If you read Boing Boing, the NSA considers you a target for deep surveillance

The NSA says it only banks the communications of "targeted" individuals. Guess what? If you follow a search-engine link to Boing Boing's articles about Tor and Tails, you've been targeted. Cory Doctorow digs into Xkeyscore and the NSA's deep packet inspection rules.

Seven things you should know about Tor

Tor (The Onion Router) is a military-grade, secure tool for increasing the privacy and anonymity of your communications; but it's been the subject of plenty of fear, uncertainty and doubt.

The Electronic Frontier Foundation's 7 Things You Should Know About Tor debunks some of the most common myths about the service (which even the NSA can't break) and raises some important points about Tor's limitations.

7 Things You Should Know About Tor [Cooper Quintin/EFF] Read the rest

The Tor challenge: run a Tor node for great justice

EFF, Freedom of the Press Foundation, Free Software Foundation and The Tor Project have launched The Tor Challenge, a campaign to encourage people to run Tor nodes. "Tor is a powerful tool that helps you stay anonymous online. It can protect your privacy as you browse the Internet and circumvent government censorship of the webpages you visit. We need your help to keep Tor strong. Run a Tor relay today." Here's how to get started. Read the rest

Edward Snowden hosted a cryptoparty and ran a Tor exit node

Before Edward Snowden went on the run and effected the first-ever leak of documents from the NSA, he threw a cryptoparty in Hawai'i, coordinating with Runa Sandvik from the Tor Project and Asher Wolf from the Cryptoparty movement to plan an event where everyday people were taught to use crypto. He gave a lecture for his neighbors on Truecrypt, and told people that he ran at least two Tor exist nodes to help people keep their anonymous traffic moving (Boing Boing also runs a Tor exit node). Apparently, his girlfriend videoed the event -- I'd love to see it!

Snowden used the Cincinnatus name to organize the event, which he announced on the Crypto Party wiki, and through the Hi Capacity hacker collective, which hosted the gathering. Hi Capacity is a small hacker club that holds workshops on everything from the basics of soldering to using a 3D printer.

“I’ll start with a casual agenda, but slot in additional speakers as desired,” write Cincinnatus in the announcement. “If you’ve got something important to add to someone’s talk, please share it (politely). When we’re out of speakers, we’ll do ad-hoc tutorials on anything we can.”

When the day came, Sandvik found her own way to the venue: an art space on Oahu in the back of a furniture store called Fishcake. It was filled to its tiny capacity with a mostly male audience of about 20 attendees. Snowden spotted her when she walked in and introduced himself and his then-girlfriend, Lindsay Mills, who was filming the event.

Read the rest

Tor: network security for domestic abuse survivors

Michael from Beta Boston writes, "The privacy protections offered by tools like Tor aren't just for journalists and spies; they're important for everyone. Almost every modern abusive relationship has a digital component, from cyberstalking to hacking phones, emails, and social media accounts, but women's shelters increasingly have found themselves on the defensive, ill-equipped to manage and protect their clients from increasingly sophisticated threats. Recently the Tor Project stepped in to help change that, and we took a long look at the work cut out for them."

This is an important point: when you make it so that no one can keep secrets from the state and its enforcement arm, you also make it so that no one can keep secrets from crooks, thugs, stalkers, and every other kind of bad guy. Read the rest

TAILS: Snowden's favorite anonymous, secure OS goes 1.0

TAILS -- The Amnesiac Incognito Live System -- is a highly secure operating system intended to be booted from an external USB stick without leaving behind any trace of your activity on either your computer or the drive. It comes with a full suite multimedia creation, communications, and utility software, all configured to be as secure as possible out of the box.

It was Edward Snowden's tradecraft tool of choice for harvesting and exfiltrating NSA documents. Yesterday, it went 1.0. If you need to turn a computer whose operating system you don't trust into one that you can use with confidence, download the free disk image. (Note: TAILS won't help you defend against hardware keyloggers, hidden CCTVs inside the computer, or some deep malware hidden in the BIOS). It's free as in speech and free as in beer, and anyone can (and should) audit it.

Effectively, this is the ParanoidLinux I fictionalized in my novel Little Brother. Read the rest

Jake Appelbaum reads his Homeland afterword, with bonus Atari Teenage Riot vocoder mix

Two of my friends contributed afterwords to my novel Homeland: Aaron Swartz and Jacob Appelbaum. In this outtake from the independently produced Homeland audiobook (which you can get for the next week exclusively through the Humble Ebook Bundle), Jake reads his afterword at The Hellish Vortex Studio in Berlin, where he is in exile after several harrowing adventures at the US border. Hellish Vortex is run by Alec Empire, founding member of Atari Teenage Riot. Alec recorded this clip (MP3), and also mixed an alternate version.

Originally Jake had intended for his afterword to be anonymous (I didn't understand this at the time, and there was no harm done!). In keeping with this, Alec mixed this vocoder edition (MP3), that is pretty awesome.

Humble Ebook Bundle Read the rest

Detailed analysis of Syria's network censorship with logs from Blue Coat's surveillance boxes

In Censorship in the Wild: Analyzing Web Filtering in Syria [PDF], researchers from INRIA, NICTA and University College London parse through 600GB worth of leaked logfiles from seven Blue Coat SG-9000 proxies used by the Syrian government to censor and surveil its national Internet connections. They find that the Assad regime's censorship is more subtle and targeted than that of China and Iran, with heavy censorship of instant messaging, but lighter blocking of social media. They also report on Syrians' use of proxies, Tor, and Bittorrent to evade national censorship. It's the first comprehensive public look at the network censorship practiced in Syria.

Censorship in the Wild: Analyzing Web Filtering in Syria [PDF] (Thanks, Gary!) Read the rest

The downfall of Silk Road, and with it, the so-called Dark Net

From Adrian Chen's Gawker long-read about that recent bust of the web's biggest online illegal drug marketplace:
The lesson of the Silk Road takedown isn't that Ulbricht was sloppy about security. It's that the idea of a world famous, anonymous illegal market is fatally contradictory. Ullbricht made some technical mistakes, but his biggest one was conceptual: buying his own hype that high-tech tricks would let him implement a radical free market fundamentalism that could never work politically.
Read the whole piece. Related: Chen's profile of Ross William Ulbricht. Read the rest

NSA and UK intel agency GCHQ target online anonymity tool Tor, according to leaked Snowden documents

Despite the fact that online anonymity tool Tor was developed with US government funds, the NSA really does not like Tor.

Top-secret documents leaked to the Guardian by former US intelligence contractor Edward Snowden reveal details of repeated attempts by the US and UK governments to crack Tor, the "onion router" that was originally funded in by the US government, and used widely by dissidents and activists around the world. Tor's core network security remains intact, but the NSA has had some success attacking users' computers, according to the report.

Who uses Tor? According to one of the slides in the leaked presentations, "Terrorists!" The NSA is fond of the generous use of exclamation points in these things. Read the rest

Where the Silk Road ends: Feds arrest 'Dread Pirate Roberts,' alleged founder of largest Bitcoin drug market

What users who attempt to connect to the Silk Road marketplace see now (HT: Adrian Chen)

Looks like the government shutdown didn't stop federal agents from shutting down the most popular "deep web" illegal drug market. In San Francisco, federal prosecutors have indicted Ross William Ulbricht, who is said to be the founder of Silk Road. The internet marketplace allowed users around the world to buy and sell drugs like heroin, cocaine, and meth.

The government announced that it seized about 26,000 Bitcoins worth roughly USD$3.6 million, making this the largest Bitcoin bust in history. There were nearly 13,000 listings for controlled substances on the Silk Road site as of Sept. 23, 2013, according to the FBI, and the marketplace did roughly USD$1.2 billion in sales, yielding some $80 million in commissions.

According to the complaint, the service was also used to negotiate murder-for-hire: "not long ago, I had a clean hit done for $80k," the site's founder is alleged to have messaged an associate.

Ulbricht, 29, is also known as "Dread Pirate Roberts." Read the rest

Jacob Appelbaum explains surveillance to the EuroParl

Jacob Appelbaum of the Tor Project and Wikileaks addressed the European Parliament on the issue of surveillance and freedom. It was a remarkable speech, even by Appelbaum's high standards. An amateur transcript gives you a sense of what's going on, but the video is even better: "Is it used for coercion? Is data passed to autocratic regimes? Is it used to study groups? Is it used to disrupt? Yes, yes, and yes. Might they force or forge data? Absolutely." Read the rest

FBI: Yes, we controlled Tor servers behind mass malware attack

"It wasn’t ever seriously in doubt," writes Kevin Poulsen at Wired, "but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors." Freedom Hosting was a provider of so-called “Tor hidden service” sites. Their addresses end in .onion, their geographic locations are masked behind layers of routing, and they can be reached only over the Tor anonymity network. [Threat Level] Read the rest

90 percent of Tor keys can be broken by NSA: what does it mean?

Errata Security CEO Rob Graham has published a blog-post speculating that ninety percent of the traffic on the Tor anonymized network can be broken by the NSA. That's because the majority of Tor users are still on the an old version of the software, 2.3, which uses 1024 RSA/DH keys -- and at keylengths of 1024 RSA/DH crypto can be broken in a matter of hours using custom chips fabbed at an estimated cost of $1B. It seems likely that the NSA has spent the necessary sum and sourced these chips (likely from IBM).

This isn't the same as being able to decrypt all of Tor in realtime, but it does suggest that the NSA could selectively decrypt its stored archives of Tor traffic.

However, the new version of Tor, 2.4, uses elliptical curve Diffie-Hellman ciphers, which are probably beyond the NSA's reach.

Graham faults the Tor Project for the poor uptake of its new version, though as an Ars Technica commenter points out, popular GNU/Linux distributions like Debian and its derivative Ubuntu are also to blame, since they only distribute the older, weaker version. In either event, this is a wake-up call that will likely spur both the Tor Project and the major distros to push the update.

Yesterday's revelations about the NSA's ability to decrypt 'secure' communications were taken by many to mean that the NSA had made fundamental mathematical or computing breakthroughs that allowed it to decrypt securely enciphered messages. But it's pretty clear that's not what's going on. Read the rest

Anti-Tor malware reported back to the NSA

More information on the malicious software that infected Tor Browser through Freedom Hosting's servers, which were then seized by law-enforcement: it turns out that infected browsers called home to the NSA. Or, at least, to an IP block permanently assigned to the NSA. Read the rest

Anonymous Web-host shut down, owner arrested; Tor users compromised by Javascript exploit

FreedomWeb, an Irish company known for providing hosting for Tor "hidden services" -- services reached over the Tor anonymized/encrypted network -- has shut down after its owner, Eric Eoin Marques, was arrested over allegations that he had facilitated the spread of child pornography. Users of Tor hidden services report that their copies of "Tor Browser" (a modified, locked-down version of Firefox that uses Tor by default) were infected with malicious Javascript that de-anonymized them, and speculate that this may have originated with with FBI. Tor Browser formerly came with Javascript disabled by default, but it was switched back on again recently to make the browser more generally useful. Some are predicting an imminent Bitcoin crash precipitated by the shutdown. Read the rest

How a crook defrauded an online crime BBS

HackBB is a popular underground BBS for computer criminals; last March it went down after a prominent user and administrator called Boneless stole all the funds in an escrow service used by criminals to pay each other for services; destroyed part of HackBB's database; and sent blackmail notes to many of the site's users. Prior to the theft, Boneless had been a sterling member of the community, posting well-written, useful guides to using stolen credit cards, defrauding online bookmakers, and going underground anonymously. After two years' worth of winning the community's trust, he raided them and took the site down. But it didn't last long -- today, HackBB is back up and running. Read the rest

More posts