logs archiveIRC Archive / Oftc / #tor / 2015 / October / 11 / 1
cajuntechie
Is there a specific time my relay can be down before it loses weight and also restarts its 'uptime' count in Atlas? I need to update some stuff on the server and restart (about 3 minutes total) but don't want it to damage my relay's stats.
sylene
does IRC block tor users?
cacahuatl
Not all IRC networks but some of them do, yes.
sylene
it took me a while to connect via tails/tor a few reboots
meejah
sylene: for OFTC, tor is allowed but sometimes some exit-nodes are (auto-)blocked because someone was a jerk
freenode still just blocks tor connection, I believe
cajuntechie
I ran into 3 blocked exits to OFTC when I was trying to connect. And Freenode does provide an .onion point into the network but it's down right now.
sylene
what does one do in the darknet web world? I'm experimenting/learning
cajuntechie
sylene: Browse websites, use services, have discussions on discussion boards and chat, do email, etc. Many of the types of things you can do on the regular web you can do on the darknet. You just have to find things.
sylene
lol cool, its just feels illegal even though I am not doing anything
         

cajuntechie
A lot of people feel that way. It has a "weird spy/covert" vibe about it to some people. Get over that. There's nothing illegal in and of itself.
cacahuatl
Consult your local laws about use of cryptography.
sylene
cacahuatl: how do you mean?
cacahuatl
Some countries have funny laws about cryptography, you'd be better placed to know or find out if you are affected laws against the use of strong cryptography.
sylene
cool, I dont know anything about cryptography though
cajuntechie
You don't have to. Tor uses strong crypto. If it's illegal in your area, using Tor might be illegal too.
sylene
ah
torQUES
I tried more than 20 banned tor exit nodes until OFTC connected
cacahuatl
There was abuse earlier, that's probably why.
torQUES
I used NEWNYM signal to change circuits
I hope when tor will use shorter keys they will not ban the tor network so often ;-)
nicoo
torQUES: What would that even change?
torQUES
I don't know, but I don't trust encryption keys <256 bytes
a good encryption key must be long enough and true random - I don't trust any deterministic algorithms used for key generation
Lodaga
got some KVM-related question. Any hardware savvy around ?
what you guys think on the use of a KVM to switch between personal PC and anon/activism/sensitive-baed PC ...
toQUES ?
torQUES
I don't know what KVM is
Lodaga
oh
torQUES
is related to tor?
Lodaga
its a device that let you use one keyboard/mouse/monitor to control 2 or more system
yea indirectly
the question could be directly related to tor if I'd reformulate to: is using KVM with Tor Safe ?
thorazine
Lodaga: depends on how likely you are to type and hit enter before realizing you're on the wrong system
Lodaga
thorazine: this is human mistake.. I'm talking about binary vulnerability
like onboard buffer data leak
flash memory unflushed
thorazine
KVM generally has no memory or buffers
         

Lodaga
non-properly isolated channel causing data leak between 2 port
well many has..
thorazine
just enough smarts to convince the PC you switch away from that the keyboard is still connected
Lodaga
I wish I could pick one that has none
thorazine
unless you're talking about one of the many-headed networked kvms
Lodaga
non-ip kvm
take a look at this video: http://www.tripplite.com/main/video-player/videoID/baee131190bf4ed39d8870fb3031fd3e/videoType/video/popup/1
it briefely explain the 3 most common vuln in today's kvm
nicoo
torQUES: "I don't trust any deterministic algorithms used for key generation" -> Yet you seemed proud to have implemented your own PRNG ...
Lodaga
but I wonder if NIAP-certified KVM are enough (being that NIAP is an NSA certification doesn reassure anyone..I'd say)
tacky
any simple, old fashioned (i.e. "dumb") kvm switch would be fine, of course, assuming you can handle the required, concomitant operational security. for all practical security purposes, the fact that you're using a kvm switch is irrelevant.
torQUES
nicoo: my trusted PRNG is simple and classic: flip the coin for every bit using 5 uncorrelated hardware volatile variables - I said I don't trust the key generation using some sophisticated mathematic formulas
Lodaga
tacky: tacky, why do you say using a kvm is irrelevevant for security purposes ?
tacky
entropy is a counter-intuitively hard problem. the old adage about implementing one's own ciphers certainly applied to implementing one's own PRNGs as well.
Lodaga: because it's just a keyboard, mouse, monitor toggle. whether you move your hands and or body to another box or flip a switch is irrelevant. there is no qualitative difference.
Lodaga
I'd love to know some alternative.. the problem is pretty damn simple.. one want to use a single mouse/keyboard combo to control both his personal and anon-dedicated system (which is a simple Live Tails on USB stick, running on a seperate tower
tacky: I see .. but what about all the point mentioned in that video www.tripplite.com/main/video-player/videoID/baee131190bf4ed39d8870fb3031fd3e/videoType/video/popup/1
thorazine
Lodaga: it would probably help if you tried to explain the point yourself. people hate watching videos when using irc
Lodaga
memory leak from channel to another, particularly... can this be avoided by using PS2 connector instead of usb ?
ok
well there are some known data leak vulnerability in using kvm switches..
tacky
I have an old 4 system kvm switch that i haven't used for well over a decade. the alternative I use is to run the anon system in a Linux KVM (not to continue to be conflated, of course - lol). regardless of method, the rub is in operational security, assuming sufficient technical skills.
Lodaga: yeah, thorazine is on point. no offense, but i'm not watching that. i have limited, expensive bandwidth.
thorazine
Lodaga: a thing to keep in mind is that if your "unsafe" system has been exploited to the point where they are spying on your kvm to gain access to your "safe" system, you are already fu*ked
Lodaga
don't you fear data leaking between port (channel) switching ? causing instant identity crisis flaw
sorry non english-native here
ailleen
Lodaga: Be more worried about all those pesky hardware backdoors (intel ME)
thorazine
Lodaga: if someone has hacked one of your computers to the point of spying on your kvm then you are already in trouble
Lodaga
thorazine: not in that scenario
tacky
Lodaga: maybe in modern, "smart" crap (i hate that sh*t), but not in old, physical switches.
Lodaga
thorazine: lets pretend a raid for exmple
thorazine
Lodaga: my point is that they don't raid you unless they've already got stuff on you
Lodaga
following seizure of both personal and anon-dedicated equipment
true..
thorazine
and they don't hack your computer and install spyware unless they already have evidence and just want more
if you'
ailleen
eh thorazine can't say that, russians are dedicated.
tacky
Lodaga: I don't fear. Fear is a reaction to lack of knowledge/understanding. ;)
thorazine
if you're seriously worried about info leakage across computers via kvm you should reconsider even having the two computers in the same house
ailleen
^ Not connected to the same network at least
Lodaga
and knowledge still can't be acquired efficiently ... lacking knowledge then is a constant
torQUES
btw I read the feds papers about the silk road seizure - they bought 200 times stuff from the website to track the bitcoins and finally they seized computers in USA, Icelad and France and 30 millions USD about bitcoin cash in computers - they simply followed the money and busted Ross ;-)
Lodaga
thorazine: figure out that scenario where your anon-rig/setup is pretty damn "safe" ... the question is .. is adding up a kvm in between might causes Anon activity leak to my non-anon pc ? ....
ailleen
Lodaga: This is like the guy is is scared of people using the 'way people type' to identify them. Yes this is an attack vector, but if you look at who you are being oppressed by and the tools (cost) they will use to attack you, you will realize hacking your crap windows box to exploit the kvm and spy on private time is only exploited by non free hardware, and why all that sh*t should be avoided.
Lodaga
maybe I should just not use kvm and forget about it... still I was curious to know your though on that matter
thorazine
Lodaga: the only safe anon rig i have been able to come up with is a solar-powered wifi-enabled raspberry pi tossed onto the roof of a mom&pop coffee shop with open wifi
from which you can mostly safely serve a tor hidden service
provided you handled it with gloves
ailleen
rbp has non free hardware to boot which for all you know could have a network stack exploit
Lodaga
I guess you're right..
tacky
lacking some knowledge is a consistent variable, at least, but doesn't make a known algorithm unworkable; the problem only arises with an unknown algorithm. anyway, i'm not subject to it. everyone's different.
ailleen
all about who you are being oppressed by, local cops (maybe even hackers) be fu*ked for sure.
Lodaga
I bet the only reason I think a system is safe is when I lack to know of the other vulnn
ailleen
Lodaga: Do you run a proprietary intel wifi card with ATM?
tacky
the d[r]ead pirate leacked his sh*t before he even went live. it was an operational failure at heart. everything else was ancillary.
Lodaga
ailleen: no wifi on the anonbox
thorazine
Lodaga: if you want a safe anon system for personal use, buy a used netbook with cash, running only tails, and used only at public wifi hotspots
tacky
s/leacked/leaked/
thorazine
and never use it at home
Lodaga
ailleen: I know you think (then using your own local network is worse)
thanks all .. good talk
tacky
(Action) would have more fearness of stylometry than a kvm switch, to be sure, if fearness had. ;)
« prev 1 2 3 next »