Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Politics & Society
Re: Silk Road Operator Ross Ulbricht to Be Sentenced Today
by
Crenel84
on 09/06/2015, 02:22:58 UTC
Quote from: bryant.coleman on June 06, 2015, 05:45:40 PM
Quote from: Slunt on June 06, 2015, 05:35:59 PM
Quote from: bryant.coleman on June 06, 2015, 06:03:10 AM
Quote from: larsson on June 03, 2015, 07:30:52 AM
What concerns me the most in this story was how the feds managed to bust into a highly anonymized encrypted network

You should remember that the TOR is not anonymous anymore. It has been cracked by the FBI. Out of the 4,000 or so TOR relays, around 10% are controlled by the FBI and the CIA. When you log-in to Silk Road, if your entry node happens to be any of these fed-controlled relays, then the feds will be able to track your real IP address.

Do you have sources for this? Though people shouldn't be using tor bareback either. Use a proxy or public wifi before you connect to tor and then you should be safe.

Check this:

http://www.slate.com/articles/technology/future_tense/2014/12/silk_road_2_0_arrests_operation_onymous_did_the_fbi_break_tor.html

Using a proxy or VPN is definitely not a solution to this. The FBI can uncover the VPN cover in a matter of seconds. And I don't think that the usage of public Wi-Fi is safe either.

The article does not say that TOR was broken, nor that TOR is "not anonymous anymore," nor that it has been "cracked by the FBI," nor that x% of nodes are controlled by the US federal government. What it does say, in addition to that there is "no reason to panic," is that nothing is perfectly secure (i.e., vulnerabilities are expected), that the Feds may have simply piggy-backed onto CERT research that was irresponsibly done in a live environment instead of in a lab, and (via a linked document) that the actual number of real sites (as opposed to scam/clone sites trying to fool people seeking the real ones) taken down in Operation Onymous was far lower than originally claimed. The CERT research in question apparently was oriented around the already-known "traffic confirmation" model of attack, and this instance was ostensibly stopped when the CERT nodes were given the boot and vulnerabilities that enabled the attack were patched.

As for the use of public WiFi, if (theoretically) I'm using TOR via Tails on non-writable optical disc in a laptop while I sit outside a retail store with a generous WiFi presence, what are the real odds that my anonymity for that session will be broken after I power down (assuming no ridiculous behavior such as posting something in public that literally announces who and where I am)? I've never even tried this, but the idea of securing a truly anonymous connection is intriguing. I suppose that should just be a hypothetical question since this thread is about Ross Ulbricht (and OJ Simpson???) and not my curiosity.