|
|
|||||||
| Member Intros Discuss Odd man out in the SteroidWorld Bodybuilding forums; Originally Posted by 2425 Relax my brother. Maybe you have got a few flames against you but how could you ... |
 |
|
|
LinkBack | Thread Tools | Display Modes |
|
#26
01-08-2012, 07:10 AM
|
|||||
|
|||||
Quote:
The other poster did raise some good points, he just could have been a little more diplomatic about it. He could have asked, why should we trust these links? Why should we trust the Tor project? These would have been perfectly legitimate questions, and I would not take umbrage in the slightest if someone had asked these. All I can do is tell you why I trust the project; people can either accept or reject my reasons as they will. Conspiracy theories abound on the Net, they're literally a dime-a-dozen. There are people who are convinced that the NSA has quantum computers and that they are capable of breaking every cryptographic system there is out there. (If they did have such resources, it would put the boots to just about every deployed system out there.) There are others who are unshakeable in their belief that Phil Zimmermann (the creator of PGP) put a backdoor into later versions as the quid-pro-quo for the U.S. government dropping its investigation of him, over the export of cryptographic code (i.e. PGP) without a license. I think the investigation into Phil was dropped because the government saw the handwriting on the wall, namely that the legal precedent in the Bernstein case, that source code = speech, was going to be upheld, and this would have rendered the entire U.S. government's cryptographic export control regime unconstitutional. Rather than allow that to happen, they just dropped the investigation, and potential prosecution against Phil. Quote:
The same goes for some of the other organizations recommending/using Tor: Reporters Sans Frontieres (Reporters Without Borders) to name but one. In a talk given by Roger Dingledine and Jacob Appelbaum at the 28th Annual Chaos Communication Conference held from December 27th through December 30th, 2011 in Berlin, they described how dissidents in repressive regimes use Tor to protect themselves. Jacob Appelbaum related the following story: Quote:
I've seen academic papers, (details below) where the author bemoans the fact that the Naval Research Laboratory "lost control" of Tor; the author bemaons the fact that it could be used by criminals and terrorists. Quote:
To read this article will set you back a cool $31.50, if you wish to purchase a copy from Elsevier publishing. However, you can see a .pdf copy of this article at Cryptome.org, at the following URL: http://cryptome.org/isp-spy/TOR-spy.pdf Quote:
Now, on the subject of VPNs, I've been looking into those due the particular political circumstances in this country (more on that below). When you boil it down, VPNs are essentially a one-hop, encrypted proxy. VPNs are perfectly fine for hiding one's activities from non-state actors. However, anyone who believes that employing a VPN to conceal their activities from law enforcement is going to protect them is deluded. This was most recently demonstrated in the case of two members of Anonymous. One (or both) unwisely admitted, in an IRC chat, to using HideMyAss.com, a U.K. VPN provider. Within a day or two of that admission, HideMyAss was presented with an order from a U.K. court to reveal the identities of the two alleged members of Anonymous. Once unmasked, they were quickly scooped up by the FBI. Mirrorshades 
|
|
#27
01-08-2012, 11:11 AM
|
||||
|
||||
|
Quote:
Good post my man. As far as vpn I mean from getting banned from the board I dont think people on here could find you. Also I employ my own vpn techniques I would never trust someone who writes code to help you hide (never trust a thief) LOL! Later my brother and thanks for the informative post.
|
|
#28
01-08-2012, 11:41 AM
|
||||
|
||||
|
How does Hidemyass work for torrents? Do they kneel down and suck the mpaa when they want identities? Are there any vpns that don't keep logs?
__________________
All my answers should be used for pretend purposes only.
|
|
#29
01-08-2012, 01:01 PM
|
||||
|
||||
|
Quote:
|
|
#30
01-08-2012, 07:28 PM
|
||||
|
||||
|
Quote:
__________________
All my answers should be used for pretend purposes only.
|
|
#31
01-08-2012, 08:20 PM
|
||||
|
||||
|
Quote:
|
|
#32
01-08-2012, 09:38 PM
|
|||
|
|||
|
Quote:
|
|
#33
01-09-2012, 08:12 AM
|
|||
|
|||
|
Quote:
Are there any VPNs that don't keep logs? I very sincerely doubt it. The main point to remember here is: No provider is going to defy a court order issued in their jurisdiction. Whether there is room for the provider to fight any such order or not depends on the individual circumstances. Now mind, I'm not a lawyer, I'm not even an American, but my layman's understanding of U.S. law is this: a subpoena can be fought in court, a search warrant cannot. To take one example, Google fought an attempt by then-Attorney General Alberto Gonzales to subpoena Google for massive amounts of information about their users, in particular, which users searched for pornography. Google fought that subpoena in court, and won. Sometime last year, there were a series of animated cartoons posted to Youtube and elsewhere, created by an allegedly disgruntled Renton, Washington police officer, using the handle "Mr. Fiddlesticks". These cartoons lampooned the force, and aired quite a bit of their dirty laundry, including officers' actions investigated by Internal Affairs. The police chief responded by attempting to have the videos taken down, which led to their being spread all over the net. Next, the chief arranged for a judge to rubber-stamp an search warrant ordering Google to hand over the information associated with the GMail account, MrFiddlesticks@gmail.com. Google was unable to fight this, as it was a search warrant; if it had been a subpoena, Google would no doubt have attempted to fight this in court. However, because it was a search warrant, they had no option but to comply with the order. Unfortunately for the chief, in the final analysis, the IP address turned out to be that of a hotspot, so the trail was a dead-end. Twitter is another example of a company that will fight for its users. In its investigation of the Wikileaks affair, the DOJ attempted to subpoena Twitter for information held by Twitter about five users: Birgitta Jonsdottir, Ron Gonggrijp, Jacob Appelbaum, Bradley Manning and Julian Assange. The final ruling was just handed down the other day, and Twitter lost. (The court case had been ongoing for about a year.) Not many companies will go to these lengths to protect their users' privacy. Unfortunately, many of them will roll-over on you at the first flash of a badge. Now, as far as VPNs and logs are concerned, let me tell you a little (true) story in that regard. Several years back, the FBI, Interpol and the Australian police busted-up a kiddie porn ring. About 22 of the 60-odd members were arrested. All those arrested had one thing in common (aside from indulging in kiddie porn) -- they were all customers of a VPN service called Privacy.Li. Privacy.Li stated that they "kept NO logs" and that they were located outside of U.S. jurisdiction. When push came to shove, their 'privacy' provider rolled-over on them. Moral of the story: I wouldn't count on any VPN if I were doing something illegal. Now, you could argue (and you would be completely correct) that child pornography is a heinous crime -- no argument with you there. You could also argue that copyright infringement is a purely civil matter -- in the past, I would have agreed with you. However, over the past number of years, the situation has become more nebulous. In some circumstances at least copyright infringement can now be deemed a criminal offense. The RIAA/MPAA have pushed hard for this, as it transfers the cost of enforcement from their own pockets to that of the public (courtesy of law enforcement.) Using a VPN may provide you with protection, but there are absolutely NO guarantees. Furthermore, to complicate things. a lot depends on where you live. In the United States some judicial circuits have proven more receptive to these massive sue-em-all "John Doe" suits than others. In Canada, several years back, the Federal Court threw out a number of suits brought by rightsholders against alleged copyright infringers where the sole data were the IP addresses of the alleged offenders. I seem to recall that these suits were thrown out on the basis that the IP addresses alone were not sufficient evidence to proceed. Last year, in 2011, some suits have been filed against alleged infringers, for allegedly pirating the film, The Hurt Locker. I'm not sure what led to the change in policy, whether it was a change in the law, or a higher court ruling. Previously, Canadians had been largely immune from such suits as were common in U.S. courts-- this does not appear to be the case any longer. Possibly as a result of those Federal Court rulings a few years back, the government in Canada, sometime in the next six months or so, will introduce their so-called "lawful access" legislation. The justification trotted out by the government for this appalling legislation is (as is to be expected) child pornography and organized crime. Under current legislation, a Canadian ISP can voluntarily hand over a customer's information on request; this is frequently done in cases of child exploitation. If, for whatever reason, the ISP refuses to hand over the information, the police have to get a court order. After lawful access is passed, the ISP will be required to hand over the customer's information, on request. What this means is that given a customer's IP address, the police will be able to demand the customer's: real name, address, phone number, email address and a boatload of other information. ISPs will also be permitted (as opposed to required) to hand the same information over to private investigators. What this means is that any Canadian Internet user will be able to be unmasked by the authorities more or less at will. (This may be the final nail in the coffin for Hushmail.) Finally, you might wish to hav a look at the following TorrentFreak articles: Which VPN Providers Really Take Anonymity Seriously? Last month it became apparent that not all VPN providers live up to their marketing after an alleged member of Lulzsec was tracked down after using a supposedly anonymous service from HideMyAss. We wanted to know which VPN providers take privacy extremely seriously so we asked many of the leading providers two very straightforward questions. Their responses will be of interest to anyone concerned with anonymity issues. https://torrentfreak.com/which-vpn-p...iously-111007/ VPN Providers Mull ‘Fraudster’ Database In Wake of Lulzec Fiasco Last month it became clear that an alleged Lulzsec member who had carried out attacks on various organizations including Sony and the UK’s Serious Organised Crime Agency, had used an ‘anonymous’ VPN service supplied by HideMyAss. According to documents obtained by TorrentFreak, VPN providers worried by the bad publicity are now considering data sharing to combat ‘fraudsters’. https://torrentfreak.com/vpn-provide...fiasco-111006/ What’s The Best VPN / Proxy for BitTorrent? Privacy is important on the Internet, and BitTorrent users are certainly not excluded. Already, hundreds of thousands of BitTorrent users have decided to hide their IP-address to the public, and more are joining every day. Some use specialized BitTorrent proxies and VPNs like BTGuard, but there are many other options. Unfortunately, however, not all VPNs [...] https://torrentfreak.com/best-vpn-pr...orrent-110618/ Mirrorshades
|
|
#34
01-09-2012, 09:30 AM
|
|||
|
|||
|
Quote:
As I alluded to in another post, in the first case, (the one I have the most documents for) out of some 60-odd members, only 22 were ever located and arrested. (All of the 22 apprehended were convicted, and are currently serving time -- the other 40 or so are still at large.) In this case, the alleged ringleader re-appeared about a year after the busts, and tried to explain what went down. In particular, they stated that everyone who used a VPN (Privacy.Li) was apprehended, those who used Tor and/or Anonymous remailers remained free. The second case involved something called "Dreamboard" -- according to the Wikipedia entry for "Operation Delego": Quote:
1) In child pornography/child exploitation cases, police officers are understandably highly motivated to do everything in their power to apprehend the perps and rescue the kids; 2) International cooperation is a given -- there are no 'safe harbors' when it comes to this type of crime. 3) Resources are not an issue -- whatever is needed in the way of money, manpower and equipment is expended to get results. Notwithstanding all the foregoing, only a fraction of the perpetrators can be identified, located and apprehended. Mirrorshades
|
|
#35
01-09-2012, 10:16 AM
|
|||
|
|||
|
Quote:
__________________
The measure of a man is what he does with power. - Plato
|
|
#36
01-09-2012, 12:49 PM
|
||||
|
||||
|
Quote:
Good info bro thanks. I find alot of people that do not want to be caught do not even us their own ISP. I think most of us who know very little could break wireless security. Probably the best way not to get caught. Not that I have ever done it (fingers crosssed LOL). Obviously no where near your own house.
|
|
#37
01-12-2012, 02:24 PM
|
|||||
|
|||||
|
Quote:
Quote:
1) Such measures are generally NOT necessary, unless you are already under surveillance, or you are at high risk of being surveilled (e.g. your friends/colleagues/associates are already being investigated); and 2) Unauthorized use of a WiFi connection is considered in many jurisdictions as a computer crime in and of itself; and 3) If not carried out properly, you increase the risk of your activities being detected, See some examples below, as the end of my post. At the risk of being repetitive, I once again have to return to the superb research carried out by Christopher Seghoian, whom I have written about elsewhere. Some of the documents Mr. Soghoian has obtained through his numerous Freedom of Information Act (FOIA) requests, are quite illuminating. He discusses his research in the following presentation from Defcon 2010, which can be viewed at YouTube: https://www.youtube.com/watch?v=jJDCxzKmROY In a nutshell, his findings are as follows: The vast majority (86%) of wiretaps are for narcotics offenses: Quote:
1) That these types of wiretaps require what is referred to as a 'super warrant' -- the police must have probable cause to show that a crime has been committed plus they must also be able to demonstrate that other methods to obtain the information they are seeking have been tried and failed; and 2) That most of the requests come from two states: New York and California. Both states have task forces of officers who are specially trained to apply for and obtian these warrants. Primarily, these officers operate out of special units in New York, LA and San Francisco. 3) Surveillance of phones continues to increase every year, primarily due to the States. Surveillance of computers is effectively nil. In 2009, 95% of all intercept orders were for a portable device. Electronic intercepts (i.e. computers) for 2009 account for something like 5-10 a year combined for both Federal and State. 4) Mr. Seghoian askes the question, "Why are there no network wiretaps?" He points out that it is easier for law enforcement to access stored communications such as email, search queries, and the like. As he says, "Why tap your ISP in real-time when your email provider will readily give up the files later?" Look at it from a law enforcement perspective: Real time electronic surveillance: - Expensive -- requires leased line to ISP datacentre - Hard to get -- requires complicated 'super warrant'; only available if all other methods have failed. - Requires scarce resouces -- requires specialized equipment/expertise to sift though gigabytes of TCP traffic; (in technical terms, a tcpdump.) Why bother with all that, when: - Email is easy to get -- under the Electronic Communictions Privacy Act (ECPA) and the Stored Communications Act (SCA) email 180 days old or less requires ony a warrant to access; email 181 days old (or older) can be handed over on request. - Traffic analysis information/Pen Register info, i.e. who you've been communicating with, requires only that the information have "relevance to an ongoing investigation". Pen register info includes: - IP headers - To/From: for email - Phone numbers dialed - In some cases, URLs visited - Real-time geo-location data (when accompaned by an 18 USC 2703(d) order. When you think about it, from a law enforcement perpective, email is a bonanza, the motherlode, when it comes to information: - Email(s) are written by the suspects themselves; essentially, emails containing incriminating information are, for all intents and purposes, a confession. - They are conveniently indexed by Subject: line - They each bear a time/date stamp, so there is never any doubt about the order of events, or when precisely when something was said So, realistically, they don't lose very much by not monitoring your communications in real-time. Now Let me cite some examples of how people have been apprehended for using other people's WiFi: Case #1: Quote:
Essentially what happened here was that the man had done the same thing for about a week, i.e. parking in front of the coffee shop to check his email. Peterson stated there was no request for a password, there was no indication that the network was anything but free and open. What Peterson could not possibly have known was that the local police were on the lookout for an online stalker, whose victim was a local hairdresser, so when police got a call from the barber shop across the street, citing suspicious behavior, they acted on it. If Mr. Peterson had been a customer of the coffee shop, the police would not have had justification to lay charges. That said, because they were investigating a case of online stalking, that may have provided them with legal justification to search his computer. Please remember: currently, in many states, in an interpretation of the so-called "plain sight" rule, a suspect's electronic devices may be liable to search and/or seizure. This is been done in some jurisdictions even pursuant to something as innocuous as a traffic stop. (Another reason, as if any is needed, why carrying a smartphone is a bad idea.) Quote:
Case #2: A man is spotted for a few nights in a row, parked on a street. He is observed sitting in his car, due to the illumination from his laptop screen. Given the lateness of the hour, neighbors presumed he was up to no good, and called the police. Police respond to the complaint, and the man is ultimately charged with unauthorized access to a computer network. Case #3: Man in Japan is accused of hacking into his company's network An apparent disgruntled employee was arrested for hacking into his company's network. Apparently, he made the mistake of going to the local McDonald's, where he used their WiFi, and paid for his Big Mac with his credit card. His employers were able to tie the times of the hack to the times he spent at the McDonald's. Furthermore, his credit card confirmed the fact that he had eaten there, and the date/time of the purchase were recorded, and as the final nail in his particular coffin, he was recorded on surveillance camera in the store. Needless to say, this was/is the wrong way to go about it. If you wish to stay below the radar of both the police and the public, you have to observe a fundamental principle -- you have to blend-in -- you have to avoid attracting attention to yourself. It is possible to use WiFi safely and anonymously -- the case of the disgruntled cop from the Renton Washington force who used he handle "Mr. Fiddlesticks" proves this. In his particular case, using a public WiFi hotspot was a necessity -- because he knew that as a member of the force, his home Internet connection might be monitored, so he had to make sure that there was nothing that could possibly point back to him, if investigated. Moral of the story: If you mustuse a hotspot, preferably make use of one far away from home/work, pay for your coffee/meal in cash and wear a hat to help foil surveillance cameras. Mirrorshades
|
|
#38
01-20-2012, 06:29 PM
|
|||
|
|||
|
Quote:
__________________
The measure of a man is what he does with power. - Plato
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
