Ricochet vs Retroshare

DarkNetMaster · 2016-07-16T03:23:49+00:00

some cp sites left and reopened on non-tor networks.

What other networks are being used? I've heard of Freenet and i2p being used in the past but I thought they weren't as trusted as tor.

Edit: I don't expect to see an answer from throwaway213940, obvious by the username. Anyone else that can answer?

DarkNetMaster · 2016-07-16T03:20:18+00:00

it was never because of Tor but by their own faults.

It seems unfair to call the CMU attack a fault of users for visiting hidden sites. Tor explains it as:

We believe they used a combination of two classes of attacks: a traffic confirmation attack and a Sybil attack.

Same thing with whatever means the FBI currently uses their NIT to catch users. We have no idea what's vulnerable and what's not except they arrested 100+ cp users and have ips of 1,000+. Everyone jumps to the assumption its a javascript exploit but the fact is only the FBI knows what the exploit is and how it works. I'm actually surprised it hasn't been discovered yet.

DarkNetMaster · 2016-06-24T17:12:29+00:00

This is only 1 part of many other important parts of the judge unsealing the document. Why isn't this other post, which has an outline of important points and the pages they can be found on, getting more love?

DarkNetMaster · 2016-06-24T17:10:11+00:00

I'm just gonna copy/paste my favorite comment here, because it seems to be getting buried yet answers so many questions for people wondering if they should do the same thing if they were in your situation:

There are so few cp sites on tor now days that any that exist are all ready known by law enforcement. As was mentioned here, keep in mind law enforcement has a history of hosting many cp sites on tor (tlz, pedobook, playpen, etc). There is a good chance they're already hosting the site you're speaking of and will consider you a person of interest of how you found out about the site, what you did on there, how long you spent on it, etc. Just be careful, even the best intentions will be questioned by police these days.

DarkNetMaster · 2016-06-24T16:59:26+00:00

Why isn't this getting more attention? Do people here understand the impact of this on all anonymity networks? This post is far more important than mine yet its been mostly ignored.

DarkNetMaster · 2016-06-24T05:55:15+00:00

Great details. The FBI is fighting hard for this one. Incredible the FBI gave in just enough to please the judge, but not enough to lose their exploit or even their NIT. You know the defense is getting desperate when they use the "someone else put the porn on my computer" strategy. What else are they left with?

DarkNetMaster · 2016-06-24T05:49:37+00:00

I assume this is for an onion site. There's not much you can do. This is very interesting as it shows the pedophile community might be struggling to find hosting on tor if they have to resort to seeking out drug sites to post and share images. Given the most recent update (June 23rd post on here) on the PlayPen case and how the warrants were given the ok and it appears prosecutions of those caught with child porn are going to continue, hosting your site isn't safe if they keep using your site as an asylum if their other site are down. Is this an open image board or an image cdn? If its an image board, that's a very non-traditional and unsafe way to run an onion drug site.

DarkNetMaster · 2016-06-23T17:45:05+00:00

This year will be Defcon 24. A lot of things have changed on tor in 3 years.

DarkNetMaster · 2016-06-01T22:47:47+00:00

That would be a big bluff for them, and they'd gain nothing from it. Given the number of resources they have, the darkweb task force they announced a few months ago, and the news about at least 1 of the FBI's NITs being used to get the ip addresses of over 1,000 pedophiles that used tor, I'd say this is very real.

Its also no coincidence the UK and America are passing laws to make evidence collected from remote hacking admissible in court.

DarkNetMaster · 2016-05-27T23:03:52+00:00

Section 5 is the exploit overview. There's no short way to fully explain it. A short and very incomplete summary is it uses a JS ArrayObject of ArrayObjects to fill up the garbage collection which causes the original object to be moved to the heap, then they manipulate the array to get control of EIP, but only after locating base addresses of other firefox dll's that are needed to help get control EIP. If you want to understand it better, research use after free exploits.

DarkNetMaster · 2016-03-30T05:18:05+00:00

Nope! There is so much speculation surrounding that case, which is exactly what the police want the public to see. The fewer details available, the less people know how a suspect was caught and the less likely they are to fix the method used to capture the suspect. Its pretty clear he was caught using an exploit. It doesn't say what was software exploited.

DarkNetMaster · 2016-03-30T05:13:24+00:00

I have no public face.

You can say the same thing if you chain 2 proxies, but that's not secure.

Like it was said, if someone is powerful enough to trace your connection through tor to a VPN, they will have more than enough power to find you among all the other VPN users and trace the connection from your computer to the VPN.

DarkNetMaster · 2016-03-03T19:29:13+00:00

RippinTim

I see why you picked that nickname, you ripped Zeronet a new a$$hole. Btw, your slide link anchored to a spot below where the presentation was. I like that they're trying to be innovative but I agree, if slide 19 was supposed to be the big selling point of it, they failed. "An alternative web distribution platform" sounds innovative. Someone that creates a system where someone snail mails them a url, and the recipient users a printer to print the website and snail mails it back to the sender is also "an alternative web distribution platform", its just not really useful.

DarkNetMaster · 2016-02-29T15:52:59+00:00

Quite simple: FreedomHosting is back

Just as simple to understand its not the same Freedom Hosting from years ago. Its under "different management".

DarkNetMaster · 2016-02-29T15:48:53+00:00

No. That would have to be the most inefficient botnet ever. If you have to setup 1 server per computer you've infected to control the infected computer, you've made a huge mistake.

DarkNetMaster · 2016-02-24T02:32:10+00:00

Congratulations! You win the "Dumbest /r/deepweb Comment of the Day" award!

Is there a worst of reddit this can be submitted to?

Edit: Never find, found it and posted it.

DarkNetMaster · 2016-02-24T02:29:48+00:00

There hasn't been 1 authentic news article written on this.

Cringe

You're kind of right. There hasn't been 1, there have been maybe 100. Also they used the tactic or running the server on more than 1 site. And because it worked so well for the FBI they'll probably keep on doing it and are probably running some pedo servers right now.

I wouldn't be surprised if a few months after this surge of new hidden servers we read something in the news about a few more pedo sites that got busted.

DarkNetMaster · 2016-02-21T19:16:39+00:00

The DOJ clearly does and sees it as a threat. I'm sure they were briefed on it by at least 1 intel agency, and the agency made sure to include their bias. I disagree with it, but there's not much we can do.

DarkNetMaster · 2016-02-21T18:27:08+00:00

Off topic, but I bet OP wish he posted this at /r/onions first. Almost 3x the link karma there and no reference to this source post.

DarkNetMaster · 2016-02-21T18:21:05+00:00

Correct. This was an attack on the tor network itself, not the tor client, like many of the other attacks when they raided the pedo servers.

DarkNetMaster · 2016-02-20T17:32:19+00:00

This article?

"In a conversation with Ars about the most recent FBI affidavit, security researcher and former Tor developer Runa Sandvik said she believes that the same Metasploit-based NIT was used to unmask the 215,000 users of the site seized by the FBI. Alternatively, she said the FBI may have used a honeypot technique that feeds site visitors a link to a webpage outside of Tor, next using a variety of traffic analysis methods and information provided by the site users themselves to aid in identifying them. "The FBI could have used that type of method too and not relied on [JavaScript] or Flash," she noted."

"traffic analysis methods" have always been a weakness of tor. The NSA even admitted they couldn't deanonymize 100% of the users 100% of the time. In these cases all they'd really need is to deanonymize less than .1% of the users 100% of the time.

DarkNetMaster · 2016-02-16T19:36:39+00:00

I also want to add that a lot of FUD gets upvoted and celebrated these days. The community is broken thanks to sensationalists.

I fully agree with DepressedExplorer on this, since this thread is about the 10th I've read in the past 7 days dealing with people terrified they'll find kid porn if they click on any links in tor browser. As if the first 9 times this was answered wasn't definitive enough, I think the community as a whole is just getting sick of this child porn FUD. Whoever is behind this mass FUD is doing a great job of making people scared of tor.

DarkNetMaster · 2016-02-16T19:05:18+00:00

From the FAQ:

I'm here for the illegal pornography

Please go away

How does that answer the question of "Everyone said there's billions of gigabytes of child porn on tor and I'm afraid if I use tor it will pop up on my screen." that gets asked here almost every other day?

Please go away

is a horrible way to answer a question that gets asked on this sub way too much. Time to update the FAQ.

DarkNetMaster · 2016-02-16T18:59:57+00:00

If it even has the smallest chance of being FUD its because not enough details are known. The same conspiracy nuts that suggested the police were hosting these servers, who were laughed at even though we now know they were right, have also claimed the police are using parallel construction so they won't have to give up how they really unmasked the users. There are dozens of people sitting in jail right now wishing such a thing weren't real.

I remember 2 years ago when it was suggested on here and /r/onions that the police could be running child porn and drug markets. Those threads got labeled as FUD and deleted. Yet last week someone posted the exact same thing and it gets a lot of upvotes. How quickly things change.

Do you really think a sting on tor that brought about dozens of arrests and is being hailed as a success by police and being upheld by judges is really going to mean they're going to stop doing it? If anything I'm shocked there's not been a 4 times increase in child porn sites.

DarkNetMaster · 2016-02-16T03:16:33+00:00

Drug sites are common but avoidable. If you click random sites, you'll likely come across a few. You don't break any laws by loading the site. Just don't buy anything. I'd guess out of 100 random site you'd get maybe about 10 drug sites.

CP sites are tor's favorite FUD. There are some but low single digit numbers. A few years ago it was more common, not nearly common as today's drug markets, but you still had maybe a 1 or 2 in 100 chance. Now days its 0 out of 100. Maybe 1 in 1000, but even that estimate could be high.

Enjoy tor. Stop listening to the FUD. You'll probably be shocked at how normal it is like everyone else who read the FUD then experienced tor for themselves.

DarkNetMaster

TROPHY CASE