Darknet Part 3: How people got caught

10/07/2018

Part 3 of an occasional series of videos about the Darkweb, hidden services, anonymity… all the good stuff that we need, and need to know about!

Excellent Defcon presentation by Adrian Crenshaw detailing how some Tor users got caught.  TL;DR: it’s all down to faulty OpSec.  Be careful all the time, use your common sense, and all well be well.  So long as there aren’t 0days in Tor Browser that the Man knows about and the devs don’t…

But this isn’t too long to watch.  So watch it!  Even if you don’t use the darknet it is hugely informative and entertaining.  And if you do use Tor or otherwise have an interest in anonymity (which means you!), it is doubly informative and entertaining… in fact it is essential for everyone to watch.  So watch it!

tor-browser1

There’s a special browser that leads to a secret web…

bmc-yellow


The Cypherpunk Manifestos

24/06/2018

Reading a lot about privacy and anonymity and cryptography and cryptocurrency and Darknet hidden services and Tor lately.  Something that has caught my attention is the Cypherpunk movement, and their manifestos.

bitcoin

Without anonymous currency, we don’t have real anonymity

The earliest one seems to be The Crypto Anarchist’s Manifesto, written by Timothy C May in 1988.  Here’s a link to it.  Written thirty years ago, but very of the moment even now.  Read how it opens:

Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re-routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation.

A cypherpunk’s manifesto” by Eric Hughes, is also very relevant, even though it is 26 years old.  Here’s a bit:

Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can’t get privacy unless we all do, we’re going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide. We don’t much care if you don’t approve of the software we write. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down.

Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act. The act of encryption, in fact, removes information from the public realm. Even laws against cryptography reach only so far as a nation’s border and the arm of its violence. Cryptography will ineluctably spread over the whole globe, and with it the anonymous transactions systems that it makes possible.

This is stuff that could have been written yesterday.  The technologies required for true anonymity have broken out fairly recently: encryption, cryptocurrency, all this has come to a head now.  If we don’t seize this opportunity, maybe we don’t deserve it.

bmc-yellow


Darknet Part 1: What is the darknet and why should I care?

23/06/2018

 

Welcome to Part 1 of my guide to the Darknet.  Well, I say “mine” but it’s actually by many people.  And, just so you all know I’m not trying to pass off this guide as my own words, I’m going to show the words actually coming out of their true creators’ mouths, thanks to the miracle of video streaming over the internet! Thanks be to Youtube,eh!!

Okay, part 1 of this series is a primer on the Deep Web and the Darknet.  It’s a TEDx talk by Alex Winter (of Bill & Ted fame), entitled “The Darknet isn’t what you think”.  There are some misconception about what illegal services were available through the Silk Road website.  For instance child pornography was banned.  Stolen goods weren’t allowed.  Ads for contract killers weren’t allowed.

Anyway, check out the vid.  Enjoy!

Next time: A film about the rise and fall of the Silk Road

 


‘We can intercept your Google and Facebook activity all we want, so screw you!’ says UK government

17/06/2014

The British government has for the first time spelt out why it thinks it has the right to snoop on our Google, Facebook and other internet traffic all it wants.

Charles Farr, the Director General of the Office for Security and Counter Terrorism, has made a statement (available here) that claims according to UK law the security services only need to get warrants to snoop on communications from one UK party to another. Traffic to and from services like Google (which includes Gmail) and Facebook are classed as “external communications”, for which no warrants are required.

This is horrendous. The internet is a network of networks, many of which are in other countries. So a large amount of our online activity will be transferred via networks in the USA and other countries even if the activity is practically domestic. If you send an email via Gmail to another UK citizen, the government classes it as an “external communication”. The same will be true of activity on Facebook, Twitter, and a great many other services, even though your intention is to communicate or share with other UK residents. Tempora, the program run by the British snooping agency GCHQ, gathers data and metadata, then shares it with the NSA. This means that practically all our online activities are stored, and can be used in fishing expeditions, even though GCHQ or NSA do not suspect you of any potentially criminal activity. Tempora is a “buffer” which stores internet data for 3 days and metadata for 30 days. GCHQ’s computers sift through all this data, storing anything that is “of interest”, which means that online privacy really is nonexistent. Which is what many of us have assumed for ages (especially after Edward Snowden’s revelations), but now it’s official.

What really exasperates me is that major criminals and terrorists will be taking steps to avoid this already, for example by using a VPN (Virtual Private Network). The real victims of GCHQ’s activities are us ordinary joes who are not engaged in criminal conspiracies but who want privacy (like people who send letters in sealed envelopes rather than postcards). We could encrypt our communications; but how many of us want to do this? and I’ll bet Tempora looks out for encrypted traffic and logs it as suspect.

The law needs changing. But that’s not going to happen. Why would the government give up these powers? So, I’m going to use my VPN account when I go online, and I advise everyone else to do the same. Tempora’s alarms will be set off by my suspicious activity; but if everyone is doing it GCHQ’s systems will overload. I hope. Remember, GCHQ has supercomputers and massive storage facilities. Big Brother, man! 1984 man!

Locations of visitors to this page


free web stat


Online freedom of speech threatened (again)…

12/06/2012

The British government is considering legislation that will force websites and internet service providers to disclose the identity of alleged online “trolls”. This is in reaction to the recent conviction of Frank Zimmermann, who apparently sent nasty emails to Conservative MP Louise Mensche and other well-known people including Lord Sugar, military top brass and newspaper columnists. He narrowly avoided a custodial sentence because of his age (60 years old) and “problems” he has suffered. He was given a 26-week jail sentence, suspended for 2 years.

This case stemmed from a message to Louise Mensche after she said that sites like Twitter should be closed down if they were used to coordinate riots, as was alleged after last summer’s riots. Zimmermann sent her a message saying she was “the slut of Twitter” and went on:

We are Anonymous and we do not like rude cunts like you and your nouveau riche husband Peter Mensch. We are inside your computer, all your phones everywhere and inside your homes.

“So get off Twitter. We see you are still on Twitter. We have sent a camera crew to photograph you and your kids and we will post it over the net including Twitter, cuntface. You now have Sophie’s Choice: which kid is to go. One will. Count on it cunt. Have a nice day

Certainly a nasty message.But most regular internet users would probably shrug it off as the meaningless trolling it was. But not poor Louise. She called the police and arranged security for her family. In a victim impact statement she said she had taken the threats seriously. Personally I would advise her to grow a thicker skin if she wants to continue a career in politics. But her case went to court, Zimmermann was punished… and now the government is planning legislation that will force websites and ISPs to help identify anyone who is accused of alleged defamation and trolling. Where is the line that separates free speech and trolling? Who will get to decide that?

I don’t like the look of this. It is a clear attack on freedom of expression, all wrapped up in the Mensche case so we think of (idle) threats to children and are distracted from the fact that the government will be able to easily track down anyone who posts material that the government doesn’t like. This isn’t just ridiculous – it has very dark ramifications in a supposed democracy.

Incidentally, district judge Martin Brown accepts that computer and internet use is a fundamental human right. The judge said he had decided against banning Zimmerman from using a computer. “It had been my intention to prohibit him from using a computer and I accept the human rights angle and I accept the problems of policing that,” he said.

That’s one plus point to emerge from this case. The only plus point. Which is pretty well negated by the prospect of the government’s plans to take away our right to privacy and to freedom of expression. This is seriously bad news.

Locations of visitors to this page

free web stat


Wikileaks.org is back up! Not a *huge* victory for freedom and common sense – but a victory nevertheless

15/12/2010

On 3 December, we reported that you could no longer reach the Wikileaks site by using the wikileaks.org URL. Well, that is no longer the case: aim your browser at “http://wikileaks.org” and you get rerouted to http://mirror.wikileaks.info/ – one of the many, many mirrors that sprouted after the USA’s clumsy efforts to limit free speech. Not a major victory by any means. But a victory nevertheless.

In other (Wikileaks/Assange-related) news: Julian Assange is still in prison even though he was granted bail yesterday. The Swedish prosecutors have appealed against the bail ruling, claiming that he would pose a major flight risk. I’m not sure how the Swedes think he’ll flee: Assange’s face must be one of the best known in border security circles, plus they have his passport… but as things stand, he must remain in HMP Wandsworth for at leat another couple of days while this judicial circus runs its course.

This case is highlighting the problems with the new European arrest warrant system. Usually, it is only possible to extradite someone if the crime he’s accused of is also a crime in the country he’s “hiding” in. As far as I can tell, Assange’s alleged crimes are not illegal in Britain (what the Swedes call “rape” and “sexual molestation” are very different to the UK’s definitions – I believe one of the charges relates to Assange refusing to use a condom; the complainant admits that the sex was consensual, so how in hell can this be called a crime? He didn’t force her to have unprotected sex).

Anyway, a blog like this one is not really a good place to discuss the intricacies of Swedish law. But what I will say is this: Sweden has got very accommodating rendition agreements with the USA. If Assange is extradited to Sweden, it won’t be long before he ends up in America. And if you look at what politicians are saying about Assange it’s pretty clear he won’t receive a free trial and he’ll end up on a slab.

But do these people really believe that Assange is Wikileaks? The leaks will continue, regardless of his fate. All that will happen is that Assange’s colleagues will improve their security and anonymity. Killing (or imprisoning) Assange will not kill Wikileaks. And all politicians need to beware: if they treat Assange like a piece of shit, the leaks will become more and more damaging to the so-called “liberal” European “democracies” who are currently baying for his blood. So watch out, fools: the day of reckoning is nearly upon us… and you.

UPDATE: I just noticed this, a page that lists the very many sites that are mirroring Wikileaks in an attempt to stop the authorities ever again closing them down. Well, when I say “stop”, I actually mean “make it very difficult”. The USA has already demonstrated the length of its reach. But when Wikileaks is mirrored in a huge number of countries, some of whom dislike America intensely, the job of censorship becomes much more difficult.

There’s also info on the page about how you too can mirror Wikileaks on your web server. I say go for it! I think it’s about time that the USA learned what “democracy” actually means: rule by the people for the people; not rule by a bunch of rich geezers on behalf of their billionaire buddies. Or is my dictionary out of date?

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();
Free hit counter
Free hit counter


Wikileaks in trouble (again)

03/12/2010

Wikileaks, the website that helps whistleblowers make their info public whilst remaining anonymous, is in trouble again. I guess it’s inevitable that anyone who releases onto the internet hundreds of thousands of classified US government documents is going to face hardship in one way or another – the USA is not a nice enemy to have. First they got Amazon to stop their Wikileaks-based business (the 250,000 US embassy cables recently leaked were stored on servers owned by Amazon) and now they’ve got Everydns, the American-owned company that provided DNS service to Wikileaks, to drop the wikileaks.org site. Tell your browser to go to “wikileaks.org” and it’ll tell you that there’s no server at that address.

Everydns, the company involved, say they had to drop wikileaks.org because the denial-of-service and other cyber attacks aimed at the Wikileaks site were also affecting the internet company’s other customers. And that’s a plausible explanation. Plausible deniability, anyone? Because it seems to me that a more likely explanation is that the US government leaned on Everydns and told them: “Drop Wikileaks or we’ll drop you!” And there’s the fact that Joe Lieberman, chairman of the Senate’s committee on homeland security, called for a boycott of Wikileaks-related business by all American companies. Amazon have admitted that they acted under pressure from the government – so why are Everydns being so shy? Are they ashamed of what they’ve done? I know that I would be ashamed of myself if I did anything like that.

While this has harmed Wikileaks, it wasn’t fatal. Wikileaks quickly got themselves a Swiss URL – wikileaks.ch – and there’s also the IP address 46.59.1.2 – type that into your browser’s address bar and it’ll take you to the site that makes the US government so scared!!

I think that Wikileaks are providing a much-needed service. If democracy is to be taken seriously, there needs to be transparency of government. And the constant refrain we hear from politicians – that these leaks put the lives of service men and women in danger – is complete BS. The government put its troops’ lives in ganger when it sent them off to war. Also, Wikileaks have collaborated with experienced journalists from the New York Times, the Guardian and others) to ensure that individual identities are not revealed needlessly. The plain truth is that Wikileaks has exposed the politicians’ unethical greed and war-mongering. Good work, Wikileaks… but watch your back.

One Wikileaks-related figure, Julian Assange, has more reason than most to watch his back. Wikileaks works best as an anonymous network of activists and truth-seekers. But Assange has put himself into the story. Go to front of the current Wikileaks site (213.251.145.96) and you’ll find a photo of the man, looking rather contemplative and honest (the direct eye-contact between the man and the camera lens screams “Trust me!” Maybe he’s deliberately hogging the limelight, to distract attention away from the men and women in the shadows doing the actual work. Or maybe he’s a narcissistic sexual predator. I don’t know. But I do know that Wikileaks is incredibly important. Don’t let your government take them down!

Julian Assange: what a lovely guy!

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();
Free hit counter
Free hit counter


%d bloggers like this: