security Agency’s Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today, according to documents published this week by the German news magazine Der Speigel. A slide deck from a presentation by a member of OTP’s VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs—including tools with names drawn from Star Trek and other bits of popular culture.


You should probably not rely ENTIRELY on Tor for your anonymity, although if you are going to rely entirely on something for anonymity it should certainly be Tor. Tor should virtually ALWAYS be part of your anonymity chain (you may argue I2P or Freenet are acceptable to use as well, but most people will say Tor is the best). And you should typically exit through Tor unless you need exit blocking resistance. You should probably always enter through open or cracked WiFi if you can though, or you may consider ENTERING through a VPN service (and you should know how to actually select a VPN, using VPNs from carder forums is retarded because the feds are way more likely to run those VPNs), but you should understand your threat model.


In long term MANY got busted because of tor but not a SINGLE person because of trusted vpn providers like opvn or perfect privacy and they operate their services since 2008 and got raided.
The most tor nodes are already backdoored and tor is currently a big honeypot, every anonymity expert can confirm.


I am an anonymity expert and I'm in regular contact with world leading anonymity experts, you are wrong.


Yeah, read how much people got busted by typing " TOR user busted" in google and then type " perfect privacy raided" and you'll see trusted vpn providers do not log ip's. I'm not talking about bullshit vpn providers like hidemyass us based or cyberghost germany based crap. Most Tor nodes aren't on a offshore host, they are getting easily access to the Servers.


https://www.techdirt.com/articles/20140 ... mous.shtml
https://www.schneier.com/blog/archives/ ... denti.html


Tor has had failures where small numbers of users were deanonymized, but it still offers more anonymity than any other system does.

First of all, I'm not a member of "some carder forums" you pedophil. I'm a linux server administrator and working for different cloud based companies.
Second, you arent a security expert, or you would know openvpn can use up to 4096 bit encryption and its almost impossible to crack. And tor?
And you're srs posting some unknown bulgarian vpn provider, when I say my mentioned vpn provider got raided and not a single ip got leaked?

Do you trust other people more or why do you not set up your own vpn on your own dedi and disable logging? If yes, then you're rly stupid.


Tor has been exploited many times.
Tor is depended by other users
Tor infrastructure is public
Tor servers CAN log ips. This fact alone end the discussion a true ninja is invisible.
.
Your sources about the vpn being insecure are "vague". Not a single user has been busted because of openvpn, or it would be known, very fast. Just like they couldnt crack truecrypt passwords. Openvpn source is still public and small vulnerabilitys are very rare not to mention big ones.

You use tor only for hiddenwiki. Some day you'll get busted if you are on the wrong nodes.

madafaka wrote:First of all, I'm not a member of "some carder forums" you pedophil. I'm a linux server administrator and working for different cloud based companies.


Lol at corporate security.

Second, you arent a security expert, or you would know openvpn can use up to 4096 bit encryption and its almost impossible to crack. And tor?


If you were a security expert you would know that Tor pads all packets to 512 bytes to protect from website fingerprinting traffic classification, whereas OpenVPN doesn't so it leaks known websites through the encryption with accuracy approaching 100%.

http://epub.uni-regensburg.de/11919/1/a ... ccsw09.pdf

Privacy enhancing technologies like OpenSSL, OpenVPN or Tor
establish an encrypted tunnel that enables users to hide content and
addresses of requested websites from external observers This pro-
tection is endangered by local traffic analysis attacks that allow an
external, passive attacker between the PET system and the user to
uncover the identity of the requested sites. However, existing pro-
posals for such attacks are not practicable yet.
We present a novel method that applies common text mining
techniques to the normalised frequency distribution of observable
IP packet sizes. Our classifier correctly identifies up to 97 % of re-
quests on a sample of 775 sites and over 300,000 real-world traffic
dumps recorded over a two-month period. It outperforms previ-
ously known methods like Jaccard’s classifier and Naïve Bayes that
neglect packet frequencies altogether or rely on absolute frequency
values, respectively. Our method is system-agnostic: it can be used
against any PET without alteration. Closed-world results indicate
that many popular single-hop and even multi-hop systems like Tor
and JonDonym are vulnerable against this general fingerprinting at-
tack. Furthermore, we discuss important real-world issues, namely
false alarms and the influence of the browser cache on accuracy.

.....

For all tested single-hop systems, we achieved an accu-
racy of more than 94 %, the best against Stunnel, where over 97 %
of instances were classified correctly. Stunnel offers significantly
less protection than all other systems, which is probably due to the
additional information gained from the many TCP and TLS hand-
shakes in each traffic dump. At first sight, Tor significantly offers
the best protection against the attack (accuracy below 3 %).


Do you trust other people more or why do you not set up your own vpn on your own dedi and disable logging? If yes, then you're rly stupid.


Do you realize that even if you disable logging on your server, the infrastructure it uses can still log traffic to it? Even if you don't enable logging, the data center will log traffic to that server as soon as they get a court order. And then guess what, you also have ZERO crowding because you are the only one using it. Also, you have perfect linkability of all exit traffic to a single entity now, because only one person is using that VPN whereas millions of people are using Tor. You should learn the basics of anonymity set sizes before you contiue to make a fool of yourself.

Tor has been exploited many times.
Tor is depended by other users
Tor infrastructure is public
Tor servers log ips. This fact alone end the discussion a true ninja is invisible.


Tor itself has been exploited one time that actually led to known compromises, with an advanced covert channel + sybil attack. It has had other limited attacks against it as well, primarily contained to academia.

You use tor only for hiddenwiki. Some day you'll get busted if you are on the wrong nodes.


Some people have been using Tor to go to hidden wiki and look at CP for like 6+ years and they aren't busted. You will be very hard pressed to find people who used VPNs for that long who didn't get busted.

david_chicago wrote:just use wifi of your neighbor.


This by itself is NOT adequate.

1. Police in some cities do dragnet wireless signals intelligence gathering and can retroactively geoposition a WiFi device

http://www.kirotv.com/news/news/seattle ... you/nbmHW/

SEATTLE —

In February, the Seattle Police Department announced it bought what's called a "mesh network," that will be used as a dedicated wireless network for emergency responders. What SPD did not say is that the network is capable of tracking anyone with a device that has a Wi-Fi connection.

"They now own a piece of equipment that has tracking capabilities so we think that they should be going to City Council and presenting a protocol for the whole network that says they won't be using it for surveillance purposes," said Jamela Debelak of the American Civil Liberties Union.

A spokesperson for Seattle Police said the network is not being used right now. A draft policy is being reviewed by the city attorney's office and will eventually go before the City Council.

The network includes 160 wireless access points that are mounted on poles across Seattle. Every time a device looks for a Wi-Fi signal and the access point recognizes it, it can store that data. The manufacturer of the network points out in a manual that the mesh network can store IP addresses, device types, applications used by the devices, current location, and historical location.

This information can be stored and connected for the last 1,000 times a person is connected with a specific device. The network shows up online in public places usually as intersections in the city such as, "4th&Pike," "4th&University" and "3rd&Union."

"Even if we assume that the mesh network was installed by good people for good reasons, there's no reason to believe that the people controlling the network in the future will use it for the public good," said Brendan Kiley of alternative news weekly the Stranger. "We need to have a serious public conversation and establish some very clear rules about how new surveillance technologies should and shouldn't be used -- with very real penalties for breaking those rules." Kiley first reported on the technology Wednesday in The Stranger.

"We believe that people should be free to move about without having the government track their movements unless there really is reason to believe they're engaged in some criminal activity," said Debelak. Seattle police could not explain why the network appears to be online.

Council member Bruce Harrell pointed out the need for SPD to be able to collect some of this information.

"While I understand that a lot of people have concerns about the government having access to this information, when we have large public gatherings like the situation like in Boston and something bad happens, the first thing we want to know is how are we using technology to capture that information," Harrell said.

He added that SPD needs to establish guidelines before it is used.

"The council made it crystal clear that before the 'on' button is turned on, before it's being used they have to go to the public," Harrell said.

The network was bought with a Homeland Security grant for $2.6 million. A spokesperson for the city attorney's office said a government affairs attorney is working with SPD to review the policy but there is no timeline as to when the review will be completed.


2. Police in most cities have portable wireless signal tracing devices that can position a device sending a live WiFi signal, or a device that is sending any signal provided they have the MAC address

http://www.flukenetworks.com/content/da ... now-you-go

When tracking a suspect for illegal internet activity, law enforcement needs to quickly determine if a wireless network at a suspect location is OPEN or secured before entering.

The Fluke Networks’ AirCheck™ Wi-Fi Tester can help you:

Detect if the wireless network inside the suspect residence is OPEN or secured
Locate devices that are illegally using a compromised OPEN wireless network

Its intuitive design makes it simple for anyone to quickly master AirCheck. Instant power-up and streamlined tests give answers in seconds so you can quickly serve a search warrant.


WiFi by itself is not adequate for anonymity, though it CAN strongly compliment the anonymity provided by solutions such as Tor and it is suggested to use it in addition to Tor.

If you were a security expert you would know that Tor pads all packets to 512 bytes to protect from website fingerprinting traffic classification, whereas OpenVPN doesn't so it leaks known websites through the encryption with accuracy approaching 100%.


It's worthless if you haven't control over the nodes.

Do you realize that even if you disable logging on your server, the infrastructure it uses can still log traffic to it? Even if you don't enable logging, the data center will log traffic to that server as soon as they get a court order. And then guess what, you also have ZERO crowding because you are the only one using it. Also, you have perfect linkability of all exit traffic to a single entity now, because only one person is using that VPN whereas millions of people are using Tor. You should learn the basics of anonymity set sizes before you contiue to make a fool of yourself.


Do you realize that Vladimir can use his basement somewhere in siberia as a datacenter?
Do you realize that an american court order wont work for a server located in russia?
Do you realize that a vpn crypts all traffic (from your isp and to the server)?
You're clueless.

Tor is being like a VPN router except that its entry and exit points are separate systems and in between there are a bunch of Tor relay nodes that are also separate systems. The purpose of Tor is to route traffic so that each node only knows of the previous and next hop, in other words, to allow untraceable connections.

The traffic itself is encrypted all the way up to the exit node. From there on the same rules apply as with your ISP in the first case and the VPN in the second. Whatever is not encrypted is visible and connection destinations are known. What shouldn't be known to the exit node is the origin of the traffic, you.

One way of doing it wrong would be if you make insecure connections to personal resources (or even secure connections to personal resources), the exit node can guess who you really are. Once it does that, it can then link your other activities back to you.

Tor advantages
No one can trace the sites you visit back to your IP address.

Since the network is distributed, it makes it extremely difficult for any government or organization to shut it down.

Tor disadvantages
It is very slow – Because your data is routed through a number of relays, using Tor is very slow. Therefore, it is not recommended for browsing or streaming geo-restricted video content.

Some ISPs actively search out and block Tor relays, making it difficult for some users to connect. China particularly is getting better at blocking Tor relays.

Since the traffic at the exit node is unencrypted, anyone (the police, the government, or a hacker) that is running the exit node can see your internet traffic. Furthermore, anyone can setup a Tor exit node and there's nothing to prevent that person from spying on the users. So if you are sending anything sensitive, be sure to use secure websites (with HTTPs).

VPN advantages
Connection speed is a lot faster compared to Tor since there's only the VPN server that stands between your computer and the requested site.

VPN provides better privacy and security than Tor.

Some VPN providers include malware protection in the client software.

VPN disadvantage

NONE

TOR = VPN WITH disadvantages

internet cafe - rdp - openvpn (nonlogging) - sshsocks (nonlogging) - socks5 (nonlogging) - victimsocks and you're 99% secure.

david_chicago wrote:
bulletsflyingby wrote:why would they look for any of us?


I made a threat to blow up the earth.


They are already monitoring your online acitvity. I'm sure you're on some kind of watchlist :lol:

It's worthless if you haven't control over the nodes.


It can be done internally or externally. Since you obviously don't know signals intelligence jargon, internally means from the node and externally means from the infrastructure.

Do you realize that Vladimir can use his basement somewhere in siberia as a datacenter?
Do you realize that an american court order wont work for a server located in russia?
Do you realize that a vpn crypts all traffic (from your isp and to the server)?
You're clueless.


Do you realize that interpol is an international police intelligence sharing organization, and that all interpol member states in theory cooperate with each other via mutual legal assistance treaties?

In Russia you will have some slow action probably and can buy yourself time, 2x4.ru for example has hosted tons of illegal shit online without being shut down or overly cooperating with LE. However, despite this it is still superior to use Tor. If you want to enter through such a VPN and exit through Tor that's your call, however if you don't have Tor on your anonymity chain at an appropraite position you are greatly reducing your level of anonymity.

Do you also realize that Tor encrypts all traffic up to the exit node, using state of the art encryption + additional security mechanisms such as packet padding and perfect forward secrecy? Also, traffic is encrypted up to the exit node, which is the third node on the chain. A single hop VPN knows the users IP address and can see their exit traffic in plaintext, so can the infrastructure. The Tor entry node knows the users IP address, but at the entry node traffic is not only padded but is also encrypted with THREE layers of AES-128-CTR keyed with ECDH secrets + one layer of OpenSSL link encryption, and the entry node can only remove the link encryption + one layer of the AES-256-CTR encryption.

In the past it was using 1,024 bit RSA keys which were considered secure when it was created over a decade ago, but they recently switched to stronger encryption primitives.

Tor is being like a VPN router except that its entry and exit points are separate systems and in between there are a bunch of Tor relay nodes that are also separate systems. The purpose of Tor is to route traffic so that each node only knows of the previous and next hop, in other words, to allow untraceable connections.


Sort of but you can't really compare Tor to a VPN because they are on different levels of the OSI model.

The traffic itself is encrypted all the way up to the exit node. From there on the same rules apply as with your ISP in the first case and the VPN in the second. Whatever is not encrypted is visible and connection destinations are known. What shouldn't be known to the exit node is the origin of the traffic, you.


Yes.

One way of doing it wrong would be if you make insecure connections to personal resources (or even secure connections to personal resources), the exit node can guess who you really are. Once it does that, it can then link your other activities back to you.


Yes, though Tor has various circuit isolation mechanisms that can be used to prevent this and are adding more in the future probably.

Tor advantages
No one can trace the sites you visit back to your IP address.

Since the network is distributed, it makes it extremely difficult for any government or organization to shut it down.


Yeah, and that is the entire point of Tor.

Tor disadvantages
It is very slow – Because your data is routed through a number of relays, using Tor is very slow. Therefore, it is not recommended for browsing or streaming geo-restricted video content.

Some ISPs actively search out and block Tor relays, making it difficult for some users to connect. China particularly is getting better at blocking Tor relays.


True, but Tor isn't made for that. Tor is made for people who need strong anonymity because powerful attackers are trying to locate them for what they do on the internet. If you just want to get otherwise legal torrents and have basic privacy from your ISP then you can knock yourself out with a VPN. If you want actual strong government resisting anonymity then you should use Tor.

Tor has bridges and obfsproxy for trying to prevent entry blocking.

Since the traffic at the exit node is unencrypted, anyone (the police, the government, or a hacker) that is running the exit node can see your internet traffic. Furthermore, anyone can setup a Tor exit node and there's nothing to prevent that person from spying on the users. So if you are sending anything sensitive, be sure to use secure websites (with HTTPs).


And the same exact thing is true for a VPN. But guess what, your Tor exit node changes frequently. So even if some % of your Tor exit traffic can be intercepted by an attacker, 100% of it cannot. If you use a VPN, you have a single exit node. Now 100% of your exit traffic can be intercepted by the VPN provider, anyone who compromises it, or the government with court orders, etc. VPN is all or nothing when it comes to exit traffic interception, Tor KNOWS some % of exit traffic is intercepted but it makes it virtually impossible for any given attacker to intercept 100% of your exit traffic.

VPN advantages
Connection speed is a lot faster compared to Tor since there's only the VPN server that stands between your computer and the requested site.


Sure VPN can be much faster than Tor, though Tor regularly gets 50-200kbps and can even get more so it isn't THAT slow for web browsing and such. Also, only one server stands between you and the internet with a VPN, and that is a single point of compromise. You NEED at least two hops to have any shot at decent anonymity.

VPN provides better privacy and security than Tor.


VPN doesn't pad packets and even through the encryption fingerprinted websites can be identified with accuracy that approaches 100%. Also, VPN makes you vulnerable to hackers in a variety of ways that Tor doesn't if it isn't configured properly by the provider.

Some VPN providers include malware protection in the client software.


Uh, if you are not using Linux or BSD you are doing it wrong.

VPN disadvantage

NONE

TOR = VPN WITH disadvantages


Stupid.
Next

Topic Tags

Return to Suggestions

Who is online

Users browsing this forum: No registered users and 5 guests