Tor/privoxy/vidalia

[MickeyBlue42]

Hi all

Dont tell me , I know this subject has been discussed to death but can we please give it one more jab...

Anyways,

If I have installed Vidalia ( Tor and Privoxy) in the last 24 hrs. Lets just say I like feeling a bit safer.

Now my question is to the IT wizards and privacy experts:

I understand that now my IP address is protected . ( Up to my ISP at least !)
But what about my e-mail address? What about my general surfing on the net?
Should I keep it enabled 24/7?

I just thought with all my previous years of browsing etc surely 'they' could track me down if they wanted to if my posts seemed worth the effort?

I am not an expert by any means , and I am sure this slows them down but with the thousands of members on here , many who have been members for years, if LEO was really out to bust people via this site , surely the busts would have been in the hundreds ??

Finally , using programs such as this must attract far more attention then anything else?? Its like walking around with a mask on in a park , I mean who would look the odd one out??


http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses

 

[JJScorpio]

When you signed up for your email account, if you weren't using a proxy then your IP showed at the time of registration, along with whatever personal information you gave when you registered the account. I would assume that email suppliers keep this information on file....

 

[Fatsackman]

Yo man,

I've thought of the same thing. What if Mr. Leo made this software to truly see who wants to mask their ip. Wouldn't they think, anyone who does want to mask their ip is up to no good, including terorists, normal websurfers won't need something like this. I've also seen that map that tor brings up and a whole bunch of lines come up, some even come out of the good ol u.s.a. Some proxies on tor even have names coming out of texas and some other places I can't remember at this moment called Whistlersmother. Isn't a whistler a rat? What would whistlersmother be?

Anyone ever seen that movie five fingers? It sucks the way the kidnapped suspect is planning to do what he is. But apply this to other scenarios, what if icmag like many other cannabis sites are just fishing hooks. What if tor is a fishing hook? If you haven't, watch it. I recommend, it gets you thinkin.

I think big brother won't care about my small closet grow. So why use tor in those situations? It would be nice to see a thread about people who grow cannabis that have been busted using the internet.

I got some questions for the techs out there on icmag: Who created tor? How safe is tor?

All I can say is be careful. And remember: Question everything!

Peace

 

[Greensides]

Whistlers mother is an old painting by James McNeil Whistler. Not sure if it has anything to do with rats.

Another post that doesn't help anyone but relays random trivia Hurray!

 

[Echoes]

It's in the Wiki article...

It's in the Wiki article...

Who created tor?

"Tor (The Onion Router) is a free software implementation of second-generation onion routing – a system enabling its users to communicate anonymously on the Internet. Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004. The EFF supported Tor financially until November 2005,[1] and continues to provide web hosting for the project."

-Wikipedia


Your answer was but a click away.

 

[yamaha_1fan]

It would be nice to see a thread about people who grow cannabis that have been busted using the internet.

I dont know if anyone has, thats why there arent any threads about it

 

[MickeyBlue42]

well then you said it Yamaha_1fan... so considering that probably not even 50% of members or probably far less use Tor , then its not really worth it. I will start a poll in Tokers Den and see what happens...

 

[Verite]

"Tor (The Onion Router) is a free software implementation of second-generation onion routing – a system enabling its users to communicate anonymously on the Internet. Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004. The EFF supported Tor financially until November 2005,[1] and continues to provide web hosting for the project."

-Wikipedia


Your answer was but a click away.

Its actually been mentioned here before too.

http://www.icmag.com/ic/showpost.php?p=761872&postcount=27

 

[la resistance]

I use vidalia and tor and it makes me feel a bit safer. Just because they aren't prosecuting people posting on these boards now doesn't mean that they won't in the future and it's possible that the data from you posting could still be floating around the net if that does happen.

 

[Wiimote]

Guys and Gals, don't let Tor lure you into feeling secure. Don't let Tor lure you into thinking you are even slightly "more secure" than someone without Tor (or really any other "product").

You MUST consider ANY AND ALL DATA you (or anyone else) puts on the web about you, to be as secret as if you took out a 30 sec commercial during halftime at the Super Bowl. No exceptions at all.

Tor ONLY protects you from the server you are retreiving data from. Tor routes your request through several different computers to mask the originating IP. That is all the protection that Tor offers. Any other protection promised is relying on the ISP providing the last mile link to play by the rules. In the case of the US, they do not. Your ISP keeps TBs of logs daily, IPs you've connected to, what port, what type of data, etc. Even with encryption a lot more than you think can be gleaned from simple router logs. And if law enforcement is looking at you specifically, ALL data you transfer will be copied to them. Sure, your prob safe from Sheriff Joe Sixpack, local donut junkie, but if you think the Feds can not break your encryption and see EXACTLY what your doing (assuming that they are after YOU personally that is, and not just a sweep) than you are smoking some really good weed and maybe should la off for a while.

So yes, use Tor, but do not let it make you feel secure. Realize that it only protects you from law enforcment raiding the ICmag servers and looking you up in the server logs.

 

[Dankstarr]

What are your credentials

What are your credentials

Wiimote,

Bro What are your Credentials to make such a statement about Web Security/Privacy... ?? Not trying to start a fight or argument, yet show your proof and please put your proof in technical terms...

All info would be highly preciated

Dankstarr

 

[Wiimote]

Since you asked nicely However I am skipping many details so as not to incriminate myself.

I've been working in Network Design, Administration, and Deployment for over 10 years now. Currently I work doing remote network administration. We have over 35 clients, in over 50 different locations, keeping over 7k people online at any given time.

I've also worked as a Sysadmin for a rather modestly sized ISP (just over 300k customers when I left, and I know what records they keep and HAVE to keep). I've also worked with LEO several times in cases regarding "internet crimes" (all save one were stalking/threatening issues, the other was a prostitution ring). I also did some time as a black hat (mostly movie/game pirating as a 2nd tier distributor).

Nothing I've said in my previous post is inside information. None of it can not be figured out by some reading, and a little understanding of how the internet works. If you want to get REALLY paranoid though, look into Eschelon, or TOR nodes being setup by LEO/CIA/FBI/RCMP/etc, or encryption backdoors, or ...

 

[m@rg]

ive stopped using it a few months back now
..cant seem to feel safe using it

 

[green_tea]

its simple as hell...

buy a server in china...

use said server in china.

make sure to buy more than one IP from china (one that you use to connect to, another that you use to access the internet with)

i doubt the NSA / CIA / FBI is going to waste precious cray CPU cycles looking for a specific IP in the terabytes of log files.

say a filtered log query is 2TB

current SAN storage tech is at what? 4Gbits / sec over fiber? lets double that to assume a RAID 0 of two seperate SAN storages (this isnt even taking into account how long it would take the processer to process the logs. though i have a feeling that disk access time is still the bottleneck in the CRAY super computers.)

so were at ~10Gbits / sec...

2TeraBYTES = ~2000GBytes... or 16000Gbits...

16000 / 10 = 1600 seconds or ~20 minutes to just TRANSFER all the data.

do you think they are going to waste 20 minutes of supercomputer time to look for pot dealers? doubt it... they are worried about listening in on conversations for keywords, etc etc etc... those things take a shit ton longer to process than simple numbers.


really the ideal solution if you want to be completely invisible is to purchase a server in china, and maybe a server in Sweden? Netherlands? Australia?

as long as you ahve 2 servers you are set.

you connect to one server (adn remember, the US may see you connect to this server, but they dont see what teh server connects to)

then on that server you route it though the second server. this second server is the one that shows up on all the websites you go to etc.

if they try to trace the IP, it goes to whatever country the server is in... and unless that country gives up teh PC, there is no connection to you, since when they cross reference the IP of the server talking to all the websites to all the IPs you have connected to, it will come up cold, since they saw you only connect to the initial server.

(of course if they can get their hands on either server, your F U C K E D)

this is of course if you are super paranoid...

 

[Rood Spook]

Or.....you could simply use this and be protected. http://anonymouse.org

 

[Wiimote]

Both of these suggestions offer the same lvl of security as TOR/Vidalia. I.e. Not much more than NONE. They both are just "flavors" of TOR. Proxies ONLY help confuse the trail, not hide it. Just like having a bloodhound tracking you, all you can do is hope to confuse the trail, as it will be found no matter what you do.

You guys are forgetting, or not understanding, that NONE of these solutions protect you from "last mile" interception. And last mile is the ONLY place LEO can get you. You see, they have to be able to tie an action to a location, then to a person in order to successfully prosecute. Running ANY sort of proxy means that instead of using router logs to say that YOU sent the data to www.offendingdomain.comeduorg (ALL TCP tranmissions record the originating and destination info in every packet) they only see that you sent data to a proxy server in a different location. Using a proxy makes it harder and more labor intensive yes, but do NOT be fooled that it is true protection. All you are doing is making the job harder, not impossible.

In fact I argue that by using a proxy (especially an anonymous one), that you are asking for your data to be looked into. I know the first thing a network admin thinks when he sees connections going to anonymous proxies is "I wonder what their hiding". If you don't think that LEO gets the same immediate thought, your deluding yourself.

Do some reading on how the internet works, how the OSI model works. Read about HOW people are caught online in most operations (stings). Read up on how much info your ISP does, and HAS to save. Read up on how the RIAA is making their court cases to music pirates. Read up on HOW MANY ISPs roll over and give up log data without any sort of subpeona or warrent.

A long time ago, the internet was the electronic equivelent of the Wild West, but since the powers that be couldn't kill it, they are turning it into the worlds largest survellance network.

 

[Wiimote]

I use the little fish in a big pond security suite. I post no pics, never admit to much of anything, and just go about my life as if I have nothing to worry about. It seems to me that when you try to hide something, you attract attention. So I just keep on doing what I do and pretending I am a normal upstanding citizen.

 

[green_tea]

that all gets tossed out the window when you are using a encrypted connection.

I can care less if they know where I am going to (especially if its a server I own somewhere outside the US) its the data thats being transmitted thats important to keep hidden.

encryption is as secure as you are going to get, and were not going to see a computer that can break some of the newer ones for a long long time (quantum computers can rip apart encryption algorithms, but those suckers are a good 20 years away once Moores law ends up hitting its brick wall. )

When it comes down to it, there is absolutely no way that your local police dept is going to initiate an investigation based on data it was able to obtain about your internet usage, because frankly, most local / state PD's don't have the tech to dig deep enough.

 

[humble1]

forget about the 5-0
savvy jackers are gonna show up on your doorstep with a sawed-off if you're smart enough to post from your grow location....
or if you post pictures that make the investment worthwhile they might just wait outside your girlfriends house (the one you use to "securely" post to your thread from) and follow your money trail.
i'm not talking from experience, just from what i'd do if the money and the mark were right.

peace, love & coco