hashtag 151 Posted ... Tor users often turn off vulnerable services like scripts and Flash when using Tor, making it difficult to target those services. Even so, the NSA uses a series of native Firefox vulnerabilities to attack users of the Tor browser bundle. One of the top-secret documents provided by Snowen demonstrates how FoxAcid can circumvent commercial products that prevent malicious software from making changes to a system that survive a reboot process. http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity NSA and GCHQ target Tor network that protects anonymity of web usershttp://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption PDFs of the leaked documents:https://s3.amazonaws.com/s3.documentcloud.org/documents/801433/doc1-1.pdfhttp://s3.documentcloud.org/documents/801434/doc2.pdfhttp://s3.documentcloud.org/documents/801435/doc3.pdf Rather than use the highly exploitable TBB on your desktop run these applications inside a virtual machine like VirtualBox or VMware Player. See reference to Tails in the Tor: 'The king of high-secure, low-latency anonymity' presentation. Liberté Linuxhttp://dee.su/liberte Tailshttps://tails.boum.org/index.en.html Whonixhttps://www.whonix.org/wiki/Main_Page Quote Share this post Link to post
InactiveUser 185 Posted ... I agree with virtualization being an additional layer of security.I disagree with TBB being "highly exploitable". The leaked presentation clearly shows that digging up native FF vulns is a pain in the ass, even for the NSA.So, they won't waste such vulns for wide-spread attacks against Joe Blow users. ¹ ³ Also, VirtualBox is not a security product and it's maintained by Oracle, a commercial vendor with an awful track record wrt to code quality and security management. ² --- ¹ Case in point: The FF vuln recently used by FBI for their "Torsploit" was no 0day, it was long patched - which either means they didn't have a better vuln for a more effective exploit - or they didn't want to waste it for this particular attack. ² https://www.whonix.org/wiki/Advanced_Security_Guide#About_VirtualBox³ "The good news is that they went for a browser exploit, meaning there's no indication they can break the Tor protocol or do traffic analysis on the Tor network. (..) you can target individuals with browser exploits, but if you attack too many users, somebody's going to notice." from: https://blog.torproject.org/blog/yes-we-know-about-guardian-article 1 Staff reacted to this Quote Hide InactiveUser's signature Hide all signatures all of my content is released under CC-BY-SA 2.0 Share this post Link to post
hashtag 151 Posted ... Redacted PDF from 2012 describing GCHQ's program of large scale staining of machines to deanonymise Tor and other shared IP users.http://apps.washingtonpost.com/g/page/world/gchq-report-on-mullenize-program-to-stain-anonymous-electronic-traffic/502/ Quote Share this post Link to post
Not connected, Your IP: 3.144.42.196
Online: 22060 users - 258460 Mbit/s total BW